Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.PHOTONOS_PHSA-2021-4_0-0007_LINUX.NASL
HistoryApr 07, 2021 - 12:00 a.m.

Photon OS 4.0: Linux PHSA-2021-4.0-0007

2021-04-0700:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

Low

EPSS

0.004

Percentile

72.9%

JSON

An update of the linux package has been released.

##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from VMware Security Advisory PHSA-2021-4.0-0007. The text
# itself is copyright (C) VMware, Inc.
##

include('compat.inc');

if (description)
{
  script_id(148350);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/07/24");

  script_cve_id(
    "CVE-2019-15239",
    "CVE-2020-12351",
    "CVE-2020-25639",
    "CVE-2020-27170",
    "CVE-2020-27171",
    "CVE-2020-28374",
    "CVE-2020-35499",
    "CVE-2020-36158",
    "CVE-2021-3347",
    "CVE-2021-3348",
    "CVE-2021-3444",
    "CVE-2021-26708",
    "CVE-2021-26930",
    "CVE-2021-26931",
    "CVE-2021-26932",
    "CVE-2021-27363",
    "CVE-2021-27364",
    "CVE-2021-27365",
    "CVE-2021-28038",
    "CVE-2021-28039",
    "CVE-2021-28375",
    "CVE-2021-29265",
    "CVE-2021-3178"
  );

  script_name(english:"Photon OS 4.0: Linux PHSA-2021-4.0-0007");

  script_set_attribute(attribute:"synopsis", value:
"The remote PhotonOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"An update of the linux package has been released.");
  script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Update-4.0-7.md");
  script_set_attribute(attribute:"solution", value:
"Update the affected Linux packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-3347");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-12351");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/01/13");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/04/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/04/07");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:linux");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:4.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"PhotonOS Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");

  exit(0);
}

include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var _release = get_kb_item('Host/PhotonOS/release');
if (isnull(_release) || _release !~ "^VMware Photon") audit(AUDIT_OS_NOT, 'PhotonOS');
if (_release !~ "^VMware Photon (?:Linux|OS) 4\.0(\D|$)") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');

if (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);

var flag = 0;

if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', reference:'linux-api-headers-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-devel-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-docs-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-drivers-gpu-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-oprofile-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-sound-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-devel-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-docs-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-gpu-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-intel-sgx-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-sound-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-devel-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-docs-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-oprofile-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-python3-perf-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-devel-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-docs-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-devel-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-docs-5.10.25-1.ph4')) flag++;
if (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-tools-5.10.25-1.ph4')) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux');
}
VendorProductVersionCPE
vmwarephotonos4.0cpe:/o:vmware:photonos:4.0
vmwarephotonoslinuxp-cpe:/a:vmware:photonos:linux

References

Related

openvas 34
mageia 7
nessus 75
amazon 3
osv 13
ubuntu 10
debian 2
oraclelinux 23
redhat 16
almalinux 1
cloudfoundry 3
virtuozzo 1
fedora 2
centos 1
slackware 1
cloudlinux 1
citrix 1
photon 1
thn 1
suse 1
prion 1
cve 1
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0152)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2021-0151)
2022-01-28 00:00:00
Ubuntu: Security Advisory (USN-4887-1)
2021-03-24 00:00:00
mageia
mageia
Updated kernel-linus packages fix security issues
2021-03-22 20:17:19
Updated kernel packages fix security issues
2021-03-22 20:17:19
Updated kernel packages fix security issues and possible filesystem corruption
2021-03-08 00:35:49
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-001)
2022-05-02 00:00:00
Amazon Linux 2 : kernel (ALAS-2021-1616)
2021-03-19 00:00:00
Amazon Linux AMI : kernel (ALAS-2021-1487)
2021-03-20 00:00:00
amazon
amazon
Important: kernel
2021-03-18 17:29:00
Important: kernel
2021-03-18 01:13:00
Important: kernel
2021-02-17 18:07:00
osv
osv
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.3, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-kvm, linux-oem-5.10, linux-oem-5.6, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-raspi2-5.3 vulnerabilities
2021-03-23 21:57:53
linux-4.19 - security update
2021-03-29 00:00:00
Important: kernel security, bug fix, and enhancement update
2021-04-06 13:33:17
ubuntu
ubuntu
Linux kernel vulnerabilities
2021-03-23 00:00:00
Linux kernel (Trusty HWE) vulnerabilities
2021-04-06 00:00:00
Linux kernel vulnerabilities
2021-03-25 00:00:00
debian
debian
[SECURITY] [DLA 2610-1] linux-4.19 security update
2021-03-30 21:45:31
[SECURITY] [DLA 2586-1] linux security update
2021-03-09 18:08:10
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2021-03-31 00:00:00
Unbreakable Enterprise kernel-container security update
2021-03-31 00:00:00
Unbreakable Enterprise kernel security update
2021-04-12 00:00:00
redhat
redhat
(RHSA-2021:1279) Important: kernel-rt security and bug fix update
2021-04-20 11:53:54
(RHSA-2021:1272) Important: kernel security, bug fix, and enhancement update
2021-04-20 11:52:59
(RHSA-2021:1081) Important: kernel-rt security and bug fix update
2021-04-06 13:30:32
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2021-04-06 13:33:17
cloudfoundry
cloudfoundry
USN-4883-1: Linux kernel vulnerabilities | Cloud Foundry
2021-04-14 00:00:00
USN-4890-1: Linux kernel vulnerabilities | Cloud Foundry
2021-04-14 00:00:00
USN-4945-1: Linux kernel vulnerabilities | Cloud Foundry
2021-06-11 00:00:00
virtuozzo
virtuozzo
[Important] [Security] Virtuozzo ReadyKernel patch 125.0 for Virtuozzo Hybrid Server 7.0, 7.5, Virtuozzo Infrastructure Platform 3.0, and Virtuozzo Hybrid Infrastructure 3.5, 4.0
2021-04-05 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: kernel-5.10.18-200.fc33
2021-02-26 23:55:43
[SECURITY] Fedora 32 Update: kernel-5.10.18-100.fc32
2021-02-26 23:36:07
centos
centos
bpftool, kernel, perf, python security update
2021-04-10 17:09:38
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2021-03-14 04:08:15
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-27364, CVE-2021-27363, CVE-2021-27365
2021-09-21 22:01:04
citrix
citrix
Citrix Hypervisor Security Update
2021-02-16 14:49:39
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0375
2021-03-27 00:00:00
thn
thn
New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems
2021-03-29 11:27:00
suse
suse
Security update for the Linux Kernel (important)
2021-04-10 00:00:00
prion
prion
Design/Logic Flaw
2021-03-05 18:15:00
cve
cve
CVE-2021-28038
2021-03-05 18:15:13

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.6

Confidence

Low

EPSS

0.004

Percentile

72.9%

JSON
Related for PHOTONOS_PHSA-2021-4_0-0007_LINUX.NASL
openvas34mageia7nessus75amazon3osv13ubuntu10debian2oraclelinux23redhat16almalinux1cloudfoundry3virtuozzo1fedora2centos1slackware1cloudlinux1citrix1photon1thn1suse1prion1cve1