Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.MARINER_KERNEL_CVE-2022-33743.NASLHistoryMar 20, 2023 - 12:00 a.m.
CBL Mariner 2.0 Security Update: kernel (CVE-2022-33743)
2023-03-2000:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
10
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-33743 advisory.
- network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed. (CVE-2022-33743)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(172748);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/03/20");
script_cve_id("CVE-2022-33743");
script_name(english:"CBL Mariner 2.0 Security Update: kernel (CVE-2022-33743)");
script_set_attribute(attribute:"synopsis", value:
"The remote CBL Mariner host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore,
affected by a vulnerability as referenced in the CVE-2022-33743 advisory.
- network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data
Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further
processing to nevertheless be freed. (CVE-2022-33743)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://nvd.nist.gov/vuln/detail/CVE-2022-33743");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-33743");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/05");
script_set_attribute(attribute:"patch_publication_date", value:"2022/07/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/03/20");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel-drivers-accessibility");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel-drivers-sound");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel-dtb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel-oprofile");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:microsoft:cbl-mariner:python3-perf");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:microsoft:cbl-mariner");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"MarinerOS Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CBLMariner/release", "Host/CBLMariner/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/CBLMariner/release');
if (isnull(release) || 'CBL-Mariner' >!< release) audit(AUDIT_OS_NOT, 'CBL-Mariner');
var os_ver = pregmatch(pattern: "CBL-Mariner ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CBL-Mariner');
os_ver = os_ver[1];
if (! preg(pattern:"^2([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'CBL-Mariner 2.0', 'CBL-Mariner ' + os_ver);
if (!get_kb_item('Host/CBLMariner/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu)
audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CBL-Mariner', cpu);
var pkgs = [
{'reference':'bpftool-5.15.67.1-4.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.15.67.1-4.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-5.15.67.1-4.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-5.15.67.1-4.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-docs-5.15.67.1-4.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-docs-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-accessibility-5.15.67.1-4.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-accessibility-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-sound-5.15.67.1-4.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-drivers-sound-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-dtb-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-5.15.67.1-4.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.15.67.1-4.cm2', 'cpu':'x86_64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.15.67.1-4.cm2', 'cpu':'aarch64', 'release':'2.0', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'CBLMariner-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-debuginfo / kernel-devel / kernel-docs / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | cbl-mariner | bpftool | p-cpe:/a:microsoft:cbl-mariner:bpftool |
| microsoft | cbl-mariner | kernel | p-cpe:/a:microsoft:cbl-mariner:kernel |
| microsoft | cbl-mariner | kernel-debuginfo | p-cpe:/a:microsoft:cbl-mariner:kernel-debuginfo |
| microsoft | cbl-mariner | kernel-devel | p-cpe:/a:microsoft:cbl-mariner:kernel-devel |
| microsoft | cbl-mariner | kernel-docs | p-cpe:/a:microsoft:cbl-mariner:kernel-docs |
| microsoft | cbl-mariner | kernel-drivers-accessibility | p-cpe:/a:microsoft:cbl-mariner:kernel-drivers-accessibility |
| microsoft | cbl-mariner | kernel-drivers-sound | p-cpe:/a:microsoft:cbl-mariner:kernel-drivers-sound |
| microsoft | cbl-mariner | kernel-dtb | p-cpe:/a:microsoft:cbl-mariner:kernel-dtb |
| microsoft | cbl-mariner | kernel-oprofile | p-cpe:/a:microsoft:cbl-mariner:kernel-oprofile |
| microsoft | cbl-mariner | kernel-tools | p-cpe:/a:microsoft:cbl-mariner:kernel-tools |
Related
osv
osv
CVE-2022-33743
2022-07-05 13:15:08
linux - security update
2022-07-26 00:00:00
linux-oem-5.17 vulnerabilities
2022-12-12 13:28:12
debiancve
debiancve
CVE-2022-33743
2022-07-05 13:15:00
prion
prion
Path traversal
2022-07-05 13:15:00
cbl_mariner
cbl_mariner
CVE-2022-33743 affecting package kernel 5.10.144.1-1
2022-10-13 00:40:31
CVE-2022-33743 affecting package kernel 5.15.57.1-1
2022-10-05 23:34:27
xen
xen
network backend may cause Linux netfront to use freed SKBs
2022-07-05 10:44:00
veracode
veracode
Authorization Bypass
2022-11-25 18:46:35
cve
cve
CVE-2022-33743
2022-07-05 13:15:00
redhatcve
redhatcve
CVE-2022-33743
2022-07-18 12:47:49
ubuntucve
ubuntucve
CVE-2022-33743
2022-07-05 00:00:00
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2022-005)
2022-07-21 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP4) (SUSE-SU-2022:2854-1)
2022-08-20 00:00:00
Debian DSA-5191-1 : linux - security update
2022-07-27 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2022-07-20 23:24:04
Updated kernel packages fix security vulnerabilities
2022-07-20 23:24:04
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0263)
2022-07-21 00:00:00
Mageia: Security Advisory (MGASA-2022-0264)
2022-07-21 00:00:00
Debian: Security Advisory (DSA-5191-1)
2022-07-28 00:00:00
debian
debian
[SECURITY] [DSA 5191-1] linux security update
2022-07-26 20:07:34
photon
photon
Critical Photon OS Security Update - PHSA-2022-0238
2022-08-26 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0238
2022-08-26 00:00:00
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2023-01-05 00:00:00
Linux kernel (OEM) vulnerabilities
2022-12-12 00:00:00
Linux kernel (GCP) vulnerabilities
2022-09-27 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-05-09 00:00:00
Important: kernel-rt security and bug fix update
2023-05-09 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-05-15 00:00:00
redhat
redhat
(RHSA-2023:2148) Important: kernel-rt security and bug fix update
2023-05-09 05:01:55
(RHSA-2023:2458) Important: kernel security, bug fix, and enhancement update
2023-05-09 05:11:22
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2022-08-26 04:17:47
suse
suse
Security update for the Linux Kernel (important)
2022-07-22 00:00:00
Security update for the Linux Kernel (important)
2022-08-01 00:00:00
Related for MARINER_KERNEL_CVE-2022-33743.NASL