Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.ROCKY_LINUX_RLSA-2021-1935.NASL
HistoryNov 07, 2023 - 12:00 a.m.

Rocky Linux 8 : rust-toolset:rhel8 (RLSA-2021:1935)

2023-11-0700:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
1
rocky linux 8
rust-toolset
rlsa-2021:1935
vulnerabilities
string::retain()
vecdeque::make_contiguous
panic safety
use-after-free
double free
nessus
application version

7.4 High

AI Score

Confidence

Low

JSON

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1935 advisory.

  • In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string.
    (CVE-2020-36317)

  • In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
    (CVE-2020-36318)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2021:1935.
##

include('compat.inc');

if (description)
{
  script_id(184983);
  script_version("1.0");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/07");

  script_cve_id("CVE-2020-36317", "CVE-2020-36318");
  script_xref(name:"RLSA", value:"2021:1935");

  script_name(english:"Rocky Linux 8 : rust-toolset:rhel8 (RLSA-2021:1935)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2021:1935 advisory.

  - In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It
    allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a
    memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string.
    (CVE-2020-36317)

  - In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same
    element more than once under certain condition. This bug could result in a use-after-free or double free.
    (CVE-2020-36318)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2021:1935");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1949189");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1949192");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-36318");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/04/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/05/18");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/07");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:cargo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:cargo-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:cargo-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:clippy");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:clippy-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rls");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rls-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-analysis");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-debugger-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-gdb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-lldb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-src");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-std-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rust-toolset");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rustfmt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rustfmt-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:8");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Rocky Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);

if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);

var pkgs = [
    {'reference':'cargo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'cargo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'cargo-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'cargo-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'cargo-doc-1.49.0-1.module+el8.4.0+416+259a129a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'clippy-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'clippy-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'clippy-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'clippy-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rls-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rls-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rls-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rls-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-analysis-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-analysis-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-debugger-common-1.49.0-1.module+el8.4.0+416+259a129a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-debugsource-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-debugsource-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-doc-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-doc-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-gdb-1.49.0-1.module+el8.4.0+416+259a129a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-lldb-1.49.0-1.module+el8.4.0+416+259a129a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-src-1.49.0-1.module+el8.4.0+416+259a129a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-std-static-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-std-static-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-toolset-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rust-toolset-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rustfmt-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rustfmt-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rustfmt-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'rustfmt-debuginfo-1.49.0-1.module+el8.4.0+416+259a129a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cargo / cargo-debuginfo / cargo-doc / clippy / clippy-debuginfo / etc');
}
VendorProductVersionCPE
rockylinuxcargop-cpe:/a:rocky:linux:cargo
rockylinuxcargo-debuginfop-cpe:/a:rocky:linux:cargo-debuginfo
rockylinuxcargo-docp-cpe:/a:rocky:linux:cargo-doc
rockylinuxclippyp-cpe:/a:rocky:linux:clippy
rockylinuxclippy-debuginfop-cpe:/a:rocky:linux:clippy-debuginfo
rockylinuxrlsp-cpe:/a:rocky:linux:rls
rockylinuxrls-debuginfop-cpe:/a:rocky:linux:rls-debuginfo
rockylinuxrustp-cpe:/a:rocky:linux:rust
rockylinuxrust-analysisp-cpe:/a:rocky:linux:rust-analysis
rockylinuxrust-debugger-commonp-cpe:/a:rocky:linux:rust-debugger-common
Rows per page:
1-10 of 211

Related

nessus 4
rocky 1
osv 3
almalinux 1
redhat 2
oraclelinux 1
prion 2
redhatcve 2
debiancve 2
cbl_mariner 2
alpinelinux 1
veracode 2
cve 2
ubuntucve 2
nessus
nessus
Oracle Linux 8 : rust-toolset:ol8 (ELSA-2021-1935)
2021-05-26 00:00:00
RHEL 7 : rust-toolset-1.49 and rust-toolset-1.49-rust update (Low) (RHSA-2021:2243)
2022-09-15 00:00:00
CentOS 8 : rust-toolset:rhel8 (CESA-2021:1935)
2021-05-19 00:00:00
rocky
rocky
rust-toolset:rhel8 security, bug fix, and enhancement update
2021-05-18 06:26:06
osv
osv
Low: rust-toolset:rhel8 security, bug fix, and enhancement update
2021-05-18 06:26:06
CVE-2020-36317
2021-04-11 20:15:12
CVE-2020-36318
2021-04-11 20:15:12
almalinux
almalinux
Low: rust-toolset:rhel8 security, bug fix, and enhancement update
2021-05-18 06:26:06
redhat
redhat
(RHSA-2021:2243) Low: rust-toolset-1.49 and rust-toolset-1.49-rust update
2021-06-03 08:44:53
(RHSA-2021:1935) Low: rust-toolset:rhel8 security, bug fix, and enhancement update
2021-05-18 06:26:06
oraclelinux
oraclelinux
rust-toolset:ol8 security, bug fix, and enhancement update
2021-05-25 00:00:00
prion
prion
Design/Logic Flaw
2021-04-11 20:15:00
Double free
2021-04-11 20:15:00
redhatcve
redhatcve
CVE-2020-36317
2021-04-13 17:34:06
CVE-2020-36318
2021-04-13 17:34:49
debiancve
debiancve
CVE-2020-36317
2021-04-11 20:15:00
CVE-2020-36318
2021-04-11 20:15:00
cbl_mariner
cbl_mariner
CVE-2020-36317 affecting package rust 1.47.0-3
2021-05-06 23:58:25
CVE-2020-36318 affecting package rust 1.47.0-2
2022-03-19 16:41:23
alpinelinux
alpinelinux
CVE-2020-36317
2021-04-11 20:15:00
veracode
veracode
Denial Of Service (DoS)
2021-10-11 02:02:35
Denial Of Service (DoS)
2021-10-11 02:02:34
cve
cve
CVE-2020-36317
2021-04-11 20:15:00
CVE-2020-36318
2021-04-11 20:15:00
ubuntucve
ubuntucve
CVE-2020-36317
2021-04-11 00:00:00
CVE-2020-36318
2021-04-11 00:00:00

7.4 High

AI Score

Confidence

Low

JSON
Related for ROCKY_LINUX_RLSA-2021-1935.NASL
nessus4rocky1osv3almalinux1redhat2oraclelinux1prion2redhatcve2debiancve2cbl_mariner2alpinelinux1veracode2cve2ubuntucve2