Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.ROCKY_LINUX_RLSA-2021-4361.NASLHistoryNov 07, 2023 - 12:00 a.m.
Rocky Linux 8 : NetworkManager (RLSA-2021:4361)
2023-11-0700:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
9
rocky linux 8
networkmanager
vulnerability
rlsa-2021:4361
denial-of-service
systemd 245
dhcp forcerenew
dhcp ack
spoofing attack
cve-2020-13529
nessus
scanner
CVSS2
2.9
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:M/Au:N/C:N/I:N/A:P
CVSS3
6.1
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
49.6%
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4361 advisory.
- An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server. (CVE-2020-13529)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2021:4361.
##
include('compat.inc');
if (description)
{
script_id(185030);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/07");
script_cve_id("CVE-2020-13529");
script_xref(name:"RLSA", value:"2021:4361");
script_name(english:"Rocky Linux 8 : NetworkManager (RLSA-2021:4361)");
script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the
RLSA-2021:4361 advisory.
- An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW
packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An
attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server. (CVE-2020-13529)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2021:4361");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1791212");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1820770");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1825666");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1832112");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1832273");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1847125");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1847894");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1852317");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1890234");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1899372");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1907960");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1912236");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1912423");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1915276");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1915278");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1928078");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1933719");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1934122");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1934291");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1934465");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1935842");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1936610");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1940435");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1940504");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1940934");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1942331");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1945282");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1955101");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1959397");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1959461");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1959934");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1959961");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1970335");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1971527");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1973199");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1977984");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1979192");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1979387");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1982403");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1988751");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2004212");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:A/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-13529");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/05/10");
script_set_attribute(attribute:"patch_publication_date", value:"2021/11/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-adsl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-adsl-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-bluetooth");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-bluetooth-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-cloud-setup");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-cloud-setup-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-config-connectivity-redhat");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-config-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-dispatcher-routing-rules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-libnm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-libnm-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-libnm-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-ovs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-ovs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-ppp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-ppp-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-team");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-team-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-tui");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-tui-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-wifi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-wifi-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-wwan");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:NetworkManager-wwan-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:8");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Rocky Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);
if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);
var pkgs = [
{'reference':'NetworkManager-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-adsl-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-adsl-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-adsl-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-adsl-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-bluetooth-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-bluetooth-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-bluetooth-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-bluetooth-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-cloud-setup-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-cloud-setup-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-config-connectivity-redhat-1.32.10-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-config-server-1.32.10-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-debuginfo-1.32.10-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-debugsource-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-debugsource-1.32.10-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-debugsource-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-dispatcher-routing-rules-1.32.10-4.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-libnm-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-libnm-1.32.10-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-libnm-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-libnm-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-libnm-debuginfo-1.32.10-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-libnm-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-libnm-devel-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-libnm-devel-1.32.10-4.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-libnm-devel-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-ovs-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-ovs-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-ovs-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-ovs-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-ppp-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-ppp-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-ppp-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-ppp-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-team-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-team-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-team-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-team-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-tui-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-tui-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-tui-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-tui-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-wifi-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-wifi-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-wifi-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-wifi-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-wwan-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-wwan-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-wwan-debuginfo-1.32.10-4.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
{'reference':'NetworkManager-wwan-debuginfo-1.32.10-4.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_NOTE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'NetworkManager / NetworkManager-adsl / etc');
}
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13529
bugzilla.redhat.com/show_bug.cgi?id=1791212
bugzilla.redhat.com/show_bug.cgi?id=1820770
bugzilla.redhat.com/show_bug.cgi?id=1825666
bugzilla.redhat.com/show_bug.cgi?id=1832112
bugzilla.redhat.com/show_bug.cgi?id=1832273
bugzilla.redhat.com/show_bug.cgi?id=1847125
bugzilla.redhat.com/show_bug.cgi?id=1847894
bugzilla.redhat.com/show_bug.cgi?id=1852317
bugzilla.redhat.com/show_bug.cgi?id=1890234
bugzilla.redhat.com/show_bug.cgi?id=1899372
bugzilla.redhat.com/show_bug.cgi?id=1907960
bugzilla.redhat.com/show_bug.cgi?id=1912236
bugzilla.redhat.com/show_bug.cgi?id=1912423
bugzilla.redhat.com/show_bug.cgi?id=1915276
bugzilla.redhat.com/show_bug.cgi?id=1915278
bugzilla.redhat.com/show_bug.cgi?id=1928078
bugzilla.redhat.com/show_bug.cgi?id=1933719
bugzilla.redhat.com/show_bug.cgi?id=1934122
bugzilla.redhat.com/show_bug.cgi?id=1934291
bugzilla.redhat.com/show_bug.cgi?id=1934465
bugzilla.redhat.com/show_bug.cgi?id=1935842
bugzilla.redhat.com/show_bug.cgi?id=1936610
bugzilla.redhat.com/show_bug.cgi?id=1940435
bugzilla.redhat.com/show_bug.cgi?id=1940504
bugzilla.redhat.com/show_bug.cgi?id=1940934
bugzilla.redhat.com/show_bug.cgi?id=1942331
bugzilla.redhat.com/show_bug.cgi?id=1945282
bugzilla.redhat.com/show_bug.cgi?id=1955101
bugzilla.redhat.com/show_bug.cgi?id=1959397
bugzilla.redhat.com/show_bug.cgi?id=1959461
bugzilla.redhat.com/show_bug.cgi?id=1959934
bugzilla.redhat.com/show_bug.cgi?id=1959961
bugzilla.redhat.com/show_bug.cgi?id=1970335
bugzilla.redhat.com/show_bug.cgi?id=1971527
bugzilla.redhat.com/show_bug.cgi?id=1973199
bugzilla.redhat.com/show_bug.cgi?id=1977984
bugzilla.redhat.com/show_bug.cgi?id=1979192
bugzilla.redhat.com/show_bug.cgi?id=1979387
bugzilla.redhat.com/show_bug.cgi?id=1982403
bugzilla.redhat.com/show_bug.cgi?id=1988751
bugzilla.redhat.com/show_bug.cgi?id=2004212
errata.rockylinux.org/RLSA-2021:4361
Related
f5
f5
K000137002 : systemd vulnerability CVE-2020-13529
2023-09-27 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : systemd (EulerOS-SA-2021-2676)
2021-11-11 00:00:00
EulerOS 2.0 SP3 : NetworkManager (EulerOS-SA-2022-1178)
2022-02-23 00:00:00
EulerOS Virtualization 3.0.2.0 : systemd (EulerOS-SA-2021-2824)
2021-12-29 00:00:00
talos
talos
Systemd DHCP client denial-of-service vulnerability
2021-04-26 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for NetworkManager (EulerOS-SA-2021-2821)
2021-12-30 00:00:00
Huawei EulerOS: Security Advisory for NetworkManager (EulerOS-SA-2022-1107)
2022-02-13 00:00:00
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2022-1192)
2022-02-24 00:00:00
rocky
rocky
NetworkManager security, bug fix, and enhancement update
2021-11-09 09:11:14
osv
osv
Moderate: NetworkManager security, bug fix, and enhancement update
2021-11-09 09:11:14
CVE-2020-13529
2021-05-10 16:15:07
Moderate: NetworkManager security, bug fix, and enhancement update
2021-11-09 09:11:14
veracode
veracode
Denial-of-service (DoS)
2021-08-12 14:53:46
prion
prion
Denial of service
2021-05-10 16:15:00
altlinux
altlinux
redhatcve
redhatcve
CVE-2020-13529
2021-05-11 20:53:45
almalinux
almalinux
Moderate: NetworkManager security, bug fix, and enhancement update
2021-11-09 09:11:14
cvelist
cvelist
CVE-2020-13529
2021-05-10 15:08:34
debiancve
debiancve
CVE-2020-13529
2021-05-10 16:15:07
redhat
redhat
nvd
nvd
CVE-2020-13529
2021-05-10 16:15:07
cve
cve
CVE-2020-13529
2021-05-10 16:15:07
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0272
2021-07-23 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-2.0-0373
2021-07-26 00:00:00
Moderate Photon OS Security Update - PHSA-2021-3.0-0272
2021-07-23 00:00:00
ubuntucve
ubuntucve
CVE-2020-13529
2021-05-10 00:00:00
archlinux
archlinux
[ASA-202107-29] systemd: denial of service
2021-07-14 00:00:00
oraclelinux
oraclelinux
NetworkManager security, bug fix, and enhancement update
2021-11-16 00:00:00
gentoo
gentoo
systemd: Multiple vulnerabilities
2021-07-20 00:00:00
suse
suse
Security update for systemd (moderate)
2021-08-23 00:00:00
ubuntu
ubuntu
systemd vulnerabilities
2021-07-20 00:00:00
systemd vulnerabilities
2021-07-20 00:00:00
cloudfoundry
cloudfoundry
USN-5013-1: systemd vulnerabilities | Cloud Foundry
2021-09-07 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: systemd-246.15-1.fc33
2021-07-24 01:08:44
redos
redos
ROS-20240403-15
2024-04-03 00:00:00
mageia
mageia
Updated systemd packages fix security vulnerabilities
2021-07-22 10:08:00
amazon
amazon
Important: systemd
2022-09-30 07:04:00
kitploit
kitploit
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
avleonov
avleonov
CVSS2
2.9
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:M/Au:N/C:N/I:N/A:P
CVSS3
6.1
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
49.6%
Related for ROCKY_LINUX_RLSA-2021-4361.NASL