CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
43.8%
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5102 advisory.
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)
* kernel: tracing: Restructure trace_clock_global() to never block (CVE-2021-46939)
* kernel: ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)
* kernel: net/sched: flower: Fix chain template offload (CVE-2024-26669)
* kernel: stmmac: Clear variable when destroying workqueue (CVE-2024-26802)
* kernel: efi: runtime: Fix potential overflow of soft-reserved region size (CVE-2024-26843)
* kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)
* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
* kernel: SUNRPC: fix a memleak in gss_import_v2_context (CVE-2023-52653)
* kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by untrusted application (CVE-2024-21823)
* kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)
* kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)
* kernel: dyndbg: fix old BUG_ON in >control parser (CVE-2024-35947)
* kernel: net/sched: act_skbmod: prevent kernel-infoleak (CVE-2024-35893)
* kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (CVE-2024-35876)
* kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)
* kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (CVE-2023-52845)
* kernel: Revert net/mlx5: Block entering switchdev mode with ns inconsistency (CVE-2023-52658)
* kernel: crash due to a missing check for leb_size (CVE-2024-25739)
* kernel: tcp: make sure init the accept_queue's spinlocks once (CVE-2024-26614)
* kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640)
* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)
* kernel: nfs: fix UAF in direct writes (CVE-2024-26958)
* kernel: SUNRPC: fix some memleaks in gssx_dec_option_array (CVE-2024-27388)
* kernel: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (CVE-2024-27434)
* kernel: of: Fix double free in of_parse_phandle_with_args_map (CVE-2023-52679)
* kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (CVE-2024-35930)
* kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks (CVE-2024-35912)
* kernel: block: prevent division by zero in blk_rq_stat_sum() (CVE-2024-35925)
* kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB (CVE-2024-35938)
* kernel: wifi: cfg80211: check A-MSDU format more carefully (CVE-2024-35937)
* kernel: wifi: rtw89: fix null pointer access when abort scan (CVE-2024-35946)
* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)
* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)
* kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (CVE-2024-36006)
* kernel: net: ieee802154: fix null deref in parse dev addr (CVE-2021-47257)
* kernel: mmc: sdio: fix possible resource leaks in some error paths (CVE-2023-52730)
* kernel: wifi: ath11k: fix gtk offload status event locking (CVE-2023-52777)
* (CVE-2023-52832)
* (CVE-2023-52803)
* (CVE-2023-52756)
* (CVE-2023-52834)
* (CVE-2023-52791)
* (CVE-2023-52764)
* (CVE-2021-47468)
* (CVE-2021-47284)
* (CVE-2024-36025)
* (CVE-2024-36941)
* (CVE-2024-36940)
* (CVE-2024-36904)
* (CVE-2024-36896)
* (CVE-2024-36954)
* (CVE-2024-36950)
* (CVE-2024-38575)
* (CVE-2024-36917)
* (CVE-2024-36016)
* (CVE-2023-52762)
* (CVE-2024-27025)
* (CVE-2021-47548)
* (CVE-2023-52619)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer the CVE page(s) listed in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2024:5102. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(205212);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/10");
script_cve_id(
"CVE-2021-46939",
"CVE-2021-47257",
"CVE-2021-47284",
"CVE-2021-47304",
"CVE-2021-47373",
"CVE-2021-47408",
"CVE-2021-47461",
"CVE-2021-47468",
"CVE-2021-47491",
"CVE-2021-47548",
"CVE-2021-47579",
"CVE-2021-47624",
"CVE-2022-48632",
"CVE-2022-48743",
"CVE-2022-48747",
"CVE-2022-48757",
"CVE-2023-52463",
"CVE-2023-52469",
"CVE-2023-52471",
"CVE-2023-52486",
"CVE-2023-52530",
"CVE-2023-52619",
"CVE-2023-52622",
"CVE-2023-52623",
"CVE-2023-52648",
"CVE-2023-52653",
"CVE-2023-52658",
"CVE-2023-52662",
"CVE-2023-52679",
"CVE-2023-52707",
"CVE-2023-52730",
"CVE-2023-52756",
"CVE-2023-52762",
"CVE-2023-52764",
"CVE-2023-52777",
"CVE-2023-52784",
"CVE-2023-52791",
"CVE-2023-52796",
"CVE-2023-52803",
"CVE-2023-52811",
"CVE-2023-52832",
"CVE-2023-52834",
"CVE-2023-52845",
"CVE-2023-52847",
"CVE-2023-52864",
"CVE-2024-2201",
"CVE-2024-21823",
"CVE-2024-25739",
"CVE-2024-26586",
"CVE-2024-26614",
"CVE-2024-26640",
"CVE-2024-26660",
"CVE-2024-26669",
"CVE-2024-26686",
"CVE-2024-26704",
"CVE-2024-26733",
"CVE-2024-26740",
"CVE-2024-26772",
"CVE-2024-26773",
"CVE-2024-26802",
"CVE-2024-26810",
"CVE-2024-26837",
"CVE-2024-26840",
"CVE-2024-26843",
"CVE-2024-26852",
"CVE-2024-26853",
"CVE-2024-26870",
"CVE-2024-26878",
"CVE-2024-26921",
"CVE-2024-26925",
"CVE-2024-26940",
"CVE-2024-26958",
"CVE-2024-26960",
"CVE-2024-26961",
"CVE-2024-27010",
"CVE-2024-27011",
"CVE-2024-27019",
"CVE-2024-27020",
"CVE-2024-27025",
"CVE-2024-27065",
"CVE-2024-27388",
"CVE-2024-27395",
"CVE-2024-27434",
"CVE-2024-31076",
"CVE-2024-33621",
"CVE-2024-35790",
"CVE-2024-35801",
"CVE-2024-35807",
"CVE-2024-35810",
"CVE-2024-35814",
"CVE-2024-35847",
"CVE-2024-35876",
"CVE-2024-35893",
"CVE-2024-35896",
"CVE-2024-35897",
"CVE-2024-35899",
"CVE-2024-35900",
"CVE-2024-35910",
"CVE-2024-35912",
"CVE-2024-35924",
"CVE-2024-35925",
"CVE-2024-35930",
"CVE-2024-35937",
"CVE-2024-35938",
"CVE-2024-35946",
"CVE-2024-35947",
"CVE-2024-35952",
"CVE-2024-36000",
"CVE-2024-36005",
"CVE-2024-36006",
"CVE-2024-36010",
"CVE-2024-36016",
"CVE-2024-36017",
"CVE-2024-36020",
"CVE-2024-36025",
"CVE-2024-36270",
"CVE-2024-36286",
"CVE-2024-36489",
"CVE-2024-36886",
"CVE-2024-36889",
"CVE-2024-36896",
"CVE-2024-36904",
"CVE-2024-36905",
"CVE-2024-36917",
"CVE-2024-36921",
"CVE-2024-36927",
"CVE-2024-36929",
"CVE-2024-36933",
"CVE-2024-36940",
"CVE-2024-36941",
"CVE-2024-36950",
"CVE-2024-36954",
"CVE-2024-36960",
"CVE-2024-36971",
"CVE-2024-36978",
"CVE-2024-36979",
"CVE-2024-38538",
"CVE-2024-38555",
"CVE-2024-38573",
"CVE-2024-38575",
"CVE-2024-38596",
"CVE-2024-38615",
"CVE-2024-38627",
"CVE-2024-39276",
"CVE-2024-39472",
"CVE-2024-39476",
"CVE-2024-39487",
"CVE-2024-39502",
"CVE-2024-40927"
);
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2024/08/28");
script_xref(name:"RHSA", value:"2024:5102");
script_name(english:"RHEL 8 : kernel-rt (RHSA-2024:5102)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for kernel-rt.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2024:5102 advisory.
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with
extremely high determinism requirements.
Security Fix(es):
* kernel: efivarfs: force RO when remounting if SetVariable is not supported (CVE-2023-52463)
* kernel: tracing: Restructure trace_clock_global() to never block (CVE-2021-46939)
* kernel: ext4: avoid online resizing failures due to oversized flex bg (CVE-2023-52622)
* kernel: net/sched: flower: Fix chain template offload (CVE-2024-26669)
* kernel: stmmac: Clear variable when destroying workqueue (CVE-2024-26802)
* kernel: efi: runtime: Fix potential overflow of soft-reserved region size (CVE-2024-26843)
* kernel: quota: Fix potential NULL pointer dereference (CVE-2024-26878)
* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
* kernel: SUNRPC: fix a memleak in gss_import_v2_context (CVE-2023-52653)
* kernel: dmaengine/idxd: hardware erratum allows potential security problem with direct access by
untrusted application (CVE-2024-21823)
* kernel: ext4: fix corruption during on-line resize (CVE-2024-35807)
* kernel: x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (CVE-2024-35801)
* kernel: dyndbg: fix old BUG_ON in >control parser (CVE-2024-35947)
* kernel: net/sched: act_skbmod: prevent kernel-infoleak (CVE-2024-35893)
* kernel: x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (CVE-2024-35876)
* kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)
* kernel: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (CVE-2023-52845)
* kernel: Revert net/mlx5: Block entering switchdev mode with ns inconsistency (CVE-2023-52658)
* kernel: crash due to a missing check for leb_size (CVE-2024-25739)
* kernel: tcp: make sure init the accept_queue's spinlocks once (CVE-2024-26614)
* kernel: tcp: add sanity checks to rx zerocopy (CVE-2024-26640)
* kernel: NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (CVE-2024-26870)
* kernel: nfs: fix UAF in direct writes (CVE-2024-26958)
* kernel: SUNRPC: fix some memleaks in gssx_dec_option_array (CVE-2024-27388)
* kernel: wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (CVE-2024-27434)
* kernel: of: Fix double free in of_parse_phandle_with_args_map (CVE-2023-52679)
* kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (CVE-2024-35930)
* kernel: wifi: iwlwifi: mvm: rfi: fix potential response leaks (CVE-2024-35912)
* kernel: block: prevent division by zero in blk_rq_stat_sum() (CVE-2024-35925)
* kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB (CVE-2024-35938)
* kernel: wifi: cfg80211: check A-MSDU format more carefully (CVE-2024-35937)
* kernel: wifi: rtw89: fix null pointer access when abort scan (CVE-2024-35946)
* kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)
* kernel: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (CVE-2024-36000)
* kernel: mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (CVE-2024-36006)
* kernel: net: ieee802154: fix null deref in parse dev addr (CVE-2021-47257)
* kernel: mmc: sdio: fix possible resource leaks in some error paths (CVE-2023-52730)
* kernel: wifi: ath11k: fix gtk offload status event locking (CVE-2023-52777)
* (CVE-2023-52832)
* (CVE-2023-52803)
* (CVE-2023-52756)
* (CVE-2023-52834)
* (CVE-2023-52791)
* (CVE-2023-52764)
* (CVE-2021-47468)
* (CVE-2021-47284)
* (CVE-2024-36025)
* (CVE-2024-36941)
* (CVE-2024-36940)
* (CVE-2024-36904)
* (CVE-2024-36896)
* (CVE-2024-36954)
* (CVE-2024-36950)
* (CVE-2024-38575)
* (CVE-2024-36917)
* (CVE-2024-36016)
* (CVE-2023-52762)
* (CVE-2024-27025)
* (CVE-2021-47548)
* (CVE-2023-52619)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and
other related information, refer the CVE page(s) listed in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2263879");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2265645");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2265797");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2266341");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2266347");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2266497");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2267787");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2268118");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2269070");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2269211");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2270084");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2270100");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2271686");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2271688");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2272782");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2272795");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273109");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273174");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273236");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273242");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273247");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273268");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273427");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273654");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275565");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275573");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275580");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275694");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275711");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275748");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275761");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275928");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2277166");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2277238");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2277840");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278176");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278178");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278182");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278218");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278256");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278258");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278277");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278279");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278380");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278484");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278515");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278535");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278539");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278989");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2280440");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281054");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281133");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281149");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281207");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281215");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281221");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281235");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281268");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281326");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281360");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281510");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281519");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281636");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281641");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281664");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281667");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281672");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281675");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281682");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281725");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281752");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281758");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281819");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281821");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281833");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281938");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281949");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281968");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281989");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282328");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282373");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282479");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282553");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282615");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282623");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282640");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282642");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282645");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282717");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282719");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282727");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282742");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282743");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282744");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282759");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282763");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282766");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282772");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282780");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282887");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282896");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282923");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282925");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282950");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2283401");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2283894");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284400");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284417");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284421");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284474");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284477");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284488");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284496");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284500");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284513");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284519");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284539");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284541");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284556");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284571");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284590");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284625");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2290408");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2292331");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293078");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293250");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293276");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293312");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293316");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293348");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293371");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293383");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293418");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293420");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293444");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293461");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293653");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293657");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293684");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293687");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293700");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293711");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2294274");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2295914");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2296067");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297056");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297474");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2298108");
# https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5102.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?426ec449");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2024:5102");
script_set_attribute(attribute:"solution", value:
"Update the RHEL kernel-rt package based on the guidance in RHSA-2024:5102.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-38627");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 99, 119, 120, 121, 122, 124, 125, 129, 131, 170, 190, 229, 276, 362, 369, 402, 413, 415, 416, 457, 459, 476, 590, 664, 665, 667, 754, 787, 820, 822, 833, 1423);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/07/14");
script_set_attribute(attribute:"patch_publication_date", value:"2024/08/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/08/08");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
include('ksplice.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
rm_kb_item(name:'Host/uptrack-uname-r');
var cve_list = make_list('CVE-2021-46939', 'CVE-2021-47257', 'CVE-2021-47284', 'CVE-2021-47304', 'CVE-2021-47373', 'CVE-2021-47408', 'CVE-2021-47461', 'CVE-2021-47468', 'CVE-2021-47491', 'CVE-2021-47548', 'CVE-2021-47579', 'CVE-2021-47624', 'CVE-2022-48632', 'CVE-2022-48743', 'CVE-2022-48747', 'CVE-2022-48757', 'CVE-2023-52463', 'CVE-2023-52469', 'CVE-2023-52471', 'CVE-2023-52486', 'CVE-2023-52530', 'CVE-2023-52619', 'CVE-2023-52622', 'CVE-2023-52623', 'CVE-2023-52648', 'CVE-2023-52653', 'CVE-2023-52658', 'CVE-2023-52662', 'CVE-2023-52679', 'CVE-2023-52707', 'CVE-2023-52730', 'CVE-2023-52756', 'CVE-2023-52762', 'CVE-2023-52764', 'CVE-2023-52777', 'CVE-2023-52784', 'CVE-2023-52791', 'CVE-2023-52796', 'CVE-2023-52803', 'CVE-2023-52811', 'CVE-2023-52832', 'CVE-2023-52834', 'CVE-2023-52845', 'CVE-2023-52847', 'CVE-2023-52864', 'CVE-2024-2201', 'CVE-2024-21823', 'CVE-2024-25739', 'CVE-2024-26586', 'CVE-2024-26614', 'CVE-2024-26640', 'CVE-2024-26660', 'CVE-2024-26669', 'CVE-2024-26686', 'CVE-2024-26704', 'CVE-2024-26733', 'CVE-2024-26740', 'CVE-2024-26772', 'CVE-2024-26773', 'CVE-2024-26802', 'CVE-2024-26810', 'CVE-2024-26837', 'CVE-2024-26840', 'CVE-2024-26843', 'CVE-2024-26852', 'CVE-2024-26853', 'CVE-2024-26870', 'CVE-2024-26878', 'CVE-2024-26921', 'CVE-2024-26925', 'CVE-2024-26940', 'CVE-2024-26958', 'CVE-2024-26960', 'CVE-2024-26961', 'CVE-2024-27010', 'CVE-2024-27011', 'CVE-2024-27019', 'CVE-2024-27020', 'CVE-2024-27025', 'CVE-2024-27065', 'CVE-2024-27388', 'CVE-2024-27395', 'CVE-2024-27434', 'CVE-2024-31076', 'CVE-2024-33621', 'CVE-2024-35790', 'CVE-2024-35801', 'CVE-2024-35807', 'CVE-2024-35810', 'CVE-2024-35814', 'CVE-2024-35847', 'CVE-2024-35876', 'CVE-2024-35893', 'CVE-2024-35896', 'CVE-2024-35897', 'CVE-2024-35899', 'CVE-2024-35900', 'CVE-2024-35910', 'CVE-2024-35912', 'CVE-2024-35924', 'CVE-2024-35925', 'CVE-2024-35930', 'CVE-2024-35937', 'CVE-2024-35938', 'CVE-2024-35946', 'CVE-2024-35947', 'CVE-2024-35952', 'CVE-2024-36000', 'CVE-2024-36005', 'CVE-2024-36006', 'CVE-2024-36010', 'CVE-2024-36016', 'CVE-2024-36017', 'CVE-2024-36020', 'CVE-2024-36025', 'CVE-2024-36270', 'CVE-2024-36286', 'CVE-2024-36489', 'CVE-2024-36886', 'CVE-2024-36889', 'CVE-2024-36896', 'CVE-2024-36904', 'CVE-2024-36905', 'CVE-2024-36917', 'CVE-2024-36921', 'CVE-2024-36927', 'CVE-2024-36929', 'CVE-2024-36933', 'CVE-2024-36940', 'CVE-2024-36941', 'CVE-2024-36950', 'CVE-2024-36954', 'CVE-2024-36960', 'CVE-2024-36971', 'CVE-2024-36978', 'CVE-2024-36979', 'CVE-2024-38538', 'CVE-2024-38555', 'CVE-2024-38573', 'CVE-2024-38575', 'CVE-2024-38596', 'CVE-2024-38615', 'CVE-2024-38627', 'CVE-2024-39276', 'CVE-2024-39472', 'CVE-2024-39476', 'CVE-2024-39487', 'CVE-2024-39502', 'CVE-2024-40927');
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2024:5102');
}
else
{
__rpm_report = ksplice_reporting_text();
}
}
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel8/8.10/x86_64/nfv/debug',
'content/dist/rhel8/8.10/x86_64/nfv/os',
'content/dist/rhel8/8.10/x86_64/nfv/source/SRPMS',
'content/dist/rhel8/8.10/x86_64/rt/debug',
'content/dist/rhel8/8.10/x86_64/rt/os',
'content/dist/rhel8/8.10/x86_64/rt/source/SRPMS',
'content/dist/rhel8/8.6/x86_64/nfv/debug',
'content/dist/rhel8/8.6/x86_64/nfv/os',
'content/dist/rhel8/8.6/x86_64/nfv/source/SRPMS',
'content/dist/rhel8/8.6/x86_64/rt/debug',
'content/dist/rhel8/8.6/x86_64/rt/os',
'content/dist/rhel8/8.6/x86_64/rt/source/SRPMS',
'content/dist/rhel8/8.8/x86_64/nfv/debug',
'content/dist/rhel8/8.8/x86_64/nfv/os',
'content/dist/rhel8/8.8/x86_64/nfv/source/SRPMS',
'content/dist/rhel8/8.8/x86_64/rt/debug',
'content/dist/rhel8/8.8/x86_64/rt/os',
'content/dist/rhel8/8.8/x86_64/rt/source/SRPMS',
'content/dist/rhel8/8.9/x86_64/nfv/debug',
'content/dist/rhel8/8.9/x86_64/nfv/os',
'content/dist/rhel8/8.9/x86_64/nfv/source/SRPMS',
'content/dist/rhel8/8.9/x86_64/rt/debug',
'content/dist/rhel8/8.9/x86_64/rt/os',
'content/dist/rhel8/8.9/x86_64/rt/source/SRPMS',
'content/dist/rhel8/8/x86_64/nfv/debug',
'content/dist/rhel8/8/x86_64/nfv/os',
'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',
'content/dist/rhel8/8/x86_64/rt/debug',
'content/dist/rhel8/8/x86_64/rt/os',
'content/dist/rhel8/8/x86_64/rt/source/SRPMS'
],
'pkgs': [
{'reference':'kernel-rt-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-core-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-core-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-devel-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-kvm-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-extra-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-devel-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-kvm-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-extra-4.18.0-553.16.1.rt7.357.el8_10', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46939
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47257
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47284
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47304
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47373
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47408
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47461
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47468
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47491
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47548
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47579
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48632
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48747
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48757
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52463
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52469
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52471
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52486
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52530
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52622
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52653
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52662
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52679
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52707
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52730
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52756
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52762
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52764
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52777
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52784
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52791
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52796
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52803
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52811
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52832
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52834
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52845
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52847
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21823
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2201
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26586
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26614
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26640
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26669
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26686
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26704
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26733
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26772
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26773
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26802
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26837
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26840
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26843
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26852
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26853
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26870
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26878
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26921
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26925
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26940
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26960
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26961
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27010
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27011
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27019
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27025
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27065
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27388
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27395
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27434
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33621
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35801
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35807
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35847
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35876
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35893
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35899
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35900
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35910
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35912
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35924
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35925
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35930
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35937
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35938
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35946
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35947
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35952
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36000
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36005
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36006
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36010
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36016
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36017
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36025
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36270
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36286
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36489
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36886
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36889
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36904
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36905
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36917
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36921
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36927
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36933
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36940
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36941
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36950
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36954
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36960
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36971
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36978
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36979
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38555
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38573
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38615
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39276
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39472
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39476
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39487
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39502
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40927
www.nessus.org/u?426ec449
access.redhat.com/errata/RHSA-2024:5102
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=2263879
bugzilla.redhat.com/show_bug.cgi?id=2265645
bugzilla.redhat.com/show_bug.cgi?id=2265797
bugzilla.redhat.com/show_bug.cgi?id=2266341
bugzilla.redhat.com/show_bug.cgi?id=2266347
bugzilla.redhat.com/show_bug.cgi?id=2266497
bugzilla.redhat.com/show_bug.cgi?id=2267787
bugzilla.redhat.com/show_bug.cgi?id=2268118
bugzilla.redhat.com/show_bug.cgi?id=2269070
bugzilla.redhat.com/show_bug.cgi?id=2269211
bugzilla.redhat.com/show_bug.cgi?id=2270084
bugzilla.redhat.com/show_bug.cgi?id=2270100
bugzilla.redhat.com/show_bug.cgi?id=2271686
bugzilla.redhat.com/show_bug.cgi?id=2271688
bugzilla.redhat.com/show_bug.cgi?id=2272782
bugzilla.redhat.com/show_bug.cgi?id=2272795
bugzilla.redhat.com/show_bug.cgi?id=2273109
bugzilla.redhat.com/show_bug.cgi?id=2273174
bugzilla.redhat.com/show_bug.cgi?id=2273236
bugzilla.redhat.com/show_bug.cgi?id=2273242
bugzilla.redhat.com/show_bug.cgi?id=2273247
bugzilla.redhat.com/show_bug.cgi?id=2273268
bugzilla.redhat.com/show_bug.cgi?id=2273427
bugzilla.redhat.com/show_bug.cgi?id=2273654
bugzilla.redhat.com/show_bug.cgi?id=2275565
bugzilla.redhat.com/show_bug.cgi?id=2275573
bugzilla.redhat.com/show_bug.cgi?id=2275580
bugzilla.redhat.com/show_bug.cgi?id=2275694
bugzilla.redhat.com/show_bug.cgi?id=2275711
bugzilla.redhat.com/show_bug.cgi?id=2275748
bugzilla.redhat.com/show_bug.cgi?id=2275761
bugzilla.redhat.com/show_bug.cgi?id=2275928
bugzilla.redhat.com/show_bug.cgi?id=2277166
bugzilla.redhat.com/show_bug.cgi?id=2277238
bugzilla.redhat.com/show_bug.cgi?id=2277840
bugzilla.redhat.com/show_bug.cgi?id=2278176
bugzilla.redhat.com/show_bug.cgi?id=2278178
bugzilla.redhat.com/show_bug.cgi?id=2278182
bugzilla.redhat.com/show_bug.cgi?id=2278218
bugzilla.redhat.com/show_bug.cgi?id=2278256
bugzilla.redhat.com/show_bug.cgi?id=2278258
bugzilla.redhat.com/show_bug.cgi?id=2278277
bugzilla.redhat.com/show_bug.cgi?id=2278279
bugzilla.redhat.com/show_bug.cgi?id=2278380
bugzilla.redhat.com/show_bug.cgi?id=2278484
bugzilla.redhat.com/show_bug.cgi?id=2278515
bugzilla.redhat.com/show_bug.cgi?id=2278535
bugzilla.redhat.com/show_bug.cgi?id=2278539
bugzilla.redhat.com/show_bug.cgi?id=2278989
bugzilla.redhat.com/show_bug.cgi?id=2280440
bugzilla.redhat.com/show_bug.cgi?id=2281054
bugzilla.redhat.com/show_bug.cgi?id=2281133
bugzilla.redhat.com/show_bug.cgi?id=2281149
bugzilla.redhat.com/show_bug.cgi?id=2281207
bugzilla.redhat.com/show_bug.cgi?id=2281215
bugzilla.redhat.com/show_bug.cgi?id=2281221
bugzilla.redhat.com/show_bug.cgi?id=2281235
bugzilla.redhat.com/show_bug.cgi?id=2281268
bugzilla.redhat.com/show_bug.cgi?id=2281326
bugzilla.redhat.com/show_bug.cgi?id=2281360
bugzilla.redhat.com/show_bug.cgi?id=2281510
bugzilla.redhat.com/show_bug.cgi?id=2281519
bugzilla.redhat.com/show_bug.cgi?id=2281636
bugzilla.redhat.com/show_bug.cgi?id=2281641
bugzilla.redhat.com/show_bug.cgi?id=2281664
bugzilla.redhat.com/show_bug.cgi?id=2281667
bugzilla.redhat.com/show_bug.cgi?id=2281672
bugzilla.redhat.com/show_bug.cgi?id=2281675
bugzilla.redhat.com/show_bug.cgi?id=2281682
bugzilla.redhat.com/show_bug.cgi?id=2281725
bugzilla.redhat.com/show_bug.cgi?id=2281752
bugzilla.redhat.com/show_bug.cgi?id=2281758
bugzilla.redhat.com/show_bug.cgi?id=2281819
bugzilla.redhat.com/show_bug.cgi?id=2281821
bugzilla.redhat.com/show_bug.cgi?id=2281833
bugzilla.redhat.com/show_bug.cgi?id=2281938
bugzilla.redhat.com/show_bug.cgi?id=2281949
bugzilla.redhat.com/show_bug.cgi?id=2281968
bugzilla.redhat.com/show_bug.cgi?id=2281989
bugzilla.redhat.com/show_bug.cgi?id=2282328
bugzilla.redhat.com/show_bug.cgi?id=2282373
bugzilla.redhat.com/show_bug.cgi?id=2282479
bugzilla.redhat.com/show_bug.cgi?id=2282553
bugzilla.redhat.com/show_bug.cgi?id=2282615
bugzilla.redhat.com/show_bug.cgi?id=2282623
bugzilla.redhat.com/show_bug.cgi?id=2282640
bugzilla.redhat.com/show_bug.cgi?id=2282642
bugzilla.redhat.com/show_bug.cgi?id=2282645
bugzilla.redhat.com/show_bug.cgi?id=2282717
bugzilla.redhat.com/show_bug.cgi?id=2282719
bugzilla.redhat.com/show_bug.cgi?id=2282727
bugzilla.redhat.com/show_bug.cgi?id=2282742
bugzilla.redhat.com/show_bug.cgi?id=2282743
bugzilla.redhat.com/show_bug.cgi?id=2282744
bugzilla.redhat.com/show_bug.cgi?id=2282759
bugzilla.redhat.com/show_bug.cgi?id=2282763
bugzilla.redhat.com/show_bug.cgi?id=2282766
bugzilla.redhat.com/show_bug.cgi?id=2282772
bugzilla.redhat.com/show_bug.cgi?id=2282780
bugzilla.redhat.com/show_bug.cgi?id=2282887
bugzilla.redhat.com/show_bug.cgi?id=2282896
bugzilla.redhat.com/show_bug.cgi?id=2282923
bugzilla.redhat.com/show_bug.cgi?id=2282925
bugzilla.redhat.com/show_bug.cgi?id=2282950
bugzilla.redhat.com/show_bug.cgi?id=2283401
bugzilla.redhat.com/show_bug.cgi?id=2283894
bugzilla.redhat.com/show_bug.cgi?id=2284400
bugzilla.redhat.com/show_bug.cgi?id=2284417
bugzilla.redhat.com/show_bug.cgi?id=2284421
bugzilla.redhat.com/show_bug.cgi?id=2284474
bugzilla.redhat.com/show_bug.cgi?id=2284477
bugzilla.redhat.com/show_bug.cgi?id=2284488
bugzilla.redhat.com/show_bug.cgi?id=2284496
bugzilla.redhat.com/show_bug.cgi?id=2284500
bugzilla.redhat.com/show_bug.cgi?id=2284513
bugzilla.redhat.com/show_bug.cgi?id=2284519
bugzilla.redhat.com/show_bug.cgi?id=2284539
bugzilla.redhat.com/show_bug.cgi?id=2284541
bugzilla.redhat.com/show_bug.cgi?id=2284556
bugzilla.redhat.com/show_bug.cgi?id=2284571
bugzilla.redhat.com/show_bug.cgi?id=2284590
bugzilla.redhat.com/show_bug.cgi?id=2284625
bugzilla.redhat.com/show_bug.cgi?id=2290408
bugzilla.redhat.com/show_bug.cgi?id=2292331
bugzilla.redhat.com/show_bug.cgi?id=2293078
bugzilla.redhat.com/show_bug.cgi?id=2293250
bugzilla.redhat.com/show_bug.cgi?id=2293276
bugzilla.redhat.com/show_bug.cgi?id=2293312
bugzilla.redhat.com/show_bug.cgi?id=2293316
bugzilla.redhat.com/show_bug.cgi?id=2293348
bugzilla.redhat.com/show_bug.cgi?id=2293371
bugzilla.redhat.com/show_bug.cgi?id=2293383
bugzilla.redhat.com/show_bug.cgi?id=2293418
bugzilla.redhat.com/show_bug.cgi?id=2293420
bugzilla.redhat.com/show_bug.cgi?id=2293444
bugzilla.redhat.com/show_bug.cgi?id=2293461
bugzilla.redhat.com/show_bug.cgi?id=2293653
bugzilla.redhat.com/show_bug.cgi?id=2293657
bugzilla.redhat.com/show_bug.cgi?id=2293684
bugzilla.redhat.com/show_bug.cgi?id=2293687
bugzilla.redhat.com/show_bug.cgi?id=2293700
bugzilla.redhat.com/show_bug.cgi?id=2293711
bugzilla.redhat.com/show_bug.cgi?id=2294274
bugzilla.redhat.com/show_bug.cgi?id=2295914
bugzilla.redhat.com/show_bug.cgi?id=2296067
bugzilla.redhat.com/show_bug.cgi?id=2297056
bugzilla.redhat.com/show_bug.cgi?id=2297474
bugzilla.redhat.com/show_bug.cgi?id=2298108
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
43.8%