CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
16.8%
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4583 advisory.
* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
* kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (CVE-2021-47548)
* kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596)
* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)
* kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)
* kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783)
* kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (CVE-2024-26858)
* kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)
* kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435)
* kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958)
* kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)
* kernel: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543)
* kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
* kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593)
* kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270)
* kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957)
* kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)
Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2024:4583.
##
include('compat.inc');
if (description)
{
script_id(204769);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/07/26");
script_cve_id(
"CVE-2021-47548",
"CVE-2021-47596",
"CVE-2022-48627",
"CVE-2023-52638",
"CVE-2024-26783",
"CVE-2024-26858",
"CVE-2024-27397",
"CVE-2024-27435",
"CVE-2024-35958",
"CVE-2024-36270",
"CVE-2024-36886",
"CVE-2024-36904",
"CVE-2024-36957",
"CVE-2024-38543",
"CVE-2024-38586",
"CVE-2024-38593",
"CVE-2024-38663"
);
script_xref(name:"RLSA", value:"2024:4583");
script_name(english:"Rocky Linux 9 : kernel (RLSA-2024:4583)");
script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2024:4583 advisory.
* kernel: TIPC message reassembly use-after-free remote code execution vulnerability (CVE-2024-36886)
* kernel: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in
hns_dsaf_ge_srst_by_port() (CVE-2021-47548)
* kernel: net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (CVE-2021-47596)
* kernel: vt: fix memory overlapping when deleting chars in the buffer (CVE-2022-48627)
* kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)
* kernel: mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (CVE-2024-26783)
* kernel: net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after
populating the metadata_map (CVE-2024-26858)
* kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)
* kernel: nvme: fix reconnection fail due to reserved tag allocation (CVE-2024-27435)
* kernel: net: ena: Fix incorrect descriptor free behavior (CVE-2024-35958)
* kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)
* kernel: lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (CVE-2024-38543)
* kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. (CVE-2024-38586)
* kernel: net: micrel: Fix receiving the timestamp in the frame for lan8841 (CVE-2024-38593)
* kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270)
* kernel: octeontx2-af: avoid off-by-one read from userspace (CVE-2024-36957)
* kernel: blk-cgroup: fix list corruption from resetting io stat (CVE-2024-38663)
Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2024:4583");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2267509");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273082");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2273466");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2275735");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2277238");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2280434");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281131");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2281925");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2283401");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284541");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2284581");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293230");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293380");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293402");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293456");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2293653");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=2294225");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:M/C:P/I:P/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-47548");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/03/02");
script_set_attribute(attribute:"patch_publication_date", value:"2024/07/26");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/07/26");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:bpftool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:bpftool-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-64k-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-abi-stablelists");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-cross-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debug-uki-virt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-headers");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debug-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-rt-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-tools-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-tools-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-tools-libs-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-uki-virt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-devel-matched");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-modules");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-modules-core");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:kernel-zfcpdump-modules-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libperf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:libperf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:python3-perf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:python3-perf-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rtla");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:rv");
script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:9");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Rocky Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('ksplice.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 9.x', 'Rocky Linux ' + os_ver);
if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);
if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
rm_kb_item(name:'Host/uptrack-uname-r');
var cve_list = make_list('CVE-2021-47548', 'CVE-2021-47596', 'CVE-2022-48627', 'CVE-2023-52638', 'CVE-2024-26783', 'CVE-2024-26858', 'CVE-2024-27397', 'CVE-2024-27435', 'CVE-2024-35958', 'CVE-2024-36270', 'CVE-2024-36886', 'CVE-2024-36904', 'CVE-2024-36957', 'CVE-2024-38543', 'CVE-2024-38586', 'CVE-2024-38593', 'CVE-2024-38663');
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RLSA-2024:4583');
}
else
{
__rpm_report = ksplice_reporting_text();
}
}
var pkgs = [
{'reference':'bpftool-7.3.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-7.3.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-7.3.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-debuginfo-7.3.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-debuginfo-7.3.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'bpftool-debuginfo-7.3.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-modules-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-64k-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-abi-stablelists-5.14.0-427.26.1.el9_4', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-cross-headers-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-cross-headers-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-cross-headers-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debug-uki-virt-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-headers-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-kvm-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debug-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-kvm-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-rt-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-tools-libs-devel-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-uki-virt-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-devel-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-devel-matched-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-modules-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-modules-core-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'kernel-zfcpdump-modules-extra-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'libperf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'python3-perf-debuginfo-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rtla-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rtla-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rtla-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rv-5.14.0-427.26.1.el9_4', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rv-5.14.0-427.26.1.el9_4', 'cpu':'s390x', 'release':'9', 'rpm_spec_vers_cmp':TRUE},
{'reference':'rv-5.14.0-427.26.1.el9_4', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}
];
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / bpftool-debuginfo / kernel / kernel-64k / kernel-64k-core / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47548
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52638
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26783
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26858
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27397
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27435
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35958
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36270
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36886
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36904
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38543
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38586
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38593
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38663
bugzilla.redhat.com/show_bug.cgi?id=2267509
bugzilla.redhat.com/show_bug.cgi?id=2273082
bugzilla.redhat.com/show_bug.cgi?id=2273466
bugzilla.redhat.com/show_bug.cgi?id=2275735
bugzilla.redhat.com/show_bug.cgi?id=2277238
bugzilla.redhat.com/show_bug.cgi?id=2280434
bugzilla.redhat.com/show_bug.cgi?id=2281131
bugzilla.redhat.com/show_bug.cgi?id=2281925
bugzilla.redhat.com/show_bug.cgi?id=2283401
bugzilla.redhat.com/show_bug.cgi?id=2284541
bugzilla.redhat.com/show_bug.cgi?id=2284581
bugzilla.redhat.com/show_bug.cgi?id=2293230
bugzilla.redhat.com/show_bug.cgi?id=2293380
bugzilla.redhat.com/show_bug.cgi?id=2293402
bugzilla.redhat.com/show_bug.cgi?id=2293456
bugzilla.redhat.com/show_bug.cgi?id=2293653
bugzilla.redhat.com/show_bug.cgi?id=2294225
errata.rockylinux.org/RLSA-2024:4583
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
16.8%