Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.MARINER_KERNEL_CVE-2021-43389.NASL
HistoryMar 20, 2023 - 12:00 a.m.

CBL Mariner 2.0 Security Update: kernel (CVE-2021-43389)

2023-03-2000:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
JSON

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-43389 advisory.

  • An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(172784);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/08/30");

  script_cve_id("CVE-2021-43389");

  script_name(english:"CBL Mariner 2.0 Security Update: kernel (CVE-2021-43389)");

  script_set_attribute(attribute:"synopsis", value:
"The remote CBL Mariner host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore,
affected by a vulnerability as referenced in the CVE-2021-43389 advisory.

  - An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in
    the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2021-43389");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-43389");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/11/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/11/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:microsoft:cbl-mariner");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"MarinerOS Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CBLMariner/release", "Host/CBLMariner/rpm-list", "Host/cpu");

  exit(0);
}
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/CBLMariner/release');
if (isnull(release) || 'CBL-Mariner' >!< release) audit(AUDIT_OS_NOT, 'CBL-Mariner');
var os_ver = pregmatch(pattern: "CBL-Mariner ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CBL-Mariner');
os_ver = os_ver[1];
if (! preg(pattern:"^2([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'CBL-Mariner 2.0', 'CBL-Mariner ' + os_ver);

if (!get_kb_item('Host/CBLMariner/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu)
  audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CBL-Mariner', cpu);

var pkgs = [
    {'reference':'kernel-5.10.78.1-1.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'kernel-5.10.78.1-1.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = 'CBLMariner-' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel');
}
VendorProductVersionCPE
microsoftcbl-marinerkernelp-cpe:/a:microsoft:cbl-mariner:kernel
microsoftcbl-marinerx-cpe:/o:microsoft:cbl-mariner

Related

cbl_mariner 2
prion 1
debiancve 1
redhatcve 1
cnvd 1
ubuntucve 1
veracode 1
cve 2
photon 2
nessus 44
suse 4
mageia 2
ubuntu 8
cloudfoundry 4
osv 14
debian 3
rocky 2
slackware 1
oraclelinux 1
almalinux 1
redhat 7
oracle 1
cbl_mariner
cbl_mariner
CVE-2021-43389 affecting package kernel 5.10.78.1-1
2022-04-09 06:52:47
CVE-2021-43389 affecting package kernel 5.10.189.1-1
2021-12-17 20:10:00
prion
prion
Out-of-bounds
2021-11-04 19:15:00
debiancve
debiancve
CVE-2021-43389
2021-11-04 19:15:00
redhatcve
redhatcve
CVE-2021-43389
2021-11-06 17:30:42
cnvd
cnvd
Linux kernel array index out-of-bounds vulnerability
2021-11-05 00:00:00
ubuntucve
ubuntucve
CVE-2021-43389
2021-11-04 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-01-20 06:19:59
cve
cve
CVE-2021-43389
2021-11-04 19:15:00
CVE-2021-3896
2021-11-04 21:15:00
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0449
2021-10-28 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0325
2021-11-04 00:00:00
nessus
nessus
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1243)
2022-02-25 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3807-1)
2023-07-13 00:00:00
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3933-1)
2021-12-07 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2021-11-25 00:00:00
Security update for the Linux Kernel (important)
2021-11-24 00:00:00
Security update for the Linux Kernel (important)
2021-11-16 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2021-11-11 18:02:40
Updated kernel-linus packages fix security vulnerabilities
2021-11-11 18:02:40
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-01-06 00:00:00
Linux kernel regression
2022-01-12 00:00:00
Linux kernel vulnerabilities
2022-01-06 00:00:00
cloudfoundry
cloudfoundry
USN-5209-1: Linux kernel vulnerabilities | Cloud Foundry
2022-03-08 00:00:00
USN-5210-2: Linux kernel regression | Cloud Foundry
2022-01-20 00:00:00
USN-5210-1: Linux kernel vulnerabilities | Cloud Foundry
2022-01-20 00:00:00
osv
osv
linux, linux-aws, linux-aws-hwe, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
2022-01-06 02:26:00
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
2022-01-06 02:15:28
linux, linux-gcp, linux-gcp-5.4, linux-hwe-5.4 regression
2022-01-12 21:06:02
debian
debian
[SECURITY] [DLA 2843-1] linux security update
2021-12-16 21:27:40
[SECURITY] [DSA 5096-1] linux security update
2022-03-09 15:30:58
[SECURITY] [DLA 2941-1] linux-4.19 security update
2022-03-09 12:40:55
rocky
rocky
kernel-rt security and bug fix update
2022-05-10 06:42:36
kernel security, bug fix, and enhancement update
2022-05-10 08:11:36
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2022-02-01 05:01:08
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2022-05-17 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2022-05-10 08:11:36
redhat
redhat
(RHSA-2022:1975) Important: kernel-rt security and bug fix update
2022-05-10 06:42:36
(RHSA-2022:1988) Important: kernel security, bug fix, and enhancement update
2022-05-10 08:11:36
(RHSA-2022:4814) Moderate: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update
2022-05-31 09:45:12
oracle
oracle
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00
JSON
Related for MARINER_KERNEL_CVE-2021-43389.NASL
cbl_mariner2prion1debiancve1redhatcve1cnvd1ubuntucve1veracode1cve2photon2nessus44suse4mageia2ubuntu8cloudfoundry4osv14debian3rocky2slackware1oraclelinux1almalinux1redhat7oracle1