Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:13614125623111020240309HistorySep 20, 2024 - 12:00 a.m.
Mageia: Security Advisory (MGASA-2024-0309)
2024-09-2000:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
mageia
security advisory
mgasa-2024-0309
multiple
cve
vulnerabilities
patched
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
High
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.10.2024.0309");
script_cve_id("CVE-2023-52889", "CVE-2024-42259", "CVE-2024-42265", "CVE-2024-42267", "CVE-2024-42268", "CVE-2024-42269", "CVE-2024-42270", "CVE-2024-42271", "CVE-2024-42272", "CVE-2024-42273", "CVE-2024-42274", "CVE-2024-42276", "CVE-2024-42277", "CVE-2024-42278", "CVE-2024-42279", "CVE-2024-42280", "CVE-2024-42281", "CVE-2024-42283", "CVE-2024-42284", "CVE-2024-42285", "CVE-2024-42286", "CVE-2024-42287", "CVE-2024-42288", "CVE-2024-42289", "CVE-2024-42290", "CVE-2024-42291", "CVE-2024-42292", "CVE-2024-42294", "CVE-2024-42295", "CVE-2024-42296", "CVE-2024-42297", "CVE-2024-42298", "CVE-2024-42299", "CVE-2024-42301", "CVE-2024-42302", "CVE-2024-42303", "CVE-2024-42304", "CVE-2024-42305", "CVE-2024-42306", "CVE-2024-42307", "CVE-2024-42308", "CVE-2024-42309", "CVE-2024-42310", "CVE-2024-42311", "CVE-2024-42312", "CVE-2024-42313", "CVE-2024-42314", "CVE-2024-42315", "CVE-2024-42316", "CVE-2024-42318", "CVE-2024-42320", "CVE-2024-42321", "CVE-2024-42322", "CVE-2024-43817", "CVE-2024-43818", "CVE-2024-43821", "CVE-2024-43823", "CVE-2024-43825", "CVE-2024-43828", "CVE-2024-43829", "CVE-2024-43830", "CVE-2024-43831", "CVE-2024-43832", "CVE-2024-43833", "CVE-2024-43834", "CVE-2024-43837", "CVE-2024-43839", "CVE-2024-43841", "CVE-2024-43842", "CVE-2024-43845", "CVE-2024-43846", "CVE-2024-43847", "CVE-2024-43849", "CVE-2024-43850", "CVE-2024-43851", "CVE-2024-43853", "CVE-2024-43854", "CVE-2024-43855", "CVE-2024-43856", "CVE-2024-43858", "CVE-2024-43859", "CVE-2024-43860", "CVE-2024-43861", "CVE-2024-43863", "CVE-2024-43864", "CVE-2024-43866", "CVE-2024-43867", "CVE-2024-43869", "CVE-2024-43870", "CVE-2024-43871", "CVE-2024-43873", "CVE-2024-43875", "CVE-2024-43876", "CVE-2024-43877", "CVE-2024-43879", "CVE-2024-43880", "CVE-2024-43881", "CVE-2024-43882", "CVE-2024-43883", "CVE-2024-43889", "CVE-2024-43890", "CVE-2024-43892", "CVE-2024-43893", "CVE-2024-43894", "CVE-2024-43895", "CVE-2024-43897", "CVE-2024-43898", "CVE-2024-43900", "CVE-2024-43902", "CVE-2024-43903", "CVE-2024-43905", "CVE-2024-43906", "CVE-2024-43907", "CVE-2024-43908", "CVE-2024-43909", "CVE-2024-43912", "CVE-2024-43914", "CVE-2024-44931", "CVE-2024-44934", "CVE-2024-44935", "CVE-2024-44938", "CVE-2024-44939", "CVE-2024-44940", "CVE-2024-44941", "CVE-2024-44942", "CVE-2024-44943", "CVE-2024-44944", "CVE-2024-44946", "CVE-2024-44947", "CVE-2024-44948", "CVE-2024-44949", "CVE-2024-44952", "CVE-2024-44954", "CVE-2024-44957", "CVE-2024-44958", "CVE-2024-44959", "CVE-2024-44960", "CVE-2024-44961", "CVE-2024-44962", "CVE-2024-44965", "CVE-2024-44966", "CVE-2024-44967", "CVE-2024-44968", "CVE-2024-44969", "CVE-2024-44970", "CVE-2024-44971", "CVE-2024-44972", "CVE-2024-44974", "CVE-2024-44977", "CVE-2024-44982", "CVE-2024-44983", "CVE-2024-44984", "CVE-2024-44985", "CVE-2024-44986", "CVE-2024-44987", "CVE-2024-44988", "CVE-2024-44989", "CVE-2024-44990", "CVE-2024-44991", "CVE-2024-44995", "CVE-2024-44996", "CVE-2024-44997", "CVE-2024-44998", "CVE-2024-44999", "CVE-2024-45000", "CVE-2024-45001", "CVE-2024-45002", "CVE-2024-45003", "CVE-2024-45005", "CVE-2024-45006", "CVE-2024-45007", "CVE-2024-45008");
script_tag(name:"creation_date", value:"2024-09-20 04:11:08 +0000 (Fri, 20 Sep 2024)");
script_version("2024-09-20T05:05:37+0000");
script_tag(name:"last_modification", value:"2024-09-20 05:05:37 +0000 (Fri, 20 Sep 2024)");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-09-06 16:28:16 +0000 (Fri, 06 Sep 2024)");
script_name("Mageia: Security Advisory (MGASA-2024-0309)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Mageia Linux Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA9");
script_xref(name:"Advisory-ID", value:"MGASA-2024-0309");
script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2024-0309.html");
script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=33546");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.44");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.45");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.46");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.47");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.48");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.49");
script_xref(name:"URL", value:"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.50");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel, kmod-virtualbox, kmod-xtables-addons' package(s) announced via the MGASA-2024-0309 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Upstream kernel version 6.6.50 fix bugs and vulnerabilities.
The kmod-virtualbox and kmod-xtables-addons packages have been
updated to work with this new kernel.
For information about the vulnerabilities see the links.");
script_tag(name:"affected", value:"'kernel, kmod-virtualbox, kmod-xtables-addons' package(s) on Mageia 9.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "MAGEIA9") {
if(!isnull(res = isrpmvuln(pkg:"bpftool", rpm:"bpftool~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"cpupower", rpm:"cpupower~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"cpupower-devel", rpm:"cpupower-devel~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel", rpm:"kernel~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop", rpm:"kernel-desktop~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-devel", rpm:"kernel-desktop-devel~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-devel-latest", rpm:"kernel-desktop-devel-latest~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop-latest", rpm:"kernel-desktop-latest~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586", rpm:"kernel-desktop586~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-devel", rpm:"kernel-desktop586-devel~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-devel-latest", rpm:"kernel-desktop586-devel-latest~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-desktop586-latest", rpm:"kernel-desktop586-latest~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server", rpm:"kernel-server~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-devel", rpm:"kernel-server-devel~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-devel-latest", rpm:"kernel-server-devel-latest~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-server-latest", rpm:"kernel-server-latest~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-source", rpm:"kernel-source~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kernel-userspace-headers", rpm:"kernel-userspace-headers~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kmod-virtualbox", rpm:"kmod-virtualbox~7.0.20~53.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"kmod-xtables-addons", rpm:"kmod-xtables-addons~3.24~61.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64bpf-devel", rpm:"lib64bpf-devel~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"lib64bpf1", rpm:"lib64bpf1~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libbpf-devel", rpm:"libbpf-devel~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libbpf1", rpm:"libbpf1~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"perf", rpm:"perf~6.6.50~1.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-6.6.50-desktop-1.mga9", rpm:"virtualbox-kernel-6.6.50-desktop-1.mga9~7.0.20~53.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-6.6.50-server-1.mga9", rpm:"virtualbox-kernel-6.6.50-server-1.mga9~7.0.20~53.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-desktop-latest", rpm:"virtualbox-kernel-desktop-latest~7.0.20~53.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"virtualbox-kernel-server-latest", rpm:"virtualbox-kernel-server-latest~7.0.20~53.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-6.6.50-desktop-1.mga9", rpm:"xtables-addons-kernel-6.6.50-desktop-1.mga9~3.24~61.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-6.6.50-desktop586-1.mga9", rpm:"xtables-addons-kernel-6.6.50-desktop586-1.mga9~3.24~61.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-6.6.50-server-1.mga9", rpm:"xtables-addons-kernel-6.6.50-server-1.mga9~3.24~61.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-desktop-latest", rpm:"xtables-addons-kernel-desktop-latest~3.24~61.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-desktop586-latest", rpm:"xtables-addons-kernel-desktop586-latest~3.24~61.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"xtables-addons-kernel-server-latest", rpm:"xtables-addons-kernel-server-latest~3.24~61.mga9", rls:"MAGEIA9"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
References
advisories.mageia.org/MGASA-2024-0309.html
bugs.mageia.org/show_bug.cgi?id=33546
cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.44
cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.45
cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.46
cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.47
cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.48
cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.49
cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.50
MGASA-2024-0309
Related
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2024-09-19 21:04:01
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0310)
2024-09-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:3252-1)
2024-09-17 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0359
2024-08-28 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0677
2024-08-28 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0374
2024-09-13 00:00:00
nessus
nessus
Photon OS 5.0: Linux PHSA-2024-5.0-0359
2024-09-06 00:00:00
Photon OS 4.0: Linux PHSA-2024-4.0-0677
2024-09-06 00:00:00
Photon OS 5.0: Linux PHSA-2024-5.0-0374
2024-09-13 00:00:00
nvd
nvd
debiancve
debiancve
ubuntucve
ubuntucve
redhatcve
redhatcve
cve
cve
cvelist
cvelist
CVE-2024-43881 wifi: ath12k: change DMA direction while mapping reinjected packets
2024-08-21 00:06:33
CVE-2024-44958 sched/smt: Fix unbalance sched_smt_present dec/inc
2024-09-04 18:35:56
CVE-2024-44943 mm: gup: stop abusing try_grab_folio
2024-08-28 07:11:49
osv
osv
CVE-2024-44989
2024-09-04 20:15:08
Security update for the Linux Kernel
2024-09-16 08:57:49
Security update for the Linux Kernel
2024-09-10 08:45:03
vulnrichment
vulnrichment
CVE-2024-42296 f2fs: fix return value of f2fs_convert_inline_inode()
2024-08-17 09:09:04
CVE-2024-43912 wifi: nl80211: disallow setting special AP channel widths
2024-08-26 10:11:16
CVE-2024-44941 f2fs: fix to cover read extent cache access with lock
2024-08-26 11:20:45
githubexploit
githubexploit
Exploit for Improper Initialization in Linux Linux Kernel
2024-09-03 18:37:40
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
High
Related for OPENVAS:13614125623111020240309