DATABASE RESOURCES PRICING ABOUT US

{"id": "REDHAT-RHSA-2022-5232.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 7 : kernel (RHSA-2022:5232)", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5232 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2022-06-28T00:00:00", "modified": "2023-05-25T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/162583", "reporter": "This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/errata/RHSA-2022:5232", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1729", "https://access.redhat.com/security/cve/CVE-2022-1966", "https://access.redhat.com/security/cve/CVE-2022-32250", "https://bugzilla.redhat.com/2086753", "https://bugzilla.redhat.com/2093146", "https://access.redhat.com/security/cve/CVE-2022-1729", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1966", "https://bugzilla.redhat.com/2092427"], "cvelist": ["CVE-2022-1729", "CVE-2022-1966", "CVE-2022-32250"], "immutableFields": [], "lastseen": "2023-05-25T18:30:14", "viewCount": 74, "enchantments": {"score": {"value": 8.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:5249", "ALSA-2022:5267", "ALSA-2022:5564", "ALSA-2022:5565", "ALSA-2022:5819", "ALSA-2022:5834"]}, {"type": "altlinux", "idList": ["3389D346758499949D2E8B5AA776BFA2", "69D1753D74C2782AF5C4B3E24536D125"]}, {"type": "amazon", "idList": ["ALAS-2022-1591", "ALAS-2022-1604", "ALAS-2022-1798", "ALAS2-2022-1798", "ALAS2-2022-1813"]}, {"type": "centos", "idList": ["CESA-2022:5232"]}, {"type": "cnvd", "idList": ["CNVD-2022-74091"]}, {"type": "cve", "idList": ["CVE-2022-1729", "CVE-2022-1966", "CVE-2022-32250", "CVE-2022-34918"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3065-1:C1710", "DEBIAN:DSA-5161-1:2800F", "DEBIAN:DSA-5173-1:5A28E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-1729", "DEBIANCVE:CVE-2022-1966", "DEBIANCVE:CVE-2022-32250", "DEBIANCVE:CVE-2022-34918"]}, {"type": "fedora", "idList": ["FEDORA:02B0930C67A7", "FEDORA:0724530C2F49", "FEDORA:2BF3D30C5439", "FEDORA:39E6D30C27AC", "FEDORA:6F44230C5613", "FEDORA:8904F30B95E5", "FEDORA:890AC30C5439", "FEDORA:8DEF430C679D", "FEDORA:CFF3C30B73E9", "FEDORA:D8A9730C27AC", "FEDORA:DE93930C58EA"]}, {"type": "githubexploit", "idList": ["34927D1B-4D9F-5B44-A08D-491384ED675E", "9CBE87B2-5ADC-5DA9-972B-132F77839B5F"]}, {"type": "ibm", "idList": ["1841E92577ACD6AADDBB49C1995A398D151CBC9679F1BA2B9C77425F2E40A55C", "2007FD1781CF2022D192260E43DD6A6A9D75EAE1E583F1FF51351C7A5D643FB1", "63C8B1DC63A3A0D366B1AA0E3DB24BD123F14B4EB29B74139B4FE1590E5E48A3", "7A34C5EA3878227646136480AF345DCC5DF882B26F65D3380EC0064BCCA45485", "F8949F00CDCE086FCFA5F40AFADF9DB9E3B4DD10AB910034C41279EA96313C2A"]}, {"type": "ics", "idList": ["ICSA-23-075-01", "ICSA-23-103-09"]}, {"type": "mageia", "idList": ["MGASA-2022-0212", "MGASA-2022-0213", "MGASA-2022-0229", "MGASA-2022-0230"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-083.NASL", "AL2022_ALAS2022-2022-114.NASL", "AL2022_ALAS2022-2022-185.NASL", "AL2023_ALAS2023-2023-070.NASL", "AL2_ALAS-2022-1798.NASL", "AL2_ALAS-2022-1813.NASL", "AL2_ALASKERNEL-5_10-2022-014.NASL", "AL2_ALASKERNEL-5_10-2022-015.NASL", "AL2_ALASKERNEL-5_10-2022-016.NASL", "AL2_ALASKERNEL-5_10-2022-017.NASL", "AL2_ALASKERNEL-5_10-2022-018.NASL", "AL2_ALASKERNEL-5_15-2022-001.NASL", "AL2_ALASKERNEL-5_15-2022-002.NASL", "AL2_ALASKERNEL-5_15-2022-003.NASL", "AL2_ALASKERNEL-5_15-2022-004.NASL", "AL2_ALASKERNEL-5_15-2022-005.NASL", "AL2_ALASKERNEL-5_4-2022-026.NASL", "AL2_ALASKERNEL-5_4-2022-028.NASL", "AL2_ALASKERNEL-5_4-2022-030.NASL", "AL2_ALASKERNEL-5_4-2022-032.NASL", "AL2_ALASKERNEL-5_4-2022-034.NASL", "ALA_ALAS-2022-1591.NASL", "ALA_ALAS-2022-1604.NASL", "ALMA_LINUX_ALSA-2022-5214.NASL", "ALMA_LINUX_ALSA-2022-5249.NASL", "ALMA_LINUX_ALSA-2022-5267.NASL", "ALMA_LINUX_ALSA-2022-5564.NASL", "ALMA_LINUX_ALSA-2022-5565.NASL", "ALMA_LINUX_ALSA-2022-5819.NASL", "ALMA_LINUX_ALSA-2022-5834.NASL", "CENTOS_RHSA-2022-5232.NASL", "DEBIAN_DLA-3065.NASL", "DEBIAN_DSA-5161.NASL", "DEBIAN_DSA-5173.NASL", "DEBIAN_DSA-5191.NASL", "EULEROS_SA-2022-1969.NASL", "EULEROS_SA-2022-1999.NASL", "EULEROS_SA-2022-2225.NASL", "EULEROS_SA-2022-2244.NASL", "EULEROS_SA-2022-2257.NASL", "EULEROS_SA-2022-2273.NASL", "EULEROS_SA-2022-2292.NASL", "EULEROS_SA-2022-2321.NASL", "EULEROS_SA-2022-2348.NASL", "EULEROS_SA-2022-2384.NASL", "EULEROS_SA-2022-2415.NASL", "EULEROS_SA-2022-2428.NASL", "EULEROS_SA-2022-2441.NASL", "EULEROS_SA-2022-2466.NASL", "EULEROS_SA-2022-2566.NASL", "EULEROS_SA-2022-2619.NASL", "EULEROS_SA-2022-2873.NASL", "EULEROS_SA-2022-2891.NASL", "EULEROS_SA-2023-1695.NASL", "MARINER_KERNEL_CVE-2022-34918.NASL", "NEWSTART_CGSL_NS-SA-2023-0001_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0005_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0017_KERNEL.NASL", "NUTANIX_NXSA-AOS-5_20_5.NASL", "NUTANIX_NXSA-AOS-6_5_1_5.NASL", "NUTANIX_NXSA-AOS-6_5_2.NASL", "NUTANIX_NXSA-AOS-6_5_3.NASL", "NUTANIX_NXSA-AOS-6_6_2.NASL", "ORACLELINUX_ELSA-2022-5232.NASL", "ORACLELINUX_ELSA-2022-5249.NASL", "ORACLELINUX_ELSA-2022-5564.NASL", "ORACLELINUX_ELSA-2022-5819.NASL", "ORACLELINUX_ELSA-2022-6610.NASL", "ORACLELINUX_ELSA-2022-9409.NASL", "ORACLELINUX_ELSA-2022-9410.NASL", "ORACLELINUX_ELSA-2022-9412.NASL", "ORACLELINUX_ELSA-2022-9413.NASL", "ORACLELINUX_ELSA-2022-9667.NASL", "ORACLELINUX_ELSA-2022-9827.NASL", "ORACLELINUX_ELSA-2022-9830.NASL", "ORACLEVM_OVMSA-2022-0021.NASL", "REDHAT-RHSA-2022-5157.NASL", "REDHAT-RHSA-2022-5214.NASL", "REDHAT-RHSA-2022-5216.NASL", "REDHAT-RHSA-2022-5220.NASL", "REDHAT-RHSA-2022-5224.NASL", "REDHAT-RHSA-2022-5236.NASL", "REDHAT-RHSA-2022-5249.NASL", "REDHAT-RHSA-2022-5267.NASL", "REDHAT-RHSA-2022-5439.NASL", "REDHAT-RHSA-2022-5476.NASL", "REDHAT-RHSA-2022-5564.NASL", "REDHAT-RHSA-2022-5565.NASL", "REDHAT-RHSA-2022-5626.NASL", "REDHAT-RHSA-2022-5633.NASL", "REDHAT-RHSA-2022-5636.NASL", "REDHAT-RHSA-2022-5641.NASL", "REDHAT-RHSA-2022-5648.NASL", "REDHAT-RHSA-2022-5802.NASL", "REDHAT-RHSA-2022-5804.NASL", "REDHAT-RHSA-2022-5805.NASL", "REDHAT-RHSA-2022-5806.NASL", "REDHAT-RHSA-2022-5819.NASL", "REDHAT-RHSA-2022-5834.NASL", "REDHAT-RHSA-2022-5839.NASL", "REDHAT-RHSA-2022-6073.NASL", "REDHAT-RHSA-2022-6075.NASL", "REDHAT-RHSA-2022-6432.NASL", "REDHAT-RHSA-2022-6551.NASL", "REDHAT-RHSA-2022-6741.NASL", "ROCKY_LINUX_RLSA-2022-5564.NASL", "ROCKY_LINUX_RLSA-2022-5565.NASL", "ROCKY_LINUX_RLSA-2022-5819.NASL", "ROCKY_LINUX_RLSA-2022-5834.NASL", "SLACKWARE_SSA_2022-237-02.NASL", "SL_20220628_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2022-2077-1.NASL", "SUSE_SU-2022-2078-1.NASL", "SUSE_SU-2022-2079-1.NASL", "SUSE_SU-2022-2080-1.NASL", "SUSE_SU-2022-2082-1.NASL", "SUSE_SU-2022-2103-1.NASL", "SUSE_SU-2022-2104-1.NASL", "SUSE_SU-2022-2111-1.NASL", "SUSE_SU-2022-2116-1.NASL", "SUSE_SU-2022-2172-1.NASL", "SUSE_SU-2022-2173-1.NASL", "SUSE_SU-2022-2177-1.NASL", "SUSE_SU-2022-2214-1.NASL", "SUSE_SU-2022-2216-1.NASL", "SUSE_SU-2022-2230-1.NASL", "SUSE_SU-2022-2239-1.NASL", "SUSE_SU-2022-2245-1.NASL", "SUSE_SU-2022-2262-1.NASL", "SUSE_SU-2022-2268-1.NASL", "SUSE_SU-2022-2376-1.NASL", "SUSE_SU-2022-2393-1.NASL", "SUSE_SU-2022-2422-1.NASL", "SUSE_SU-2022-2424-1.NASL", "SUSE_SU-2022-2438-1.NASL", "SUSE_SU-2022-2444-1.NASL", "SUSE_SU-2022-2445-1.NASL", "SUSE_SU-2022-2446-1.NASL", "SUSE_SU-2022-2461-1.NASL", "SUSE_SU-2022-2482-1.NASL", "SUSE_SU-2022-2520-1.NASL", "SUSE_SU-2022-2549-1.NASL", "SUSE_SU-2022-2615-1.NASL", "SUSE_SU-2022-2629-1.NASL", "SUSE_SU-2022-2696-1.NASL", "SUSE_SU-2022-2722-1.NASL", "SUSE_SU-2022-2726-1.NASL", "SUSE_SU-2022-2727-1.NASL", "SUSE_SU-2022-2732-1.NASL", "SUSE_SU-2022-2738-1.NASL", "SUSE_SU-2022-2741-1.NASL", "SUSE_SU-2022-2759-1.NASL", "SUSE_SU-2022-2766-1.NASL", "SUSE_SU-2022-2770-1.NASL", "SUSE_SU-2022-2854-1.NASL", "SUSE_SU-2022-2875-1.NASL", "SUSE_SU-2022-3293-1.NASL", "SUSE_SU-2022-3450-1.NASL", "SUSE_SU-2022-4617-1.NASL", "TENABLE_OT_SIEMENS_CVE-2022-1729.NASL", "UBUNTU_USN-5465-1.NASL", "UBUNTU_USN-5466-1.NASL", "UBUNTU_USN-5467-1.NASL", "UBUNTU_USN-5468-1.NASL", "UBUNTU_USN-5469-1.NASL", "UBUNTU_USN-5470-1.NASL", "UBUNTU_USN-5471-1.NASL", "UBUNTU_USN-5540-1.NASL", "UBUNTU_USN-5544-1.NASL", "UBUNTU_USN-5545-1.NASL", "UBUNTU_USN-5560-1.NASL", "UBUNTU_USN-5560-2.NASL", "UBUNTU_USN-5562-1.NASL", "UBUNTU_USN-5564-1.NASL", "UBUNTU_USN-5566-1.NASL", "UBUNTU_USN-5582-1.NASL", "UBUNTU_USN-5594-1.NASL", "UBUNTU_USN-5599-1.NASL", "UBUNTU_USN-5602-1.NASL", "UBUNTU_USN-5616-1.NASL", "UBUNTU_USN-5622-1.NASL", "UBUNTU_USN-5623-1.NASL", "UBUNTU_USN-5630-1.NASL", "UBUNTU_USN-5639-1.NASL", "UBUNTU_USN-5647-1.NASL", "UBUNTU_USN-5650-1.NASL", "UBUNTU_USN-5654-1.NASL", "UBUNTU_USN-5660-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-5232", "ELSA-2022-5249", "ELSA-2022-5564", "ELSA-2022-5819", "ELSA-2022-9409", "ELSA-2022-9410", "ELSA-2022-9412", "ELSA-2022-9413", "ELSA-2022-9667"]}, {"type": "osv", "idList": ["OSV:DLA-3065-1", "OSV:DSA-5161-1", "OSV:DSA-5173-1"]}, {"type": "photon", "idList": ["PHSA-2022-0195", "PHSA-2022-0201", "PHSA-2022-0399", "PHSA-2022-0409", "PHSA-2022-0482", "PHSA-2022-0488", "PHSA-2022-3.0-0399", "PHSA-2022-3.0-0409", "PHSA-2022-4.0-0195", "PHSA-2022-4.0-0201"]}, {"type": "redhat", "idList": ["RHSA-2022:5069", "RHSA-2022:5070", "RHSA-2022:5157", "RHSA-2022:5214", "RHSA-2022:5216", "RHSA-2022:5220", "RHSA-2022:5224", "RHSA-2022:5232", "RHSA-2022:5236", "RHSA-2022:5249", "RHSA-2022:5267", "RHSA-2022:5439", "RHSA-2022:5476", "RHSA-2022:5564", "RHSA-2022:5565", "RHSA-2022:5626", "RHSA-2022:5633", "RHSA-2022:5636", "RHSA-2022:5641", "RHSA-2022:5648", "RHSA-2022:5730", "RHSA-2022:5802", "RHSA-2022:5804", "RHSA-2022:5805", "RHSA-2022:5806", "RHSA-2022:5819", "RHSA-2022:5834", "RHSA-2022:5839", "RHSA-2022:5879", "RHSA-2022:6051", "RHSA-2022:6053", "RHSA-2022:6073", "RHSA-2022:6075", "RHSA-2022:6103", "RHSA-2022:6271", "RHSA-2022:6370", "RHSA-2022:6432", "RHSA-2022:6507", "RHSA-2022:6551", "RHSA-2022:6741"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-1729", "RH:CVE-2022-1966", "RH:CVE-2022-32250"]}, {"type": "rocky", "idList": ["RLSA-2022:5564", "RLSA-2022:5565", "RLSA-2022:5819", "RLSA-2022:5834"]}, {"type": "slackware", "idList": ["SSA-2022-237-02"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:2173-1", "OPENSUSE-SU-2022:2177-1", "SUSE-SU-2022:2078-1", "SUSE-SU-2022:2079-1", "SUSE-SU-2022:2111-1", "SUSE-SU-2022:2172-1", "SUSE-SU-2022:2173-1", "SUSE-SU-2022:2520-1", "SUSE-SU-2022:2615-1", "SUSE-SU-2022:2722-1", "SUSE-SU-2022:2741-1", "SUSE-SU-2022:2875-1", "SUSE-SU-2022:2875-2", "SUSE-SU-2022:3293-1"]}, {"type": "ubuntu", "idList": ["LSN-0087-1", "LSN-0089-1", "USN-5465-1", "USN-5466-1", "USN-5467-1", "USN-5468-1", "USN-5469-1", "USN-5470-1", "USN-5471-1", "USN-5560-1", "USN-5560-2", "USN-5594-1", "USN-5599-1", "USN-5602-1", "USN-5616-1", "USN-5622-1", "USN-5623-1", "USN-5630-1", "USN-5639-1", "USN-5647-1", "USN-5650-1", "USN-5654-1", "USN-5660-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-1729", "UB:CVE-2022-32250", "UB:CVE-2022-34918"]}, {"type": "veracode", "idList": ["VERACODE:36254"]}, {"type": "virtuozzo", "idList": ["VZA-2022-021"]}]}, "epss": [{"cve": "CVE-2022-1729", "epss": 0.00043, "percentile": 0.07943, "modified": "2023-05-02"}, {"cve": "CVE-2022-32250", "epss": 0.00044, "percentile": 0.08281, "modified": "2023-05-02"}], "vulnersScore": 8.0}, "_state": {"score": 1685039843, "dependencies": 1685080902, "epss": 0}, "_internal": {"score_hash": "a75325a211a8127a730949fc39d7362b"}, "pluginID": "162583", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5232. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162583);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-1729\", \"CVE-2022-1966\");\n script_xref(name:\"RHSA\", value:\"2022:5232\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2022:5232)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5232 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5232\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(362, 366, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1729', 'CVE-2022-1966', 'CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5232');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/os',\n 'content/dist/rhel-alt/server/7/7Server/system-z-a/s390x/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/optional/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/sap/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/source/SRPMS',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/debug',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/os',\n 'content/dist/rhel/system-z/7/7Server/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/debug',\n 'content/fastrack/rhel/system-z/7/s390x/optional/os',\n 'content/fastrack/rhel/system-z/7/s390x/optional/source/SRPMS',\n 'content/fastrack/rhel/system-z/7/s390x/os',\n 'content/fastrack/rhel/system-z/7/s390x/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-3.10.0-1160.71.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1160.71.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-1160.71.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-bootwrapper-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1160.71.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1160.71.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1160.71.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-kdump-3.10.0-1160.71.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-kdump-devel-3.10.0-1160.71.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1160.71.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1160.71.1.el7', 'cpu':'ppc64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1160.71.1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1160.71.1.el7', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-bootwrapper / etc');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2022-1966", "vendor_cvss2": {"score": 7.2, "vector": "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "Medium", "score": "6.7"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2022-06-28T00:00:00", "vulnerabilityPublicationDate": "2022-05-31T00:00:00", "exploitableWith": []}

{"nessus": [{"lastseen": "2023-05-17T16:32:21", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5236 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-28T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel-rt (RHSA-2022:5236)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729", "CVE-2022-1966", "CVE-2022-32250"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm"], "id": "REDHAT-RHSA-2022-5236.NASL", "href": "https://www.tenable.com/plugins/nessus/162572", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5236. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162572);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-1729\", \"CVE-2022-1966\");\n script_xref(name:\"RHSA\", value:\"2022:5236\");\n\n script_name(english:\"RHEL 7 : kernel-rt (RHSA-2022:5236)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5236 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5236\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(362, 366, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1729', 'CVE-2022-1966', 'CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5236');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-rt-3.10.0-1160.71.1.rt56.1212.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-3.10.0-1160.71.1.rt56.1212.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-3.10.0-1160.71.1.rt56.1212.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-3.10.0-1160.71.1.rt56.1212.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-3.10.0-1160.71.1.rt56.1212.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-doc-3.10.0-1160.71.1.rt56.1212.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-3.10.0-1160.71.1.rt56.1212.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-trace-3.10.0-1160.71.1.rt56.1212.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-trace-devel-3.10.0-1160.71.1.rt56.1212.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-trace-kvm-3.10.0-1160.71.1.rt56.1212.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-debug / kernel-rt-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:14", "description": "The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5232 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. (CVE-2022-1966)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-29T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : kernel (ELSA-2022-5232)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729", "CVE-2022-1966", "CVE-2022-21499", "CVE-2022-32250"], "modified": "2022-07-06T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:bpftool", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2022-5232.NASL", "href": "https://www.tenable.com/plugins/nessus/162587", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-5232.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162587);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/06\");\n\n script_cve_id(\"CVE-2022-1729\", \"CVE-2022-1966\", \"CVE-2022-21499\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2022-5232)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-5232 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a\n duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this\n candidate. All references and descriptions in this candidate have been removed to prevent accidental\n usage. (CVE-2022-1966)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-5232.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['3.10.0-1160.71.1.el7'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-5232');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '3.10';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'bpftool-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-3.10.0'},\n {'reference':'kernel-abi-whitelists-3.10.0-1160.71.1.el7', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-3.10.0'},\n {'reference':'kernel-debug-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-3.10.0'},\n {'reference':'kernel-debug-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-3.10.0'},\n {'reference':'kernel-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-3.10.0'},\n {'reference':'kernel-headers-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-3.10.0'},\n {'reference':'kernel-tools-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-3.10.0'},\n {'reference':'kernel-tools-libs-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-3.10.0'},\n {'reference':'kernel-tools-libs-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-3.10.0'},\n {'reference':'perf-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:29:30", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5216 advisory.\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-28T00:00:00", "type": "nessus", "title": "RHEL 7 : kpatch-patch (RHSA-2022:5216)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1966", "CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_36_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_41_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_42_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_45_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_49_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_53_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_59_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_62_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_66_1"], "id": "REDHAT-RHSA-2022-5216.NASL", "href": "https://www.tenable.com/plugins/nessus/162580", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5216. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162580);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-1966\");\n script_xref(name:\"RHSA\", value:\"2022:5216\");\n\n script_name(english:\"RHEL 7 : kpatch-patch (RHSA-2022:5216)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5216 advisory.\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5216\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_36_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_41_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_42_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_45_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_49_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_53_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_59_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_62_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_66_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/source/SRPMS',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/optional/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap-hana/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/os',\n 'content/dist/rhel/power/7/7Server/ppc64/optional/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/os',\n 'content/dist/rhel/power/7/7Server/ppc64/sap/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/os',\n 'content/dist/rhel/power/7/7Server/ppc64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/debug',\n 'content/fastrack/rhel/power/7/ppc64/optional/os',\n 'content/fastrack/rhel/power/7/ppc64/optional/source/SRPMS',\n 'content/fastrack/rhel/power/7/ppc64/os',\n 'content/fastrack/rhel/power/7/ppc64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'kernels': {\n '3.10.0-1160.36.2.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_36_2-1-8.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.36.2.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_36_2-1-8.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.41.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_41_1-1-7.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.41.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_41_1-1-7.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.42.2.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_42_2-1-6.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.42.2.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_42_2-1-6.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.45.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_45_1-1-5.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.45.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_45_1-1-5.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.49.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_49_1-1-4.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.49.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_49_1-1-4.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.53.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_53_1-1-4.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.53.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_53_1-1-4.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.59.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_59_1-1-3.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.59.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_59_1-1-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.62.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_62_1-1-2.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.62.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_62_1-1-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.66.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_66_1-1-1.el7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.66.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_66_1-1-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-3_10_0-1160_36_2 / kpatch-patch-3_10_0-1160_41_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T18:33:38", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5806 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-02T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2022:5806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729", "CVE-2022-32250"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.3", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2022-5806.NASL", "href": "https://www.tenable.com/plugins/nessus/163696", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5806. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163696);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-1729\", \"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:5806\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2022:5806)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5806 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5806\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(366, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.3')) audit(AUDIT_OS_NOT, 'Red Hat 7.3', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1729', 'CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5806');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.3/x86_64/debug',\n 'content/aus/rhel/server/7/7.3/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.3/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.3/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.3/x86_64/os',\n 'content/aus/rhel/server/7/7.3/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-3.10.0-514.104.1.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-514.104.1.el7', 'sp':'3', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-514.104.1.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-514.104.1.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-514.104.1.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-514.104.1.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-514.104.1.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-514.104.1.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-514.104.1.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-514.104.1.el7', 'sp':'3', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:37", "description": "The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:5232-1 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-1966)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-29T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL7.x x86_64 (2022:5232)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729", "CVE-2022-1966"], "modified": "2022-06-29T00:00:00", "cpe": ["cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:bpftool", "p-cpe:/a:fermilab:scientific_linux:bpftool-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:kernel-tools", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel", "p-cpe:/a:fermilab:scientific_linux:perf", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo"], "id": "SL_20220628_KERNEL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/162593", "sourceData": "##\n# (C) Tenable, Inc.\n##\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162593);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/29\");\n\n script_cve_id(\"CVE-2022-1729\", \"CVE-2022-1966\");\n script_xref(name:\"RHSA\", value:\"RHSA-2022:5232\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL7.x x86_64 (2022:5232)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Scientific Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SLSA-2022:5232-1 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-1966)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.scientificlinux.org/category/sl-errata/slsa-20225232-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fermilab:scientific_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Scientific Linux' >!< release) audit(AUDIT_OS_NOT, 'Scientific Linux');\nvar os_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Scientific Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Scientific Linux 7.x', 'Scientific Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Scientific Linux', cpu);\n\nvar pkgs = [\n {'reference':'bpftool-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-debuginfo-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-1160.71.1.el7', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-debuginfo-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'SL7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / bpftool-debuginfo / kernel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:33:36", "description": "The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:5232 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-1966)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-02T00:00:00", "type": "nessus", "title": "CentOS 7 : kernel (CESA-2022:5232)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729", "CVE-2022-1966"], "modified": "2022-08-02T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bpftool", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-tools", "p-cpe:/a:centos:centos:kernel-tools-libs", "p-cpe:/a:centos:centos:kernel-tools-libs-devel", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2022-5232.NASL", "href": "https://www.tenable.com/plugins/nessus/163735", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5232 and\n# CentOS Errata and Security Advisory 2022:5232 respectively.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163735);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/08/02\");\n\n script_cve_id(\"CVE-2022-1729\", \"CVE-2022-1966\");\n script_xref(name:\"RHSA\", value:\"2022:5232\");\n\n script_name(english:\"CentOS 7 : kernel (CESA-2022:5232)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2022:5232 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-1966)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://lists.centos.org/pipermail/centos-announce/2022-August/073620.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?546ed734\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(362, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'CentOS 7.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'bpftool-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-1160.71.1.el7', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1160.71.1.el7', 'cpu':'x86_64', 'release':'CentOS-7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:25", "description": "The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5249 advisory.\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. (CVE-2022-1966)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-07T00:00:00", "type": "nessus", "title": "Oracle Linux 9 : kernel (ELSA-2022-5249)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1012", "CVE-2022-1729", "CVE-2022-1966", "CVE-2022-27666", "CVE-2022-32250"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bpftool", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-stablelists", "p-cpe:/a:oracle:linux:kernel-core", "p-cpe:/a:oracle:linux:kernel-cross-headers", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-core", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-debug-devel-matched", "p-cpe:/a:oracle:linux:kernel-debug-modules", "p-cpe:/a:oracle:linux:kernel-debug-modules-extra", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-devel-matched", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-modules", "p-cpe:/a:oracle:linux:kernel-modules-extra", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python3-perf", "cpe:/o:oracle:linux:9"], "id": "ORACLELINUX_ELSA-2022-5249.NASL", "href": "https://www.tenable.com/plugins/nessus/162791", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-5249.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162791);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-1012\",\n \"CVE-2022-1729\",\n \"CVE-2022-1966\",\n \"CVE-2022-27666\"\n );\n\n script_name(english:\"Oracle Linux 9 : kernel (ELSA-2022-5249)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2022-5249 advisory.\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a\n duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this\n candidate. All references and descriptions in this candidate have been removed to prevent accidental\n usage. (CVE-2022-1966)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak\n (CVE-2022-1012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-5249.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel-matched\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel-matched\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.14.0-70.17.1.0.1.el9_0'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-5249');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.14';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'bpftool-5.14.0-70.17.1.0.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.14.0'},\n {'reference':'kernel-abi-stablelists-5.14.0-70.17.1.0.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-stablelists-5.14.0'},\n {'reference':'kernel-core-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-core-5.14.0'},\n {'reference':'kernel-cross-headers-5.14.0-70.17.1.0.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-cross-headers-5.14.0'},\n {'reference':'kernel-cross-headers-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-cross-headers-5.14.0'},\n {'reference':'kernel-debug-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-5.14.0'},\n {'reference':'kernel-debug-core-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-core-5.14.0'},\n {'reference':'kernel-debug-devel-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-5.14.0'},\n {'reference':'kernel-debug-devel-matched-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-matched-5.14.0'},\n {'reference':'kernel-debug-modules-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-5.14.0'},\n {'reference':'kernel-debug-modules-extra-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-extra-5.14.0'},\n {'reference':'kernel-devel-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-5.14.0'},\n {'reference':'kernel-devel-matched-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-matched-5.14.0'},\n {'reference':'kernel-headers-5.14.0-70.17.1.0.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-5.14.0'},\n {'reference':'kernel-headers-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-5.14.0'},\n {'reference':'kernel-modules-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-5.14.0'},\n {'reference':'kernel-modules-extra-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-extra-5.14.0'},\n {'reference':'kernel-tools-5.14.0-70.17.1.0.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-5.14.0'},\n {'reference':'kernel-tools-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-5.14.0'},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.0.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-5.14.0'},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-5.14.0'},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.0.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-5.14.0'},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-5.14.0'},\n {'reference':'perf-5.14.0-70.17.1.0.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-5.14.0-70.17.1.0.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-5.14.0-70.17.1.0.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-stablelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:39", "description": "The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5267 advisory.\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-28T00:00:00", "type": "nessus", "title": "RHEL 9 : kernel-rt (RHSA-2022:5267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1012", "CVE-2022-1729", "CVE-2022-1966", "CVE-2022-27666", "CVE-2022-32250"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "cpe:/o:redhat:rhel_e4s:9.0", "cpe:/o:redhat:rhel_eus:9.0", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra"], "id": "REDHAT-RHSA-2022-5267.NASL", "href": "https://www.tenable.com/plugins/nessus/162574", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5267. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162574);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\n \"CVE-2022-1012\",\n \"CVE-2022-1729\",\n \"CVE-2022-1966\",\n \"CVE-2022-27666\"\n );\n script_xref(name:\"RHSA\", value:\"2022:5267\");\n\n script_name(english:\"RHEL 9 : kernel-rt (RHSA-2022:5267)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5267 advisory.\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak\n (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(119, 122, 200, 362, 366, 416, 497);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1012', 'CVE-2022-1729', 'CVE-2022-1966', 'CVE-2022-27666', 'CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5267');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-rt-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-core-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-core-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-extra-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-extra-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel9/9.0/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.0/x86_64/appstream/os',\n 'content/e4s/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.0/x86_64/baseos/os',\n 'content/e4s/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/nfv/debug',\n 'content/e4s/rhel9/9.0/x86_64/nfv/os',\n 'content/e4s/rhel9/9.0/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/rt/debug',\n 'content/e4s/rhel9/9.0/x86_64/rt/os',\n 'content/e4s/rhel9/9.0/x86_64/rt/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap/os',\n 'content/e4s/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/appstream/debug',\n 'content/eus/rhel9/9.0/x86_64/appstream/os',\n 'content/eus/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/baseos/debug',\n 'content/eus/rhel9/9.0/x86_64/baseos/os',\n 'content/eus/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.0/x86_64/highavailability/os',\n 'content/eus/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap/debug',\n 'content/eus/rhel9/9.0/x86_64/sap/os',\n 'content/eus/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.0/x86_64/supplementary/os',\n 'content/eus/rhel9/9.0/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-rt-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-core-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-core-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-extra-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-extra-5.14.0-70.17.1.rt21.89.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:29:30", "description": "The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5249 advisory.\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-01T00:00:00", "type": "nessus", "title": "RHEL 9 : kernel (RHSA-2022:5249)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1012", "CVE-2022-1729", "CVE-2022-1966", "CVE-2022-27666", "CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "cpe:/o:redhat:rhel_e4s:9.0", "cpe:/o:redhat:rhel_eus:9.0", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-stablelists", "p-cpe:/a:redhat:enterprise_linux:kernel-core", "p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel-matched", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel-matched", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel-matched", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python3-perf"], "id": "REDHAT-RHSA-2022-5249.NASL", "href": "https://www.tenable.com/plugins/nessus/162652", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5249. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162652);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2022-1012\",\n \"CVE-2022-1729\",\n \"CVE-2022-1966\",\n \"CVE-2022-27666\"\n );\n script_xref(name:\"RHSA\", value:\"2022:5249\");\n\n script_name(english:\"RHEL 9 : kernel (RHSA-2022:5249)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5249 advisory.\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak\n (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5249\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(119, 122, 200, 362, 366, 416, 497);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel-matched\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel-matched\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel-matched\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1012', 'CVE-2022-1729', 'CVE-2022-1966', 'CVE-2022-27666', 'CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5249');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/aarch64/appstream/debug',\n 'content/dist/rhel9/9/aarch64/appstream/os',\n 'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/baseos/debug',\n 'content/dist/rhel9/9/aarch64/baseos/os',\n 'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/codeready-builder/debug',\n 'content/dist/rhel9/9/aarch64/codeready-builder/os',\n 'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/highavailability/debug',\n 'content/dist/rhel9/9/aarch64/highavailability/os',\n 'content/dist/rhel9/9/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/supplementary/debug',\n 'content/dist/rhel9/9/aarch64/supplementary/os',\n 'content/dist/rhel9/9/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/s390x/appstream/debug',\n 'content/dist/rhel9/9/s390x/appstream/os',\n 'content/dist/rhel9/9/s390x/appstream/source/SRPMS',\n 'content/dist/rhel9/9/s390x/baseos/debug',\n 'content/dist/rhel9/9/s390x/baseos/os',\n 'content/dist/rhel9/9/s390x/baseos/source/SRPMS',\n 'content/dist/rhel9/9/s390x/codeready-builder/debug',\n 'content/dist/rhel9/9/s390x/codeready-builder/os',\n 'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/s390x/highavailability/debug',\n 'content/dist/rhel9/9/s390x/highavailability/os',\n 'content/dist/rhel9/9/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/s390x/resilientstorage/debug',\n 'content/dist/rhel9/9/s390x/resilientstorage/os',\n 'content/dist/rhel9/9/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/s390x/sap/debug',\n 'content/dist/rhel9/9/s390x/sap/os',\n 'content/dist/rhel9/9/s390x/sap/source/SRPMS',\n 'content/dist/rhel9/9/s390x/supplementary/debug',\n 'content/dist/rhel9/9/s390x/supplementary/os',\n 'content/dist/rhel9/9/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-stablelists-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-matched-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-matched-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.el9_0', 'cpu':'ppc64le', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.el9_0', 'cpu':'ppc64le', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-5.14.0-70.17.1.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-core-5.14.0-70.17.1.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-devel-5.14.0-70.17.1.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-devel-matched-5.14.0-70.17.1.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-5.14.0-70.17.1.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-extra-5.14.0-70.17.1.el9_0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel9/9.0/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.0/aarch64/appstream/os',\n 'content/e4s/rhel9/9.0/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.0/aarch64/baseos/os',\n 'content/e4s/rhel9/9.0/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/appstream/debug',\n 'content/e4s/rhel9/9.0/s390x/appstream/os',\n 'content/e4s/rhel9/9.0/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/baseos/debug',\n 'content/e4s/rhel9/9.0/s390x/baseos/os',\n 'content/e4s/rhel9/9.0/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.0/s390x/highavailability/os',\n 'content/e4s/rhel9/9.0/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/sap/debug',\n 'content/e4s/rhel9/9.0/s390x/sap/os',\n 'content/e4s/rhel9/9.0/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.0/x86_64/appstream/os',\n 'content/e4s/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.0/x86_64/baseos/os',\n 'content/e4s/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/nfv/debug',\n 'content/e4s/rhel9/9.0/x86_64/nfv/os',\n 'content/e4s/rhel9/9.0/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/rt/debug',\n 'content/e4s/rhel9/9.0/x86_64/rt/os',\n 'content/e4s/rhel9/9.0/x86_64/rt/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap/os',\n 'content/e4s/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/appstream/debug',\n 'content/eus/rhel9/9.0/aarch64/appstream/os',\n 'content/eus/rhel9/9.0/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/baseos/debug',\n 'content/eus/rhel9/9.0/aarch64/baseos/os',\n 'content/eus/rhel9/9.0/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.0/aarch64/highavailability/os',\n 'content/eus/rhel9/9.0/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.0/aarch64/supplementary/os',\n 'content/eus/rhel9/9.0/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.0/ppc64le/appstream/os',\n 'content/eus/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.0/ppc64le/baseos/os',\n 'content/eus/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap/os',\n 'content/eus/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/appstream/debug',\n 'content/eus/rhel9/9.0/s390x/appstream/os',\n 'content/eus/rhel9/9.0/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/baseos/debug',\n 'content/eus/rhel9/9.0/s390x/baseos/os',\n 'content/eus/rhel9/9.0/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/highavailability/debug',\n 'content/eus/rhel9/9.0/s390x/highavailability/os',\n 'content/eus/rhel9/9.0/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/sap/debug',\n 'content/eus/rhel9/9.0/s390x/sap/os',\n 'content/eus/rhel9/9.0/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/supplementary/debug',\n 'content/eus/rhel9/9.0/s390x/supplementary/os',\n 'content/eus/rhel9/9.0/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/appstream/debug',\n 'content/eus/rhel9/9.0/x86_64/appstream/os',\n 'content/eus/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/baseos/debug',\n 'content/eus/rhel9/9.0/x86_64/baseos/os',\n 'content/eus/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.0/x86_64/highavailability/os',\n 'content/eus/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap/debug',\n 'content/eus/rhel9/9.0/x86_64/sap/os',\n 'content/eus/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.0/x86_64/supplementary/os',\n 'content/eus/rhel9/9.0/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-stablelists-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-matched-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-matched-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'ppc64le', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'ppc64le', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-core-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-devel-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-devel-matched-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-extra-5.14.0-70.17.1.el9_0', 'sp':'0', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-5.14.0-70.17.1.el9_0', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-stablelists / kernel-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:15", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5224 advisory.\n\n - kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-28T00:00:00", "type": "nessus", "title": "RHEL 8 : kernel-rt (RHSA-2022:5224)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-29368", "CVE-2022-1012", "CVE-2022-1729", "CVE-2022-1966", "CVE-2022-27666", "CVE-2022-32250"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules"], "id": "REDHAT-RHSA-2022-5224.NASL", "href": "https://www.tenable.com/plugins/nessus/162571", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5224. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162571);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\n \"CVE-2020-29368\",\n \"CVE-2022-1012\",\n \"CVE-2022-1729\",\n \"CVE-2022-1966\",\n \"CVE-2022-27666\"\n );\n script_xref(name:\"RHSA\", value:\"2022:5224\");\n\n script_name(english:\"RHEL 8 : kernel-rt (RHSA-2022:5224)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5224 advisory.\n\n - kernel: the copy-on-write implementation can grant unintended write access because of a race condition in\n a THP mapcount check (CVE-2020-29368)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak\n (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-29368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5224\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1903244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(119, 122, 200, 362, 366, 416, 497);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2020-29368', 'CVE-2022-1012', 'CVE-2022-1729', 'CVE-2022-1966', 'CVE-2022-27666', 'CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5224');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-rt-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-core-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-core-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-extra-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-extra-4.18.0-193.87.1.rt13.137.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:29:29", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5220 advisory.\n\n - kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-28T00:00:00", "type": "nessus", "title": "RHEL 8 : kernel (RHSA-2022:5220)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-29368", "CVE-2022-1012", "CVE-2022-1729", "CVE-2022-1966", "CVE-2022-27666", "CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-core", "p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python3-perf"], "id": "REDHAT-RHSA-2022-5220.NASL", "href": "https://www.tenable.com/plugins/nessus/162582", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5220. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162582);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2020-29368\",\n \"CVE-2022-1012\",\n \"CVE-2022-1729\",\n \"CVE-2022-1966\",\n \"CVE-2022-27666\"\n );\n script_xref(name:\"RHSA\", value:\"2022:5220\");\n\n script_name(english:\"RHEL 8 : kernel (RHSA-2022:5220)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5220 advisory.\n\n - kernel: the copy-on-write implementation can grant unintended write access because of a race condition in\n a THP mapcount check (CVE-2020-29368)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak\n (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-29368\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5220\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1903244\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(119, 122, 200, 362, 366, 416, 497);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2020-29368', 'CVE-2022-1012', 'CVE-2022-1729', 'CVE-2022-1966', 'CVE-2022-27666', 'CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5220');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-core-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-devel-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-extra-4.18.0-193.87.1.el8_2', 'sp':'2', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-193.87.1.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:51", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2214-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-29T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 19 for SLE 15 SP3) (SUSE-SU-2022:2214-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1116", "CVE-2022-1966", "CVE-2022-32250"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_71-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2214-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162608", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2214-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162608);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\"CVE-2022-1116\", \"CVE-2022-1966\", \"CVE-2022-32250\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2214-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 19 for SLE 15 SP3) (SUSE-SU-2022:2214-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:2214-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause\n memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to\n 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200268\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-June/011372.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f3159cd1\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-150300_59_71-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_71-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar kernel_live_checks = [\n {\n 'kernels': {\n '5.3.18-150300.59.71-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-150300_59_71-default-2-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n }\n }\n }\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var package_array ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-150300_59_71-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T20:29:08", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5476 advisory.\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-01T00:00:00", "type": "nessus", "title": "RHEL 8 : kpatch-patch (RHSA-2022:5476)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1966", "CVE-2022-27666", "CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_60_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_64_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_65_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_68_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_70_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_71_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_75_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_79_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_80_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_81_1"], "id": "REDHAT-RHSA-2022-5476.NASL", "href": "https://www.tenable.com/plugins/nessus/162659", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5476. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162659);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-1966\", \"CVE-2022-27666\");\n script_xref(name:\"RHSA\", value:\"2022:5476\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2022:5476)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5476 advisory.\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-27666\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(119, 122, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_60_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_64_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_65_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_68_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_70_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_71_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_75_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_79_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_80_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_81_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-193.60.2.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_60_2-1-7.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.60.2.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_60_2-1-7.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.64.1.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_64_1-1-6.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.64.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_64_1-1-6.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.65.2.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_65_2-1-5.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.65.2.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_65_2-1-5.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.68.1.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_68_1-1-5.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.68.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_68_1-1-5.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.70.1.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_70_1-1-4.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.70.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_70_1-1-4.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.71.1.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_71_1-1-4.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.71.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_71_1-1-4.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.75.1.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_75_1-1-3.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.75.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_75_1-1-3.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.79.1.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_79_1-1-2.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.79.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_79_1-1-2.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.80.1.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_80_1-1-1.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.80.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_80_1-1-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.81.1.el8_2.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_81_1-1-1.el8_2', 'sp':'2', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.81.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_81_1-1-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-193_60_2 / kpatch-patch-4_18_0-193_64_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:29:30", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5636 advisory.\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-20T00:00:00", "type": "nessus", "title": "RHEL 8 : kernel (RHSA-2022:5636)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1012", "CVE-2022-1729", "CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-core", "p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python3-perf"], "id": "REDHAT-RHSA-2022-5636.NASL", "href": "https://www.tenable.com/plugins/nessus/163284", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5636. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163284);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-1012\", \"CVE-2022-1729\", \"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:5636\");\n\n script_name(english:\"RHEL 8 : kernel (RHSA-2022:5636)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5636 advisory.\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak\n (CVE-2022-1012)\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5636\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(200, 366, 416, 497);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1012', 'CVE-2022-1729', 'CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5636');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-4.18.0-147.70.1.el8_1', 'sp':'1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-147.70.1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:52", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2230-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-02T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 15 for SLE 15 SP2) (SUSE-SU-2022:2230-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1116", "CVE-2022-1734", "CVE-2022-1966", "CVE-2022-32250"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150200_24_112-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_102-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_107-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_53_4-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_70-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_75-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_78-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_83-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_86-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_93-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_96-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_99-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2230-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162694", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2230-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162694);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2022-1116\",\n \"CVE-2022-1734\",\n \"CVE-2022-1966\",\n \"CVE-2022-32250\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2230-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 15 for SLE 15 SP2) (SUSE-SU-2022:2230-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:2230-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause\n memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to\n 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use\n after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200268\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-July/011378.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c4c8c6f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150200_24_112-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_102-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_107-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_53_4-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_70-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_75-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_78-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_83-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_86-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_93-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_96-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_99-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar kernel_live_checks = [\n {\n 'kernels': {\n '5.3.18-150200.24.112-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-150200_24_112-default-4-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.102-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_102-default-9-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.107-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_107-default-8-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.53.4-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_53_4-default-17-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.70-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_70-default-17-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.75-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_75-default-16-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.78-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_78-default-15-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.83-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_83-default-13-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.86-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_86-default-13-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.93-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_93-default-12-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.96-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_96-default-11-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n },\n '5.3.18-24.99-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-24_99-default-10-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n ]\n }\n }\n }\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var package_array ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-150200_24_112-default / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:29:45", "description": "The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:5214 advisory.\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-28T00:00:00", "type": "nessus", "title": "RHEL 9 : kpatch-patch (RHSA-2022:5214)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1012", "CVE-2022-1966", "CVE-2022-27666", "CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "cpe:/o:redhat:rhel_e4s:9.0", "cpe:/o:redhat:rhel_eus:9.0", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-5_14_0-70_13_1"], "id": "REDHAT-RHSA-2022-5214.NASL", "href": "https://www.tenable.com/plugins/nessus/162575", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5214. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162575);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-1012\", \"CVE-2022-1966\", \"CVE-2022-27666\");\n script_xref(name:\"RHSA\", value:\"2022:5214\");\n\n script_name(english:\"RHEL 9 : kpatch-patch (RHSA-2022:5214)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5214 advisory.\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak\n (CVE-2022-1012)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2061633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2064604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kpatch-patch-5_14_0-70_13_1 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(119, 122, 200, 416, 497);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-5_14_0-70_13_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'kernels': {\n '5.14.0-70.13.1.el9_0.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-5_14_0-70_13_1-1-1.el9_0', 'cpu':'ppc64le', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '5.14.0-70.13.1.el9_0.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-5_14_0-70_13_1-1-1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n },\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel9/9.0/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.0/x86_64/appstream/os',\n 'content/e4s/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.0/x86_64/baseos/os',\n 'content/e4s/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/nfv/debug',\n 'content/e4s/rhel9/9.0/x86_64/nfv/os',\n 'content/e4s/rhel9/9.0/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/rt/debug',\n 'content/e4s/rhel9/9.0/x86_64/rt/os',\n 'content/e4s/rhel9/9.0/x86_64/rt/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap/os',\n 'content/e4s/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.0/ppc64le/appstream/os',\n 'content/eus/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.0/ppc64le/baseos/os',\n 'content/eus/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap/os',\n 'content/eus/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/appstream/debug',\n 'content/eus/rhel9/9.0/x86_64/appstream/os',\n 'content/eus/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/baseos/debug',\n 'content/eus/rhel9/9.0/x86_64/baseos/os',\n 'content/eus/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.0/x86_64/highavailability/os',\n 'content/eus/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap/debug',\n 'content/eus/rhel9/9.0/x86_64/sap/os',\n 'content/eus/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.0/x86_64/supplementary/os',\n 'content/eus/rhel9/9.0/x86_64/supplementary/source/SRPMS'\n ],\n 'kernels': {\n '5.14.0-70.13.1.el9_0.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-5_14_0-70_13_1-1-1.el9_0', 'sp':'0', 'cpu':'ppc64le', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '5.14.0-70.13.1.el9_0.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-5_14_0-70_13_1-1-1.el9_0', 'sp':'0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-5_14_0-70_13_1');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:22", "description": "The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5267 advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-16T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : kernel-rt (ALSA-2022:5267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1012", "CVE-2022-1729", "CVE-2022-1966", "CVE-2022-27666"], "modified": "2022-11-17T00:00:00", "cpe": ["p-cpe:/a:alma:linux:kernel-rt", "p-cpe:/a:alma:linux:kernel-rt-core", "p-cpe:/a:alma:linux:kernel-rt-debug", "p-cpe:/a:alma:linux:kernel-rt-debug-core", "p-cpe:/a:alma:linux:kernel-rt-debug-devel", "p-cpe:/a:alma:linux:kernel-rt-debug-kvm", "p-cpe:/a:alma:linux:kernel-rt-debug-modules", "p-cpe:/a:alma:linux:kernel-rt-debug-modules-extra", "p-cpe:/a:alma:linux:kernel-rt-devel", "p-cpe:/a:alma:linux:kernel-rt-kvm", "p-cpe:/a:alma:linux:kernel-rt-modules", "p-cpe:/a:alma:linux:kernel-rt-modules-extra", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::nfv", "cpe:/o:alma:linux:9::realtime"], "id": "ALMA_LINUX_ALSA-2022-5267.NASL", "href": "https://www.tenable.com/plugins/nessus/167715", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:5267.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167715);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/17\");\n\n script_cve_id(\n \"CVE-2022-1012\",\n \"CVE-2022-1729\",\n \"CVE-2022-1966\",\n \"CVE-2022-27666\"\n );\n script_xref(name:\"ALSA\", value:\"2022:5267\");\n\n script_name(english:\"AlmaLinux 9 : kernel-rt (ALSA-2022:5267)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:5267 advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2022-5267.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(119, 200, 362, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-rt-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::nfv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::realtime\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1012', 'CVE-2022-1729', 'CVE-2022-1966', 'CVE-2022-27666');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ALSA-2022:5267');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-rt-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-core-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-core-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-extra-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-extra-5.14.0-70.17.1.rt21.89.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:37:46", "description": "The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5249 advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-16T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : kernel (ALSA-2022:5249)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1012", "CVE-2022-1729", "CVE-2022-1966", "CVE-2022-27666"], "modified": "2022-11-17T00:00:00", "cpe": ["p-cpe:/a:alma:linux:bpftool", "p-cpe:/a:alma:linux:kernel", "p-cpe:/a:alma:linux:kernel-abi-stablelists", "p-cpe:/a:alma:linux:kernel-core", "p-cpe:/a:alma:linux:kernel-debug-devel", "p-cpe:/a:alma:linux:kernel-cross-headers", "p-cpe:/a:alma:linux:kernel-debug-devel-matched", "p-cpe:/a:alma:linux:kernel-debug", "p-cpe:/a:alma:linux:kernel-debug-modules", "p-cpe:/a:alma:linux:kernel-debug-modules-extra", "p-cpe:/a:alma:linux:kernel-debug-core", "p-cpe:/a:alma:linux:kernel-devel", "cpe:/o:alma:linux:9::crb", "p-cpe:/a:alma:linux:kernel-devel-matched", "p-cpe:/a:alma:linux:kernel-headers", "p-cpe:/a:alma:linux:kernel-modules", "p-cpe:/a:alma:linux:kernel-modules-extra", "p-cpe:/a:alma:linux:kernel-tools", "p-cpe:/a:alma:linux:kernel-tools-libs", "p-cpe:/a:alma:linux:kernel-tools-libs-devel", "p-cpe:/a:alma:linux:kernel-zfcpdump", "p-cpe:/a:alma:linux:kernel-zfcpdump-core", "p-cpe:/a:alma:linux:kernel-zfcpdump-devel", "p-cpe:/a:alma:linux:kernel-zfcpdump-devel-matched", "p-cpe:/a:alma:linux:kernel-zfcpdump-modules", "p-cpe:/a:alma:linux:kernel-zfcpdump-modules-extra", "p-cpe:/a:alma:linux:perf", "p-cpe:/a:alma:linux:python3-perf", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::appstream", "cpe:/o:alma:linux:9::baseos"], "id": "ALMA_LINUX_ALSA-2022-5249.NASL", "href": "https://www.tenable.com/plugins/nessus/167707", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:5249.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167707);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/17\");\n\n script_cve_id(\n \"CVE-2022-1012\",\n \"CVE-2022-1729\",\n \"CVE-2022-1966\",\n \"CVE-2022-27666\"\n );\n script_xref(name:\"ALSA\", value:\"2022:5249\");\n\n script_name(english:\"AlmaLinux 9 : kernel (ALSA-2022:5249)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2022:5249 advisory.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2022-5249.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n script_cwe_id(119, 200, 362, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-debug-devel-matched\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-devel-matched\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-zfcpdump-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-zfcpdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-zfcpdump-devel-matched\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-zfcpdump-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel-zfcpdump-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::baseos\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::crb\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1012', 'CVE-2022-1729', 'CVE-2022-1966', 'CVE-2022-27666');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ALSA-2022:5249');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-stablelists-5.14.0-70.17.1.el9_0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-matched-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-matched-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-matched-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-matched-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-core-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-core-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-devel-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-devel-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-devel-matched-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-devel-matched-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-extra-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-zfcpdump-modules-extra-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-5.14.0-70.17.1.el9_0', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-5.14.0-70.17.1.el9_0', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-stablelists / kernel-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:53", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2262-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-05T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 17 for SLE 15 SP3) (SUSE-SU-2022:2262-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1116", "CVE-2022-1734", "CVE-2022-1966", "CVE-2022-1972", "CVE-2022-32250"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_63-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_10-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_13-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_16-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_19-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2262-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162715", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2262-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162715);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2022-1116\",\n \"CVE-2022-1734\",\n \"CVE-2022-1966\",\n \"CVE-2022-1972\",\n \"CVE-2022-32250\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2262-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 17 for SLE 15 SP3) (SUSE-SU-2022:2262-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:2262-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause\n memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to\n 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use\n after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200268\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-July/011390.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5437289a\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_63-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_10-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_13-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_16-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_19-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar kernel_live_checks = [\n {\n 'kernels': {\n '5.3.18-150300.59.63-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-150300_59_63-default-4-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.10-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_10-default-17-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.13-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_13-default-17-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.16-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_16-default-16-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.19-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_19-default-15-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n }\n }\n }\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var package_array ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-150300_59_63-default / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:16", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2239-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-02T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2022:2239-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1116", "CVE-2022-1734", "CVE-2022-1966", "CVE-2022-1972", "CVE-2022-32250"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_43-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_46-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-57-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_34-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_37-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_5-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2239-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162692", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2239-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162692);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2022-1116\",\n \"CVE-2022-1734\",\n \"CVE-2022-1966\",\n \"CVE-2022-1972\",\n \"CVE-2022-32250\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2239-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2022:2239-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:2239-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause\n memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to\n 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use\n after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200268\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-July/011376.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8d7ad003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_43-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_46-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-57-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_34-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_37-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_5-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar kernel_live_checks = [\n {\n 'kernels': {\n '5.3.18-150300.59.43-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-150300_59_43-default-10-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-150300.59.46-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-150300_59_46-default-10-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-57-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-57-default-19-150200.3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.34-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_34-default-12-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.37-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_37-default-11-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.5-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_5-default-17-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n }\n }\n }\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var package_array ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-150300_59_43-default / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:53", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2245-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-04T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP3) (SUSE-SU-2022:2245-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1116", "CVE-2022-1734", "CVE-2022-1966", "CVE-2022-1972", "CVE-2022-32250"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_54-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_24-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_27-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_40-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2245-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162707", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2245-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162707);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2022-1116\",\n \"CVE-2022-1734\",\n \"CVE-2022-1966\",\n \"CVE-2022-1972\",\n \"CVE-2022-32250\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2245-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP3) (SUSE-SU-2022:2245-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:2245-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause\n memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to\n 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use\n after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200268\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-July/011382.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?07982bf2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-150300_59_54-default, kernel-livepatch-5_3_18-59_24-default, kernel-\nlivepatch-5_3_18-59_27-default and / or kernel-livepatch-5_3_18-59_40-default packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_54-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_24-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_27-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_40-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar kernel_live_checks = [\n {\n 'kernels': {\n '5.3.18-150300.59.54-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-150300_59_54-default-8-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.24-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_24-default-13-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.27-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_27-default-13-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-59.40-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-59_40-default-11-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n }\n }\n }\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var package_array ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-150300_59_54-default / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:29:29", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:5439 advisory.\n\n - zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. (CVE-2018-25032)\n\n - gzip: arbitrary-file-write vulnerability (CVE-2022-1271)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write) (CVE-2022-1966)\n\n - rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-01T00:00:00", "type": "nessus", "title": "RHEL 7 : RHV-H security update (redhat-virtualization-host) 4.3.23 (Important) (RHSA-2022:5439)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-25032", "CVE-2022-1271", "CVE-2022-1966", "CVE-2022-24903", "CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update"], "id": "REDHAT-RHSA-2022-5439.NASL", "href": "https://www.tenable.com/plugins/nessus/162657", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5439. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162657);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2018-25032\",\n \"CVE-2022-1271\",\n \"CVE-2022-1966\",\n \"CVE-2022-24903\",\n \"CVE-2022-32250\"\n );\n script_xref(name:\"RHSA\", value:\"2022:5439\");\n\n script_name(english:\"RHEL 7 : RHV-H security update (redhat-virtualization-host) 4.3.23 (Important) (RHSA-2022:5439)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:5439 advisory.\n\n - zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many\n distant matches. (CVE-2018-25032)\n\n - gzip: arbitrary-file-write vulnerability (CVE-2022-1271)\n\n - kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)\n (CVE-2022-1966)\n\n - rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-25032\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1271\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-24903\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2073310\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2081353\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2093146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected redhat-virtualization-host-image-update package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1271\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 179, 416, 787, 1173);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redhat-virtualization-host-image-update\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhv-mgmt-agent/4/debug',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhv-mgmt-agent/4/os',\n 'content/dist/rhel-alt/server/7/7Server/power9/ppc64le/rhv-mgmt-agent/4/source/SRPMS',\n 'content/dist/rhel/power-le/7/7.3/ppc64le/rhev-mgmt-agent/3/debug',\n 'content/dist/rhel/power-le/7/7.3/ppc64le/rhev-mgmt-agent/3/os',\n 'content/dist/rhel/power-le/7/7.3/ppc64le/rhev-mgmt-agent/3/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhev-mgmt-agent/3/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhev-mgmt-agent/3/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhev-mgmt-agent/3/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhev-tools/3/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhev-tools/3/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhev-tools/3/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhv-mgmt-agent/4/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhv-mgmt-agent/4/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhv-mgmt-agent/4/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhv-tools/4/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhv-tools/4/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/rhv-tools/4/source/SRPMS',\n 'content/dist/rhel/power/7/7Server/ppc64/rhev-tools/3/debug',\n 'content/dist/rhel/power/7/7Server/ppc64/rhev-tools/3/os',\n 'content/dist/rhel/power/7/7Server/ppc64/rhev-tools/3/source/SRPMS',\n 'content/dist/rhel/server/7/7.3/x86_64/rhev-mgmt-agent/3/debug',\n 'content/dist/rhel/server/7/7.3/x86_64/rhev-mgmt-agent/3/os',\n 'content/dist/rhel/server/7/7.3/x86_64/rhev-mgmt-agent/3/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhev-mgmt-agent/3/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhev-mgmt-agent/3/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhev-mgmt-agent/3/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhevh/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhevh/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhevh/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-manager-tools/4/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-manager-tools/4/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-manager-tools/4/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-mgmt-agent/4.3/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-mgmt-agent/4.3/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-mgmt-agent/4.3/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-mgmt-agent/4/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-mgmt-agent/4/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-mgmt-agent/4/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-tools/4/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-tools/4/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhv-tools/4/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh-build/4.3/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh-build/4.3/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh-build/4.3/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh-build/4/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh-build/4/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh-build/4/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh/4.3/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh/4.3/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh/4.3/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh/4/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh/4/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rhvh/4/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'redhat-virtualization-host-image-update-4.3.23-20220622.0.el7_9', 'release':'7', 'el_string':'el7_9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'redhat-release-virtualization-host-4'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'redhat-virtualization-host-image-update');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:15", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2216-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-29T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 14 for SLE 15 SP3) (SUSE-SU-2022:2216-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1116", "CVE-2022-1734", "CVE-2022-1966", "CVE-2022-1972", "CVE-2022-32250"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_49-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_60-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_68-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2216-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162607", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2216-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162607);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\n \"CVE-2022-1116\",\n \"CVE-2022-1734\",\n \"CVE-2022-1966\",\n \"CVE-2022-1972\",\n \"CVE-2022-32250\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2216-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 14 for SLE 15 SP3) (SUSE-SU-2022:2216-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:2216-1 advisory.\n\n - Integer Overflow or Wraparound vulnerability in io_uring of Linux Kernel allows local attacker to cause\n memory corruption and escalate privileges to root. This issue affects: Linux Kernel versions prior to\n 5.4.189; version 5.4.24 and later versions. (CVE-2022-1116)\n\n - A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use\n after free both read or write when non synchronized between cleanup routine and firmware download routine.\n (CVE-2022-1734)\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199606\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200266\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200268\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-June/011374.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?06c16958\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1966\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1972\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-150300_59_49-default, kernel-livepatch-5_3_18-150300_59_60-default and / or\nkernel-livepatch-5_3_18-150300_59_68-default packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_49-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_60-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_68-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar kernel_live_checks = [\n {\n 'kernels': {\n '5.3.18-150300.59.49-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-150300_59_49-default-9-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-150300.59.60-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-150300_59_60-default-7-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n },\n '5.3.18-150300.59.68-default': {\n 'pkgs': [\n {'reference':'kernel-livepatch-5_3_18-150300_59_68-default-3-150300.2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n ]\n }\n }\n }\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var package_array ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-150300_59_49-default / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:31:15", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5839 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-03T00:00:00", "type": "nessus", "title": "RHEL 8 : kpatch-patch (RHSA-2022:5839)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_13_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_16_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_9_1"], "id": "REDHAT-RHSA-2022-5839.NASL", "href": "https://www.tenable.com/plugins/nessus/163794", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5839. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163794);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:5839\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2022:5839)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:5839 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5839\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kpatch-patch-4_18_0-372_13_1, kpatch-patch-4_18_0-372_16_1 and / or kpatch-patch-4_18_0-372_9_1\npackages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_13_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_16_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_9_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-372.13.1.el8_6.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_13_1-1-1.el8_6', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.13.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_13_1-1-1.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.16.1.el8_6.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_16_1-1-1.el8_6', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.16.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_16_1-1-1.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.9.1.el8.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_9_1-1-2.el8', 'sp':'6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.9.1.el8.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_9_1-1-2.el8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-372.13.1.el8_6.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_13_1-1-1.el8_6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.13.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_13_1-1-1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.16.1.el8_6.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_16_1-1-1.el8_6', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.16.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_16_1-1-1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.9.1.el8.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_9_1-1-2.el8', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.9.1.el8.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_9_1-1-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-372_13_1 / kpatch-patch-4_18_0-372_16_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:31:35", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6073 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-16T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2022:6073)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf", "cpe:/o:redhat:rhel_aus:7.7", "cpe:/o:redhat:rhel_e4s:7.7", "cpe:/o:redhat:rhel_tus:7.7", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools"], "id": "REDHAT-RHSA-2022-6073.NASL", "href": "https://www.tenable.com/plugins/nessus/164151", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:6073. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164151);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:6073\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2022:6073)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:6073 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:6073\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.7')) audit(AUDIT_OS_NOT, 'Red Hat 7.7', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:6073');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.7/x86_64/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.7/x86_64/os',\n 'content/aus/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.7/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/os',\n 'content/tus/rhel/server/7/7.7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-1062.68.1.el7', 'sp':'7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.7/x86_64/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.7/x86_64/os',\n 'content/aus/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/os',\n 'content/tus/rhel/server/7/7.7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-bootwrapper-3.10.0-1062.68.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-bootwrapper / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:30:44", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6075 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-16T00:00:00", "type": "nessus", "title": "RHEL 7 : kpatch-patch (RHSA-2022:6075)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:7.7", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_56_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_59_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_61_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_63_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_66_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_67_1"], "id": "REDHAT-RHSA-2022-6075.NASL", "href": "https://www.tenable.com/plugins/nessus/164152", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:6075. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164152);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:6075\");\n\n script_name(english:\"RHEL 7 : kpatch-patch (RHSA-2022:6075)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:6075 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:6075\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_56_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_59_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_61_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_63_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_66_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1062_67_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.7')) audit(AUDIT_OS_NOT, 'Red Hat 7.7', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.7/x86_64/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.7/x86_64/os',\n 'content/aus/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/os',\n 'content/tus/rhel/server/7/7.7/x86_64/source/SRPMS'\n ],\n 'kernels': {\n '3.10.0-1062.56.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_56_1-1-6.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.56.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_56_1-1-6.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.59.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_59_1-1-4.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.59.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_59_1-1-4.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.61.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_61_1-1-4.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.61.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_61_1-1-4.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.63.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_63_1-1-3.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.63.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_63_1-1-3.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.66.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_66_1-1-2.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.66.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_66_1-1-2.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.67.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_67_1-1-1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1062.67.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1062_67_1-1-1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-3_10_0-1062_56_1 / kpatch-patch-3_10_0-1062_59_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:30:14", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5641 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-20T00:00:00", "type": "nessus", "title": "RHEL 8 : kpatch-patch (RHSA-2022:5641)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_30_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_34_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_40_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_40_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_45_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_49_1"], "id": "REDHAT-RHSA-2022-5641.NASL", "href": "https://www.tenable.com/plugins/nessus/163296", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5641. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163296);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:5641\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2022:5641)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:5641 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5641\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_30_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_34_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_40_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_40_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_45_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_49_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-305.10.2.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_10_2-1-11.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.10.2.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_10_2-1-11.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.12.1.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_12_1-1-10.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.12.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_12_1-1-10.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.17.1.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_17_1-1-9.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.17.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_17_1-1-9.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.19.1.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_19_1-1-9.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.19.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_19_1-1-9.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.25.1.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_25_1-1-8.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.25.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_25_1-1-8.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.30.1.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_30_1-1-6.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.30.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_30_1-1-6.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.34.2.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_34_2-1-4.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.34.2.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_34_2-1-4.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.40.1.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_40_1-1-3.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.40.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_40_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.40.2.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_40_2-1-3.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.40.2.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_40_2-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.45.1.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_45_1-1-2.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.45.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_45_1-1-2.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.49.1.el8_4.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_49_1-1-1.el8_4', 'sp':'4', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.49.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_49_1-1-1.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-305_10_2 / kpatch-patch-4_18_0-305_12_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:58", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5805 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-02T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2022:5805)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.4", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2022-5805.NASL", "href": "https://www.tenable.com/plugins/nessus/163697", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5805. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163697);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:5805\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2022:5805)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:5805 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.4')) audit(AUDIT_OS_NOT, 'Red Hat 7.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5805');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.4/x86_64/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.4/x86_64/os',\n 'content/aus/rhel/server/7/7.4/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-3.10.0-693.104.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-693.104.1.el7', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-693.104.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-693.104.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-693.104.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-693.104.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-693.104.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-693.104.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-693.104.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-693.104.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:33:14", "description": "The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5819 advisory.\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-16T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : kernel (RLSA-2022:5819)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2022-12-26T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:bpftool", "p-cpe:/a:rocky:linux:bpftool-debuginfo", "p-cpe:/a:rocky:linux:kernel", "p-cpe:/a:rocky:linux:kernel-abi-stablelists", "p-cpe:/a:rocky:linux:kernel-core", "p-cpe:/a:rocky:linux:kernel-cross-headers", "p-cpe:/a:rocky:linux:kernel-debug", "p-cpe:/a:rocky:linux:kernel-devel", "p-cpe:/a:rocky:linux:kernel-debug-core", "p-cpe:/a:rocky:linux:kernel-headers", "p-cpe:/a:rocky:linux:kernel-debug-debuginfo", "p-cpe:/a:rocky:linux:kernel-modules", "p-cpe:/a:rocky:linux:kernel-modules-extra", "p-cpe:/a:rocky:linux:kernel-rt", "p-cpe:/a:rocky:linux:kernel-debug-devel", "p-cpe:/a:rocky:linux:kernel-rt-core", "p-cpe:/a:rocky:linux:kernel-rt-debug", "p-cpe:/a:rocky:linux:kernel-debug-modules", "p-cpe:/a:rocky:linux:kernel-rt-debug-core", "p-cpe:/a:rocky:linux:kernel-debug-modules-extra", "p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo", "p-cpe:/a:rocky:linux:kernel-debuginfo", "p-cpe:/a:rocky:linux:kernel-rt-debug-devel", "p-cpe:/a:rocky:linux:kernel-rt-debug-kvm", "p-cpe:/a:rocky:linux:kernel-rt-debug-modules", "p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra", "p-cpe:/a:rocky:linux:kernel-rt-debuginfo", "p-cpe:/a:rocky:linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:rocky:linux:kernel-rt-devel", "p-cpe:/a:rocky:linux:kernel-rt-kvm", "p-cpe:/a:rocky:linux:kernel-rt-modules", "p-cpe:/a:rocky:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:rocky:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:rocky:linux:kernel-rt-modules-extra", "p-cpe:/a:rocky:linux:kernel-tools", "p-cpe:/a:rocky:linux:kernel-tools-debuginfo", "p-cpe:/a:rocky:linux:kernel-tools-libs", "p-cpe:/a:rocky:linux:kernel-tools-libs-devel", "p-cpe:/a:rocky:linux:perf", "p-cpe:/a:rocky:linux:perf-debuginfo", "p-cpe:/a:rocky:linux:python3-perf", "p-cpe:/a:rocky:linux:python3-perf-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-5819.NASL", "href": "https://www.tenable.com/plugins/nessus/164132", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:5819.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164132);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/26\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RLSA\", value:\"2022:5819\");\n\n script_name(english:\"Rocky Linux 8 : kernel (RLSA-2022:5819)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nRLSA-2022:5819 advisory.\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:5819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2064604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RLSA-2022:5819');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'reference':'bpftool-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-stablelists-4.18.0-372.19.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-aarch64-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-core-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-core-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-debuginfo-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-extra-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debuginfo-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debuginfo-common-x86_64-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-extra-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / bpftool-debuginfo / kernel / kernel-abi-stablelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T20:30:17", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5804 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-02T00:00:00", "type": "nessus", "title": "RHEL 7 : kpatch-patch (RHSA-2022:5804)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:7.6", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_80_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_84_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_88_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_92_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_94_1"], "id": "REDHAT-RHSA-2022-5804.NASL", "href": "https://www.tenable.com/plugins/nessus/163703", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5804. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163703);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:5804\");\n\n script_name(english:\"RHEL 7 : kpatch-patch (RHSA-2022:5804)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:5804 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5804\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_80_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_84_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_88_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_92_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-957_94_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'kernels': {\n '3.10.0-957.80.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_80_1-1-6.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.80.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_80_1-1-6.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.84.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_84_1-1-5.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.84.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_84_1-1-5.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.88.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_88_1-1-3.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.88.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_88_1-1-3.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.92.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_92_1-1-2.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.92.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_92_1-1-2.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.94.1.el7.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_94_1-1-1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-957.94.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-957_94_1-1-1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-3_10_0-957_80_1 / kpatch-patch-3_10_0-957_84_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:29:46", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5648 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-20T00:00:00", "type": "nessus", "title": "RHEL 8 : kpatch-patch (RHSA-2022:5648)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_51_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_52_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_54_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_56_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_58_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_59_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_64_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_65_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_67_1"], "id": "REDHAT-RHSA-2022-5648.NASL", "href": "https://www.tenable.com/plugins/nessus/163295", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5648. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163295);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:5648\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2022:5648)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:5648 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_51_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_52_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_54_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_56_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_58_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_59_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_64_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_65_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_67_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.1/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.1/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.1/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.1/ppc64le/sap/os',\n 'content/e4s/rhel8/8.1/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-147.51.2.el8_1.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_51_2-1-8.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.51.2.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_51_2-1-8.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.52.1.el8_1.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_52_1-1-7.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.52.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_52_1-1-7.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.54.2.el8_1.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_54_2-1-6.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.54.2.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_54_2-1-6.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.56.1.el8_1.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_56_1-1-6.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.56.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_56_1-1-6.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.58.1.el8_1.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_58_1-1-4.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.58.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_58_1-1-4.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.59.1.el8_1.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_59_1-1-4.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.59.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_59_1-1-4.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.64.1.el8_1.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_64_1-1-3.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.64.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_64_1-1-3.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.65.1.el8_1.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_65_1-1-2.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.65.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_65_1-1-2.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.67.1.el8_1.ppc64le': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_67_1-1-1.el8_1', 'sp':'1', 'cpu':'ppc64le', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.67.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_67_1-1-1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-147_51_2 / kpatch-patch-4_18_0-147_52_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:33:41", "description": "The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5834 advisory.\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-16T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : kernel-rt (RLSA-2022:5834)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2022-12-26T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:bpftool", "p-cpe:/a:rocky:linux:bpftool-debuginfo", "p-cpe:/a:rocky:linux:kernel", "p-cpe:/a:rocky:linux:kernel-abi-stablelists", "p-cpe:/a:rocky:linux:kernel-core", "p-cpe:/a:rocky:linux:kernel-cross-headers", "p-cpe:/a:rocky:linux:kernel-debug", "p-cpe:/a:rocky:linux:kernel-debug-core", "p-cpe:/a:rocky:linux:kernel-debug-debuginfo", "p-cpe:/a:rocky:linux:kernel-debug-devel", "p-cpe:/a:rocky:linux:kernel-debug-modules", "p-cpe:/a:rocky:linux:kernel-debug-modules-extra", "p-cpe:/a:rocky:linux:kernel-debuginfo", "p-cpe:/a:rocky:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:rocky:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:rocky:linux:kernel-devel", "p-cpe:/a:rocky:linux:kernel-headers", "p-cpe:/a:rocky:linux:kernel-modules", "p-cpe:/a:rocky:linux:kernel-modules-extra", "p-cpe:/a:rocky:linux:kernel-rt", "p-cpe:/a:rocky:linux:kernel-rt-core", "p-cpe:/a:rocky:linux:kernel-rt-debug", "p-cpe:/a:rocky:linux:kernel-rt-debug-core", "p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo", "p-cpe:/a:rocky:linux:kernel-rt-debug-devel", "p-cpe:/a:rocky:linux:kernel-rt-debug-kvm", "p-cpe:/a:rocky:linux:kernel-rt-debug-modules", "p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra", "p-cpe:/a:rocky:linux:kernel-rt-debuginfo", "p-cpe:/a:rocky:linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:rocky:linux:kernel-rt-devel", "p-cpe:/a:rocky:linux:kernel-rt-kvm", "p-cpe:/a:rocky:linux:kernel-rt-modules", "p-cpe:/a:rocky:linux:kernel-rt-modules-extra", "p-cpe:/a:rocky:linux:kernel-tools", "p-cpe:/a:rocky:linux:kernel-tools-debuginfo", "p-cpe:/a:rocky:linux:kernel-tools-libs", "p-cpe:/a:rocky:linux:kernel-tools-libs-devel", "p-cpe:/a:rocky:linux:perf", "p-cpe:/a:rocky:linux:perf-debuginfo", "p-cpe:/a:rocky:linux:python3-perf", "p-cpe:/a:rocky:linux:python3-perf-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-5834.NASL", "href": "https://www.tenable.com/plugins/nessus/164131", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:5834.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164131);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/26\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RLSA\", value:\"2022:5834\");\n\n script_name(english:\"Rocky Linux 8 : kernel-rt (RLSA-2022:5834)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nRLSA-2022:5834 advisory.\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:5834\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2064604\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RLSA-2022:5834');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'reference':'bpftool-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-stablelists-4.18.0-372.19.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-aarch64-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-core-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-core-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-debuginfo-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-extra-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debuginfo-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debuginfo-common-x86_64-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-extra-4.18.0-372.19.1.rt7.176.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-debuginfo-4.18.0-372.19.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / bpftool-debuginfo / kernel / kernel-abi-stablelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T20:30:15", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5802 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-02T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2022:5802)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-32250"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2022-5802.NASL", "href": "https://www.tenable.com/plugins/nessus/163695", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5802. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163695);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-32250\");\n script_xref(name:\"RHSA\", value:\"2022:5802\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2022:5802)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:5802 advisory.\n\n - kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root\n (CVE-2022-32250)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2092427\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-32250');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5802');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/os',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-957.95.1.el7', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.6/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-bootwrapper-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/os',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-3.10.0-957.95.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-bootwrapper / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:36", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-5564 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-15T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : kernel (ELSA-2022-5564)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729"], "modified": "2022-12-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:bpftool", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-stablelists", "p-cpe:/a:oracle:linux:kernel-core", "p-cpe:/a:oracle:linux:kernel-cross-headers", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-core", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-debug-modules", "p-cpe:/a:oracle:linux:kernel-debug-modules-extra", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-modules", "p-cpe:/a:oracle:linux:kernel-modules-extra", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python3-perf"], "id": "ORACLELINUX_ELSA-2022-5564.NASL", "href": "https://www.tenable.com/plugins/nessus/163261", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-5564.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163261);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/08\");\n\n script_cve_id(\"CVE-2022-1729\");\n\n script_name(english:\"Oracle Linux 8 : kernel (ELSA-2022-5564)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-5564 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-5564.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.18.0-372.16.1.0.1.el8_6'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-5564');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.18';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'bpftool-4.18.0-372.16.1.0.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-4.18.0'},\n {'reference':'kernel-abi-stablelists-4.18.0-372.16.1.0.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-stablelists-4.18.0'},\n {'reference':'kernel-core-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-core-4.18.0'},\n {'reference':'kernel-cross-headers-4.18.0-372.16.1.0.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-cross-headers-4.18.0'},\n {'reference':'kernel-cross-headers-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-cross-headers-4.18.0'},\n {'reference':'kernel-debug-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-4.18.0'},\n {'reference':'kernel-debug-core-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-core-4.18.0'},\n {'reference':'kernel-debug-devel-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-4.18.0'},\n {'reference':'kernel-debug-modules-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-4.18.0'},\n {'reference':'kernel-debug-modules-extra-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-modules-extra-4.18.0'},\n {'reference':'kernel-devel-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-4.18.0'},\n {'reference':'kernel-headers-4.18.0-372.16.1.0.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-4.18.0'},\n {'reference':'kernel-headers-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-4.18.0'},\n {'reference':'kernel-modules-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-4.18.0'},\n {'reference':'kernel-modules-extra-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-modules-extra-4.18.0'},\n {'reference':'kernel-tools-4.18.0-372.16.1.0.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-4.18.0'},\n {'reference':'kernel-tools-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-4.18.0'},\n {'reference':'kernel-tools-libs-4.18.0-372.16.1.0.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-4.18.0'},\n {'reference':'kernel-tools-libs-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-4.18.0'},\n {'reference':'kernel-tools-libs-devel-4.18.0-372.16.1.0.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-4.18.0'},\n {'reference':'kernel-tools-libs-devel-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-tools-libs-devel-4.18.0'},\n {'reference':'perf-4.18.0-372.16.1.0.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-372.16.1.0.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-372.16.1.0.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-stablelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T18:33:18", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6741 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-28T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2022:6741)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.7", "cpe:/o:redhat:rhel_e4s:7.7", "cpe:/o:redhat:rhel_tus:7.7", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2022-6741.NASL", "href": "https://www.tenable.com/plugins/nessus/165522", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:6741. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165522);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-1729\");\n script_xref(name:\"RHSA\", value:\"2022:6741\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2022:6741)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:6741 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:6741\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(366);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.7')) audit(AUDIT_OS_NOT, 'Red Hat 7.7', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1729');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:6741');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.7/x86_64/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.7/x86_64/os',\n 'content/aus/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.7/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/os',\n 'content/tus/rhel/server/7/7.7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-1062.70.1.el7', 'sp':'7', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.7/x86_64/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.7/x86_64/os',\n 'content/aus/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/optional/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap-hana/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/debug',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/os',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel/power-le/7/7.7/ppc64le/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.7/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.7/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.7/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.7/x86_64/os',\n 'content/tus/rhel/server/7/7.7/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-bootwrapper-3.10.0-1062.70.1.el7', 'sp':'7', 'cpu':'ppc64le', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-bootwrapper / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:08", "description": "The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9413 advisory.\n\n - A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-20T00:00:00", "type": "nessus", "title": "Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9413)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-uek-container", "p-cpe:/a:oracle:linux:kernel-uek-container-debug"], "id": "ORACLELINUX_ELSA-2022-9413.NASL", "href": "https://www.tenable.com/plugins/nessus/161420", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9413.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161420);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\"CVE-2022-1729\");\n\n script_name(english:\"Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9413)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9413 advisory.\n\n - A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged\n user to gain root privileges. The bug allows to build several exploit primitives such as kernel address\n information leak, arbitrary execution, etc. (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9413.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-uek-container and / or kernel-uek-container-debug packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-container-debug\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7 / 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.4.17-2136.307.3.2.el7', '5.4.17-2136.307.3.2.el8'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9413');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.4';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-container-5.4.17-2136.307.3.2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-5.4.17'},\n {'reference':'kernel-uek-container-debug-5.4.17-2136.307.3.2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-debug-5.4.17'},\n {'reference':'kernel-uek-container-5.4.17-2136.307.3.2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-5.4.17'},\n {'reference':'kernel-uek-container-debug-5.4.17-2136.307.3.2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-debug-5.4.17'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek-container / kernel-uek-container-debug');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:31", "description": "The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5565 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : kernel-rt (RLSA-2022:5565)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729"], "modified": "2022-12-08T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:bpftool", "p-cpe:/a:rocky:linux:bpftool-debuginfo", "p-cpe:/a:rocky:linux:kernel", "p-cpe:/a:rocky:linux:kernel-abi-stablelists", "p-cpe:/a:rocky:linux:kernel-core", "p-cpe:/a:rocky:linux:kernel-cross-headers", "p-cpe:/a:rocky:linux:kernel-debug", "p-cpe:/a:rocky:linux:kernel-debug-core", "p-cpe:/a:rocky:linux:kernel-debug-debuginfo", "p-cpe:/a:rocky:linux:kernel-debug-devel", "p-cpe:/a:rocky:linux:kernel-debug-modules", "p-cpe:/a:rocky:linux:kernel-debug-modules-extra", "p-cpe:/a:rocky:linux:kernel-debuginfo", "p-cpe:/a:rocky:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:rocky:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:rocky:linux:kernel-devel", "p-cpe:/a:rocky:linux:kernel-headers", "p-cpe:/a:rocky:linux:kernel-modules", "p-cpe:/a:rocky:linux:kernel-modules-extra", "p-cpe:/a:rocky:linux:kernel-rt", "p-cpe:/a:rocky:linux:kernel-rt-core", "p-cpe:/a:rocky:linux:kernel-rt-debug", "p-cpe:/a:rocky:linux:kernel-rt-debug-core", "p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo", "p-cpe:/a:rocky:linux:kernel-rt-debug-devel", "p-cpe:/a:rocky:linux:kernel-rt-debug-kvm", "p-cpe:/a:rocky:linux:kernel-rt-debug-modules", "p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra", "p-cpe:/a:rocky:linux:kernel-rt-debuginfo", "p-cpe:/a:rocky:linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:rocky:linux:kernel-rt-devel", "p-cpe:/a:rocky:linux:kernel-rt-kvm", "p-cpe:/a:rocky:linux:kernel-rt-modules", "p-cpe:/a:rocky:linux:kernel-rt-modules-extra", "p-cpe:/a:rocky:linux:kernel-tools", "p-cpe:/a:rocky:linux:kernel-tools-debuginfo", "p-cpe:/a:rocky:linux:kernel-tools-libs", "p-cpe:/a:rocky:linux:kernel-tools-libs-devel", "p-cpe:/a:rocky:linux:perf", "p-cpe:/a:rocky:linux:perf-debuginfo", "p-cpe:/a:rocky:linux:python3-perf", "p-cpe:/a:rocky:linux:python3-perf-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2022-5565.NASL", "href": "https://www.tenable.com/plugins/nessus/163135", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2022:5565.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163135);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/08\");\n\n script_cve_id(\"CVE-2022-1729\");\n script_xref(name:\"RLSA\", value:\"2022:5565\");\n\n script_name(english:\"Rocky Linux 8 : kernel-rt (RLSA-2022:5565)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nRLSA-2022:5565 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2022:5565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=2086753\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-cross-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-rt-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1729');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RLSA-2022:5565');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'reference':'bpftool-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-stablelists-4.18.0-372.16.1.el8_6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-core-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-cross-headers-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-core-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-modules-extra-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-aarch64-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-modules-extra-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-core-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-core-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-debuginfo-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-extra-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debuginfo-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debuginfo-common-x86_64-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-extra-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-perf-debuginfo-4.18.0-372.16.1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / bpftool-debuginfo / kernel / kernel-abi-stablelists / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:13", "description": "The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9409 advisory.\n\n - A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-20T00:00:00", "type": "nessus", "title": "Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9409)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-tools", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2022-9409.NASL", "href": "https://www.tenable.com/plugins/nessus/161418", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9409.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161418);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\"CVE-2022-1729\");\n\n script_name(english:\"Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9409)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9409 advisory.\n\n - A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged\n user to gain root privileges. The bug allows to build several exploit primitives such as kernel address\n information leak, arbitrary execution, etc. (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9409.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7 / 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.4.17-2136.307.3.2.el7uek', '5.4.17-2136.307.3.2.el8uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9409');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.4';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-5.4.17-2136.307.3.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-5.4.17-2136.307.3.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.307.3.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.307.3.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.307.3.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.307.3.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.307.3.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.307.3.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-doc-5.4.17-2136.307.3.2.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'},\n {'reference':'kernel-uek-tools-5.4.17-2136.307.3.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},\n {'reference':'kernel-uek-tools-5.4.17-2136.307.3.2.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},\n {'reference':'kernel-uek-tools-libs-5.4.17-2136.307.3.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-5.4.17'},\n {'reference':'perf-5.4.17-2136.307.3.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-5.4.17-2136.307.3.2.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-5.4.17-2136.307.3.2.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-5.4.17-2136.307.3.2.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.307.3.2.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.307.3.2.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.307.3.2.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.307.3.2.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.307.3.2.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.307.3.2.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-doc-5.4.17-2136.307.3.2.el8uek', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:29:45", "description": "The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9410 advisory.\n\n - A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-20T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9410)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729"], "modified": "2023-03-21T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-tools"], "id": "ORACLELINUX_ELSA-2022-9410.NASL", "href": "https://www.tenable.com/plugins/nessus/161417", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9410.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161417);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\"CVE-2022-1729\");\n\n script_name(english:\"Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9410)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9410 advisory.\n\n - A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged\n user to gain root privileges. The bug allows to build several exploit primitives such as kernel address\n information leak, arbitrary execution, etc. (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9410.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.14.35-2047.513.2.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9410');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.14';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.14.35-2047.513.2.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.14.35'},\n {'reference':'kernel-uek-debug-4.14.35-2047.513.2.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.14.35'},\n {'reference':'kernel-uek-debug-devel-4.14.35-2047.513.2.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.14.35'},\n {'reference':'kernel-uek-devel-4.14.35-2047.513.2.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.14.35'},\n {'reference':'kernel-uek-doc-4.14.35-2047.513.2.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.14.35'},\n {'reference':'kernel-uek-tools-4.14.35-2047.513.2.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-4.14.35'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:30", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5565 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-13T00:00:00", "type": "nessus", "title": "RHEL 8 : kernel-rt (RHSA-2022:5565)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra"], "id": "REDHAT-RHSA-2022-5565.NASL", "href": "https://www.tenable.com/plugins/nessus/163077", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5565. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163077);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-1729\");\n script_xref(name:\"RHSA\", value:\"2022:5565\");\n\n script_name(english:\"RHEL 8 : kernel-rt (RHSA-2022:5565)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:5565 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2086753\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1729\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(366);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-1729');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:5565');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-rt-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-core-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-core-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-extra-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-extra-4.18.0-372.16.1.rt7.173.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-rt-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-core-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-core-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-devel-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-kvm-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-debug-modules-extra-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-devel-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-kvm-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-rt-modules-extra-4.18.0-372.16.1.rt7.173.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:48", "description": "The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5564 advisory.\n\n - kernel: race condition in perf_event_open leads to privilege escalation (CVE-2022-1729)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-15T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : kernel (RLSA-2022:5564)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1729"], "modified": "2022-12-08T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:bpftool", "p-cpe:/a:rocky:linux:bpftool-debuginfo", "p-cpe:/a:rocky:linux:kernel", "p-cpe:/a:rocky:linux:kernel-abi-stablelists", "p-cpe:/a:rocky:linux:kernel-core", "p-cpe:/a:rocky:linux:kernel-cross-headers", "p-cpe:/a:rocky:linux:kernel-debug", "p-cpe:/a:rocky:linux:python3-perf", "p-cpe:/a:rocky:linux:kernel-debug-core", "p-cpe:/a:rocky:linux:python3-perf-debuginfo", "p-cpe:/a:rocky:linux:kernel-debug-debuginfo", "cpe:/o:rocky:linux:8", "p-cpe:/a:rocky:linux:kernel-debug-devel", "p-cpe:/a:rocky:linux:kernel-debug-modules", "p-cpe:/a:rocky