CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
16.3%
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5928 advisory.
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: nftables: nft_set_rbtree skip end interval element from gc (CVE-2024-26581)
* kernel: netfilter: nft_limit: reject configurations that cause integer overflow (CVE-2024-26668)
* kernel: vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
* kernel: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (CVE-2024-26855)
* kernel: x86/xen: Add some null pointer checking to smp.c (CVE-2024-26908)
* kernel: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path (CVE-2024-26925)
* kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (CVE-2024-27020)
* kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (CVE-2024-27019)
* kernel: netfilter: flowtable: validate pppoe header (CVE-2024-27016)
* kernel: netfilter: bridge: confirm multicast packets before passing them up the stack (CVE-2024-27415)
* kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)
* kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)
* kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion (CVE-2024-35897)
* kernel: netfilter: validate user input for expected length (CVE-2024-35896)
* kernel: netfilter: complete validation of user input (CVE-2024-35962)
* kernel: ice: fix LAG and VF lock dependency in ice_reset_vf() (CVE-2024-36003)
* kernel: cxl/port: Fix delete_endpoint() vs parent unregistration race (CVE-2023-52771)
* kernel: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (CVE-2023-52880)
* kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (CVE-2024-36025)
* kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)
* kernel: crypto: bcm - Fix pointer arithmetic (CVE-2024-38579)
* kernel: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (CVE-2024-38544)
* kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)
* kernel: net: bridge: xmit: make sure we have at least eth header len bytes (CVE-2024-38538)
* kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (CVE-2024-39476)
* kernel: ipv6: fix possible race in __fib6_drop_pcpu_from() (CVE-2024-40905)
* kernel: wifi: cfg80211: Lock wiphy in cfg80211_get_station (CVE-2024-40911)
* kernel: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (CVE-2024-40912)
* kernel: mm/huge_memory: don't unpoison huge_zero_folio (CVE-2024-40914)
* kernel: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CVE-2024-40929)
* kernel: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (CVE-2024-40939)
* kernel: wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CVE-2024-40941)
* kernel: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (CVE-2024-40957)
* kernel: scsi: qedi: Fix crash while reading debugfs attribute (CVE-2024-40978)
* kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)
* kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)
* kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)
* kernel: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (CVE-2024-41041)
* kernel: NFSv4: Fix memory leak in nfs4_set_security_label (CVE-2024-41076)
* kernel: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (CVE-2024-42110)
* kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment (CVE-2024-42152)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2024:5928. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(206279);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/10");
script_cve_id(
"CVE-2023-52771",
"CVE-2023-52880",
"CVE-2024-26581",
"CVE-2024-26668",
"CVE-2024-26810",
"CVE-2024-26855",
"CVE-2024-26908",
"CVE-2024-26925",
"CVE-2024-27016",
"CVE-2024-27019",
"CVE-2024-27020",
"CVE-2024-27415",
"CVE-2024-35839",
"CVE-2024-35896",
"CVE-2024-35897",
"CVE-2024-35898",
"CVE-2024-35962",
"CVE-2024-36003",
"CVE-2024-36025",
"CVE-2024-38538",
"CVE-2024-38540",
"CVE-2024-38544",
"CVE-2024-38579",
"CVE-2024-38608",
"CVE-2024-39476",
"CVE-2024-40905",
"CVE-2024-40911",
"CVE-2024-40912",
"CVE-2024-40914",
"CVE-2024-40929",
"CVE-2024-40939",
"CVE-2024-40941",
"CVE-2024-40957",
"CVE-2024-40978",
"CVE-2024-40983",
"CVE-2024-41041",
"CVE-2024-41076",
"CVE-2024-41090",
"CVE-2024-41091",
"CVE-2024-42110",
"CVE-2024-42152"
);
script_xref(name:"RHSA", value:"2024:5928");
script_name(english:"RHEL 9 : kernel (RHSA-2024:5928)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates for kernel.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2024:5928 advisory.
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: nftables: nft_set_rbtree skip end interval element from gc (CVE-2024-26581)
* kernel: netfilter: nft_limit: reject configurations that cause integer overflow (CVE-2024-26668)
* kernel: vfio/pci: Lock external INTx masking ops (CVE-2024-26810)
* kernel: net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (CVE-2024-26855)
* kernel: x86/xen: Add some null pointer checking to smp.c (CVE-2024-26908)
* kernel: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path (CVE-2024-26925)
* kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (CVE-2024-27020)
* kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (CVE-2024-27019)
* kernel: netfilter: flowtable: validate pppoe header (CVE-2024-27016)
* kernel: netfilter: bridge: confirm multicast packets before passing them up the stack (CVE-2024-27415)
* kernel: netfilter: bridge: replace physindev with physinif in nf_bridge_info (CVE-2024-35839)
* kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)
* kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion (CVE-2024-35897)
* kernel: netfilter: validate user input for expected length (CVE-2024-35896)
* kernel: netfilter: complete validation of user input (CVE-2024-35962)
* kernel: ice: fix LAG and VF lock dependency in ice_reset_vf() (CVE-2024-36003)
* kernel: cxl/port: Fix delete_endpoint() vs parent unregistration race (CVE-2023-52771)
* kernel: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (CVE-2023-52880)
* kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (CVE-2024-36025)
* kernel: net/mlx5e: Fix netif state handling (CVE-2024-38608)
* kernel: crypto: bcm - Fix pointer arithmetic (CVE-2024-38579)
* kernel: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (CVE-2024-38544)
* kernel: bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (CVE-2024-38540)
* kernel: net: bridge: xmit: make sure we have at least eth header len bytes (CVE-2024-38538)
* kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING
(CVE-2024-39476)
* kernel: ipv6: fix possible race in __fib6_drop_pcpu_from() (CVE-2024-40905)
* kernel: wifi: cfg80211: Lock wiphy in cfg80211_get_station (CVE-2024-40911)
* kernel: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (CVE-2024-40912)
* kernel: mm/huge_memory: don't unpoison huge_zero_folio (CVE-2024-40914)
* kernel: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CVE-2024-40929)
* kernel: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (CVE-2024-40939)
* kernel: wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CVE-2024-40941)
* kernel: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors
(CVE-2024-40957)
* kernel: scsi: qedi: Fix crash while reading debugfs attribute (CVE-2024-40978)
* kernel: tipc: force a dst refcount before doing decryption (CVE-2024-40983)
* kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)
* kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)
* kernel: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (CVE-2024-41041)
* kernel: NFSv4: Fix memory leak in nfs4_set_security_label (CVE-2024-41076)
* kernel: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx()
(CVE-2024-42110)
* kernel: nvmet: fix a possible leak when destroy a ctrl during qp establishment (CVE-2024-42152)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and
other related information, refer to the CVE page(s) listed in the References section.
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2265185");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2272797");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273654");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275742");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275744");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2277166");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278256");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278258");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2278264");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281101");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281284");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281669");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281672");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281675");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281916");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281958");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2282720");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2283468");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284421");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293356");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293414");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293455");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293459");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293461");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2295914");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297489");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297495");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297496");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297498");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297513");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297523");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297525");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297541");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297562");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2297567");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2299240");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2299336");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2300410");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2300453");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2301473");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2301519");
# https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_5928.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a6ff55f4");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2024:5928");
script_set_attribute(attribute:"solution", value:
"Update the RHEL kernel package based on the guidance in RHSA-2024:5928.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-26581");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(20, 99, 119, 125, 190, 362, 372, 401, 404, 413, 476, 667, 690, 787, 822, 833, 911);
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/02/15");
script_set_attribute(attribute:"patch_publication_date", value:"2024/08/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/08/28");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:9");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-64k-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-cross-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-debug-uki-virt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-uki-virt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-zfcpdump-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libperf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rtla");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rv");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
include('ksplice.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
rm_kb_item(name:'Host/uptrack-uname-r');
var cve_list = make_list('CVE-2023-52771', 'CVE-2023-52880', 'CVE-2024-26581', 'CVE-2024-26668', 'CVE-2024-26810', 'CVE-2024-26855', 'CVE-2024-26908', 'CVE-2024-26925', 'CVE-2024-27016', 'CVE-2024-27019', 'CVE-2024-27020', 'CVE-2024-27415', 'CVE-2024-35839', 'CVE-2024-35896', 'CVE-2024-35897', 'CVE-2024-35898', 'CVE-2024-35962', 'CVE-2024-36003', 'CVE-2024-36025', 'CVE-2024-38538', 'CVE-2024-38540', 'CVE-2024-38544', 'CVE-2024-38579', 'CVE-2024-38608', 'CVE-2024-39476', 'CVE-2024-40905', 'CVE-2024-40911', 'CVE-2024-40912', 'CVE-2024-40914', 'CVE-2024-40929', 'CVE-2024-40939', 'CVE-2024-40941', 'CVE-2024-40957', 'CVE-2024-40978', 'CVE-2024-40983', 'CVE-2024-41041', 'CVE-2024-41076', 'CVE-2024-41090', 'CVE-2024-41091', 'CVE-2024-42110', 'CVE-2024-42152');
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2024:5928');
}
else
{
__rpm_report = ksplice_reporting_text();
}
}
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel9/9.1/aarch64/appstream/debug',
'content/dist/rhel9/9.1/aarch64/appstream/os',
'content/dist/rhel9/9.1/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9.1/aarch64/baseos/debug',
'content/dist/rhel9/9.1/aarch64/baseos/os',
'content/dist/rhel9/9.1/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9.1/aarch64/codeready-builder/debug',
'content/dist/rhel9/9.1/aarch64/codeready-builder/os',
'content/dist/rhel9/9.1/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.1/ppc64le/appstream/debug',
'content/dist/rhel9/9.1/ppc64le/appstream/os',
'content/dist/rhel9/9.1/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9.1/ppc64le/baseos/debug',
'content/dist/rhel9/9.1/ppc64le/baseos/os',
'content/dist/rhel9/9.1/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9.1/ppc64le/codeready-builder/debug',
'content/dist/rhel9/9.1/ppc64le/codeready-builder/os',
'content/dist/rhel9/9.1/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.1/s390x/appstream/debug',
'content/dist/rhel9/9.1/s390x/appstream/os',
'content/dist/rhel9/9.1/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9.1/s390x/baseos/debug',
'content/dist/rhel9/9.1/s390x/baseos/os',
'content/dist/rhel9/9.1/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9.1/s390x/codeready-builder/debug',
'content/dist/rhel9/9.1/s390x/codeready-builder/os',
'content/dist/rhel9/9.1/s390x/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.1/x86_64/appstream/debug',
'content/dist/rhel9/9.1/x86_64/appstream/os',
'content/dist/rhel9/9.1/x86_64/appstream/source/SRPMS',
'content/dist/rhel9/9.1/x86_64/baseos/debug',
'content/dist/rhel9/9.1/x86_64/baseos/os',
'content/dist/rhel9/9.1/x86_64/baseos/source/SRPMS',
'content/dist/rhel9/9.1/x86_64/codeready-builder/debug',
'content/dist/rhel9/9.1/x86_64/codeready-builder/os',
'content/dist/rhel9/9.1/x86_64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.1/x86_64/nfv/debug',
'content/dist/rhel9/9.1/x86_64/nfv/os',
'content/dist/rhel9/9.1/x86_64/nfv/source/SRPMS',
'content/dist/rhel9/9.1/x86_64/rt/debug',
'content/dist/rhel9/9.1/x86_64/rt/os',
'content/dist/rhel9/9.1/x86_64/rt/source/SRPMS',
'content/dist/rhel9/9.2/aarch64/appstream/debug',
'content/dist/rhel9/9.2/aarch64/appstream/os',
'content/dist/rhel9/9.2/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9.2/aarch64/baseos/debug',
'content/dist/rhel9/9.2/aarch64/baseos/os',
'content/dist/rhel9/9.2/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9.2/aarch64/codeready-builder/debug',
'content/dist/rhel9/9.2/aarch64/codeready-builder/os',
'content/dist/rhel9/9.2/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.2/ppc64le/appstream/debug',
'content/dist/rhel9/9.2/ppc64le/appstream/os',
'content/dist/rhel9/9.2/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9.2/ppc64le/baseos/debug',
'content/dist/rhel9/9.2/ppc64le/baseos/os',
'content/dist/rhel9/9.2/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9.2/ppc64le/codeready-builder/debug',
'content/dist/rhel9/9.2/ppc64le/codeready-builder/os',
'content/dist/rhel9/9.2/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.2/s390x/appstream/debug',
'content/dist/rhel9/9.2/s390x/appstream/os',
'content/dist/rhel9/9.2/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9.2/s390x/baseos/debug',
'content/dist/rhel9/9.2/s390x/baseos/os',
'content/dist/rhel9/9.2/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9.2/s390x/codeready-builder/debug',
'content/dist/rhel9/9.2/s390x/codeready-builder/os',
'content/dist/rhel9/9.2/s390x/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.2/x86_64/appstream/debug',
'content/dist/rhel9/9.2/x86_64/appstream/os',
'content/dist/rhel9/9.2/x86_64/appstream/source/SRPMS',
'content/dist/rhel9/9.2/x86_64/baseos/debug',
'content/dist/rhel9/9.2/x86_64/baseos/os',
'content/dist/rhel9/9.2/x86_64/baseos/source/SRPMS',
'content/dist/rhel9/9.2/x86_64/codeready-builder/debug',
'content/dist/rhel9/9.2/x86_64/codeready-builder/os',
'content/dist/rhel9/9.2/x86_64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.2/x86_64/nfv/debug',
'content/dist/rhel9/9.2/x86_64/nfv/os',
'content/dist/rhel9/9.2/x86_64/nfv/source/SRPMS',
'content/dist/rhel9/9.2/x86_64/rt/debug',
'content/dist/rhel9/9.2/x86_64/rt/os',
'content/dist/rhel9/9.2/x86_64/rt/source/SRPMS',
'content/dist/rhel9/9.3/aarch64/appstream/debug',
'content/dist/rhel9/9.3/aarch64/appstream/os',
'content/dist/rhel9/9.3/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9.3/aarch64/baseos/debug',
'content/dist/rhel9/9.3/aarch64/baseos/os',
'content/dist/rhel9/9.3/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9.3/aarch64/codeready-builder/debug',
'content/dist/rhel9/9.3/aarch64/codeready-builder/os',
'content/dist/rhel9/9.3/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.3/ppc64le/appstream/debug',
'content/dist/rhel9/9.3/ppc64le/appstream/os',
'content/dist/rhel9/9.3/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9.3/ppc64le/baseos/debug',
'content/dist/rhel9/9.3/ppc64le/baseos/os',
'content/dist/rhel9/9.3/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9.3/ppc64le/codeready-builder/debug',
'content/dist/rhel9/9.3/ppc64le/codeready-builder/os',
'content/dist/rhel9/9.3/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.3/s390x/appstream/debug',
'content/dist/rhel9/9.3/s390x/appstream/os',
'content/dist/rhel9/9.3/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9.3/s390x/baseos/debug',
'content/dist/rhel9/9.3/s390x/baseos/os',
'content/dist/rhel9/9.3/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9.3/s390x/codeready-builder/debug',
'content/dist/rhel9/9.3/s390x/codeready-builder/os',
'content/dist/rhel9/9.3/s390x/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.3/x86_64/appstream/debug',
'content/dist/rhel9/9.3/x86_64/appstream/os',
'content/dist/rhel9/9.3/x86_64/appstream/source/SRPMS',
'content/dist/rhel9/9.3/x86_64/baseos/debug',
'content/dist/rhel9/9.3/x86_64/baseos/os',
'content/dist/rhel9/9.3/x86_64/baseos/source/SRPMS',
'content/dist/rhel9/9.3/x86_64/codeready-builder/debug',
'content/dist/rhel9/9.3/x86_64/codeready-builder/os',
'content/dist/rhel9/9.3/x86_64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.3/x86_64/nfv/debug',
'content/dist/rhel9/9.3/x86_64/nfv/os',
'content/dist/rhel9/9.3/x86_64/nfv/source/SRPMS',
'content/dist/rhel9/9.3/x86_64/rt/debug',
'content/dist/rhel9/9.3/x86_64/rt/os',
'content/dist/rhel9/9.3/x86_64/rt/source/SRPMS',
'content/dist/rhel9/9.4/aarch64/appstream/debug',
'content/dist/rhel9/9.4/aarch64/appstream/os',
'content/dist/rhel9/9.4/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9.4/aarch64/baseos/debug',
'content/dist/rhel9/9.4/aarch64/baseos/os',
'content/dist/rhel9/9.4/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9.4/aarch64/codeready-builder/debug',
'content/dist/rhel9/9.4/aarch64/codeready-builder/os',
'content/dist/rhel9/9.4/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.4/ppc64le/appstream/debug',
'content/dist/rhel9/9.4/ppc64le/appstream/os',
'content/dist/rhel9/9.4/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9.4/ppc64le/baseos/debug',
'content/dist/rhel9/9.4/ppc64le/baseos/os',
'content/dist/rhel9/9.4/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9.4/ppc64le/codeready-builder/debug',
'content/dist/rhel9/9.4/ppc64le/codeready-builder/os',
'content/dist/rhel9/9.4/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.4/s390x/appstream/debug',
'content/dist/rhel9/9.4/s390x/appstream/os',
'content/dist/rhel9/9.4/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9.4/s390x/baseos/debug',
'content/dist/rhel9/9.4/s390x/baseos/os',
'content/dist/rhel9/9.4/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9.4/s390x/codeready-builder/debug',
'content/dist/rhel9/9.4/s390x/codeready-builder/os',
'content/dist/rhel9/9.4/s390x/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.4/x86_64/appstream/debug',
'content/dist/rhel9/9.4/x86_64/appstream/os',
'content/dist/rhel9/9.4/x86_64/appstream/source/SRPMS',
'content/dist/rhel9/9.4/x86_64/baseos/debug',
'content/dist/rhel9/9.4/x86_64/baseos/os',
'content/dist/rhel9/9.4/x86_64/baseos/source/SRPMS',
'content/dist/rhel9/9.4/x86_64/codeready-builder/debug',
'content/dist/rhel9/9.4/x86_64/codeready-builder/os',
'content/dist/rhel9/9.4/x86_64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9.4/x86_64/nfv/debug',
'content/dist/rhel9/9.4/x86_64/nfv/os',
'content/dist/rhel9/9.4/x86_64/nfv/source/SRPMS',
'content/dist/rhel9/9.4/x86_64/rt/debug',
'content/dist/rhel9/9.4/x86_64/rt/os',
'content/dist/rhel9/9.4/x86_64/rt/source/SRPMS',
'content/dist/rhel9/9/aarch64/appstream/debug',
'content/dist/rhel9/9/aarch64/appstream/os',
'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',
'content/dist/rhel9/9/aarch64/baseos/debug',
'content/dist/rhel9/9/aarch64/baseos/os',
'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',
'content/dist/rhel9/9/aarch64/codeready-builder/debug',
'content/dist/rhel9/9/aarch64/codeready-builder/os',
'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9/ppc64le/appstream/debug',
'content/dist/rhel9/9/ppc64le/appstream/os',
'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',
'content/dist/rhel9/9/ppc64le/baseos/debug',
'content/dist/rhel9/9/ppc64le/baseos/os',
'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',
'content/dist/rhel9/9/ppc64le/codeready-builder/debug',
'content/dist/rhel9/9/ppc64le/codeready-builder/os',
'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',
'content/dist/rhel9/9/s390x/appstream/debug',
'content/dist/rhel9/9/s390x/appstream/os',
'content/dist/rhel9/9/s390x/appstream/source/SRPMS',
'content/dist/rhel9/9/s390x/baseos/debug',
'content/dist/rhel9/9/s390x/baseos/os',
'content/dist/rhel9/9/s390x/baseos/source/SRPMS',
'content/dist/rhel9/9/s390x/codeready-builder/debug',
'content/dist/rhel9/9/s390x/codeready-builder/os',
'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',
'content/dist/rhel9/9/x86_64/appstream/debug',
'content/dist/rhel9/9/x86_64/appstream/os',
'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',
'content/dist/rhel9/9/x86_64/baseos/debug',
'content/dist/rhel9/9/x86_64/baseos/os',
'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',
'content/dist/rhel9/9/x86_64/codeready-builder/debug',
'content/dist/rhel9/9/x86_64/codeready-builder/os',
'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',
'content/dist/rhel9/9/x86_64/nfv/debug',
'content/dist/rhel9/9/x86_64/nfv/os',
'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',
'content/dist/rhel9/9/x86_64/rt/debug',
'content/dist/rhel9/9/x86_64/rt/os',
'content/dist/rhel9/9/x86_64/rt/source/SRPMS'
],
'pkgs': [
{'reference':'bpftool-7.3.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-core-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-core-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-devel-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-devel-matched-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-modules-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-modules-core-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-modules-extra-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-devel-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-devel-matched-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-modules-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-modules-core-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-modules-extra-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-core-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-cross-headers-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-core-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-matched-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-core-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-extra-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-uki-virt-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-matched-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-core-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-core-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-core-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-devel-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-kvm-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-core-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-extra-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-devel-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-kvm-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-core-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-extra-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-5.14.0-427.33.1.el9_4', 'cpu':'ppc64le', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-5.14.0-427.33.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-5.14.0-427.33.1.el9_4', 'cpu':'ppc64le', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-uki-virt-5.14.0-427.33.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-5.14.0-427.33.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-core-5.14.0-427.33.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-devel-5.14.0-427.33.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-devel-matched-5.14.0-427.33.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-modules-5.14.0-427.33.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-modules-core-5.14.0-427.33.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-modules-extra-5.14.0-427.33.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rtla-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rv-5.14.0-427.33.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-64k / kernel-64k-core / kernel-64k-debug / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52771
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52880
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26581
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26668
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26810
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26908
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26925
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27016
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27019
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27415
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35839
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35898
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35962
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36003
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36025
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38540
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38544
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38579
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38608
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39476
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40905
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40911
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40912
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40914
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40939
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40941
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40978
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-40983
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41041
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41076
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41090
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41091
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42110
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42152
www.nessus.org/u?a6ff55f4
access.redhat.com/errata/RHSA-2024:5928
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=2265185
bugzilla.redhat.com/show_bug.cgi?id=2272797
bugzilla.redhat.com/show_bug.cgi?id=2273654
bugzilla.redhat.com/show_bug.cgi?id=2275742
bugzilla.redhat.com/show_bug.cgi?id=2275744
bugzilla.redhat.com/show_bug.cgi?id=2277166
bugzilla.redhat.com/show_bug.cgi?id=2278256
bugzilla.redhat.com/show_bug.cgi?id=2278258
bugzilla.redhat.com/show_bug.cgi?id=2278264
bugzilla.redhat.com/show_bug.cgi?id=2281101
bugzilla.redhat.com/show_bug.cgi?id=2281284
bugzilla.redhat.com/show_bug.cgi?id=2281669
bugzilla.redhat.com/show_bug.cgi?id=2281672
bugzilla.redhat.com/show_bug.cgi?id=2281675
bugzilla.redhat.com/show_bug.cgi?id=2281916
bugzilla.redhat.com/show_bug.cgi?id=2281958
bugzilla.redhat.com/show_bug.cgi?id=2282720
bugzilla.redhat.com/show_bug.cgi?id=2283468
bugzilla.redhat.com/show_bug.cgi?id=2284421
bugzilla.redhat.com/show_bug.cgi?id=2293356
bugzilla.redhat.com/show_bug.cgi?id=2293414
bugzilla.redhat.com/show_bug.cgi?id=2293455
bugzilla.redhat.com/show_bug.cgi?id=2293459
bugzilla.redhat.com/show_bug.cgi?id=2293461
bugzilla.redhat.com/show_bug.cgi?id=2295914
bugzilla.redhat.com/show_bug.cgi?id=2297489
bugzilla.redhat.com/show_bug.cgi?id=2297495
bugzilla.redhat.com/show_bug.cgi?id=2297496
bugzilla.redhat.com/show_bug.cgi?id=2297498
bugzilla.redhat.com/show_bug.cgi?id=2297513
bugzilla.redhat.com/show_bug.cgi?id=2297523
bugzilla.redhat.com/show_bug.cgi?id=2297525
bugzilla.redhat.com/show_bug.cgi?id=2297541
bugzilla.redhat.com/show_bug.cgi?id=2297562
bugzilla.redhat.com/show_bug.cgi?id=2297567
bugzilla.redhat.com/show_bug.cgi?id=2299240
bugzilla.redhat.com/show_bug.cgi?id=2299336
bugzilla.redhat.com/show_bug.cgi?id=2300410
bugzilla.redhat.com/show_bug.cgi?id=2300453
bugzilla.redhat.com/show_bug.cgi?id=2301473
bugzilla.redhat.com/show_bug.cgi?id=2301519
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
16.3%