The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities:
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
(CVE-2022-2964)
A stack overflow flaw was found in the Linux kernel’s SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-4378)
A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the ‘rlim’ variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11 (CVE-2023-0458)
A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (net: sched: fix race condition in qdisc_graft()) not applied yet, then kernel could be affected. (CVE-2023-0590)
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.
We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28. (CVE-2023-1829)
A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices. (CVE-2023-1989)
A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
(CVE-2023-2162)
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was the duplicate of CVE-2023-31436. (CVE-2023-2248)
A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service. (CVE-2023-28327)
A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device.
This flaw allows a local user to crash the system or potentially cause a denial of service.
(CVE-2023-28328)
qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. (CVE-2023-31436)
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use- after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability. (CVE-2023-32269)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from ZTE advisory NS-SA-2024-0017. The text
# itself is copyright (C) ZTE, Inc.
##
include('compat.inc');
if (description)
{
script_id(193543);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/18");
script_cve_id(
"CVE-2022-2964",
"CVE-2022-4378",
"CVE-2023-0458",
"CVE-2023-0590",
"CVE-2023-1829",
"CVE-2023-1989",
"CVE-2023-2162",
"CVE-2023-2248",
"CVE-2023-28327",
"CVE-2023-28328",
"CVE-2023-31436",
"CVE-2023-32269"
);
script_name(english:"NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2024-0017)");
script_set_attribute(attribute:"synopsis", value:
"The remote NewStart CGSL host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by
multiple vulnerabilities:
- A flaw was found in the Linux kernel's driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet
Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
(CVE-2022-2964)
- A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain
kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their
privileges on the system. (CVE-2022-4378)
- A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The
resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be
used to leak the contents. We recommend upgrading past version 6.1.8 or commit
739790605705ddcf18f21782b9c99ad7d53a8c11 (CVE-2023-0458)
- A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race
problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 (net: sched: fix race
condition in qdisc_graft()) not applied yet, then kernel could be affected. (CVE-2023-0590)
- A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited
to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate
filters in case of a perfect hashes while deleting the underlying structure which can later lead to double
freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root.
We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28. (CVE-2023-1829)
- A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In
this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on
hdev devices. (CVE-2023-1989)
- A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in
SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.
(CVE-2023-2162)
- Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it was
the duplicate of CVE-2023-31436. (CVE-2023-2248)
- A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact
in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows
a local user to crash or potentially cause a denial of service. (CVE-2023-28327)
- A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in
the Linux Kernel. The message from user space is not checked properly before transferring into the device.
This flaw allows a local user to crash the system or potentially cause a denial of service.
(CVE-2023-28328)
- qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write
because lmax can exceed QFQ_MIN_LMAX. (CVE-2023-31436)
- An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-
after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order
for an attacker to exploit this, the system must have netrom routing configured or the attacker must have
the CAP_NET_ADMIN capability. (CVE-2023-32269)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/notice/NS-SA-2024-0017");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-2964");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-4378");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-0458");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-0590");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-1829");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-1989");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-2162");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-2248");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-28327");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-28328");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-31436");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2023-32269");
script_set_attribute(attribute:"solution", value:
"Upgrade the vulnerable CGSL kernel packages. Note that updated packages may not be available yet. Please contact ZTE for
more information.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-31436");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/03/07");
script_set_attribute(attribute:"patch_publication_date", value:"2024/04/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/18");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-abi-whitelists");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-debuginfo-common-x86_64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-sign-keys");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:kernel-tools-libs-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:python-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_core:python-perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-abi-whitelists");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debuginfo-common-x86_64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-sign-keys");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-tools-libs-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:python-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:python-perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:zte:cgsl_core:5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:zte:cgsl_main:5");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"NewStart CGSL Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/ZTE-CGSL/release');
if (isnull(os_release) || os_release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');
if (os_release !~ "CGSL CORE 5.04" &&
os_release !~ "CGSL MAIN 5.04")
audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');
if (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);
var flag = 0;
var pkgs = {
'CGSL CORE 5.04': [
'kernel-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-core-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-debug-core-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-debug-modules-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-devel-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-headers-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-modules-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-sign-keys-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-tools-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'perf-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'python-perf-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite',
'python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.57.1147.g8d42df2.lite'
],
'CGSL MAIN 5.04': [
'kernel-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-abi-whitelists-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-debug-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-debug-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-debug-devel-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-devel-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-headers-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-sign-keys-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-tools-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-tools-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-tools-libs-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'kernel-tools-libs-devel-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'perf-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'python-perf-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2',
'python-perf-debuginfo-3.10.0-693.21.1.el7.cgslv5_4.55.1294.ga5e37f2'
]
};
var pkg_list = pkgs[os_release];
foreach (pkg in pkg_list)
if (rpm_check(release:'ZTE ' + os_release, reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel');
}
Vendor | Product | Version | CPE |
---|---|---|---|
zte | cgsl_core | kernel | p-cpe:/a:zte:cgsl_core:kernel |
zte | cgsl_core | kernel-abi-whitelists | p-cpe:/a:zte:cgsl_core:kernel-abi-whitelists |
zte | cgsl_core | kernel-core | p-cpe:/a:zte:cgsl_core:kernel-core |
zte | cgsl_core | kernel-debug-core | p-cpe:/a:zte:cgsl_core:kernel-debug-core |
zte | cgsl_core | kernel-debug-debuginfo | p-cpe:/a:zte:cgsl_core:kernel-debug-debuginfo |
zte | cgsl_core | kernel-debug-devel | p-cpe:/a:zte:cgsl_core:kernel-debug-devel |
zte | cgsl_core | kernel-debug-modules | p-cpe:/a:zte:cgsl_core:kernel-debug-modules |
zte | cgsl_core | kernel-debuginfo | p-cpe:/a:zte:cgsl_core:kernel-debuginfo |
zte | cgsl_core | kernel-debuginfo-common-x86_64 | p-cpe:/a:zte:cgsl_core:kernel-debuginfo-common-x86_64 |
zte | cgsl_core | kernel-devel | p-cpe:/a:zte:cgsl_core:kernel-devel |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4378
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0458
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0590
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1829
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1989
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2162
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2248
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28327
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28328
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31436
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32269
security.gd-linux.com/info/CVE-2022-2964
security.gd-linux.com/info/CVE-2022-4378
security.gd-linux.com/info/CVE-2023-0458
security.gd-linux.com/info/CVE-2023-0590
security.gd-linux.com/info/CVE-2023-1829
security.gd-linux.com/info/CVE-2023-1989
security.gd-linux.com/info/CVE-2023-2162
security.gd-linux.com/info/CVE-2023-2248
security.gd-linux.com/info/CVE-2023-28327
security.gd-linux.com/info/CVE-2023-28328
security.gd-linux.com/info/CVE-2023-31436
security.gd-linux.com/info/CVE-2023-32269
security.gd-linux.com/notice/NS-SA-2024-0017