Lucene search

K

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2519)

🗓️ 09 Oct 2024 00:00:00Reported by Copyright (C) 2024 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 5 Views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2519). Multiple security vulnerabilities have been identified in the kerne

Show more
Related
Refs
Code
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.2.2024.2519");
  script_cve_id("CVE-2019-25162", "CVE-2021-47183", "CVE-2021-47200", "CVE-2021-47247", "CVE-2021-47265", "CVE-2021-47334", "CVE-2021-47341", "CVE-2021-47427", "CVE-2021-47432", "CVE-2021-47469", "CVE-2021-47552", "CVE-2021-47582", "CVE-2021-47617", "CVE-2021-47619", "CVE-2022-48639", "CVE-2022-48652", "CVE-2022-48654", "CVE-2022-48672", "CVE-2022-48686", "CVE-2022-48695", "CVE-2022-48713", "CVE-2022-48714", "CVE-2022-48715", "CVE-2022-48717", "CVE-2022-48728", "CVE-2022-48738", "CVE-2022-48742", "CVE-2022-48744", "CVE-2022-48745", "CVE-2022-48746", "CVE-2022-48747", "CVE-2022-48754", "CVE-2022-48755", "CVE-2022-48761", "CVE-2022-48765", "CVE-2022-48767", "CVE-2022-48768", "CVE-2022-48769", "CVE-2022-48770", "CVE-2022-48771", "CVE-2022-48772", "CVE-2022-48775", "CVE-2022-48786", "CVE-2022-48804", "CVE-2022-48805", "CVE-2022-48809", "CVE-2022-48810", "CVE-2022-48816", "CVE-2022-48843", "CVE-2022-48848", "CVE-2022-48853", "CVE-2022-48855", "CVE-2022-48865", "CVE-2023-52501", "CVE-2023-52653", "CVE-2023-52672", "CVE-2023-52679", "CVE-2023-52708", "CVE-2023-52730", "CVE-2023-52732", "CVE-2023-52735", "CVE-2023-52736", "CVE-2023-52741", "CVE-2023-52743", "CVE-2023-52745", "CVE-2023-52747", "CVE-2023-52752", "CVE-2023-52754", "CVE-2023-52757", "CVE-2023-52762", "CVE-2023-52781", "CVE-2023-52784", "CVE-2023-52790", "CVE-2023-52807", "CVE-2023-52831", "CVE-2023-52835", "CVE-2023-52836", "CVE-2023-52853", "CVE-2023-52859", "CVE-2023-52881", "CVE-2024-26846", "CVE-2024-26873", "CVE-2024-26880", "CVE-2024-26910", "CVE-2024-26917", "CVE-2024-26935", "CVE-2024-26953", "CVE-2024-27017", "CVE-2024-27020", "CVE-2024-27062", "CVE-2024-27065", "CVE-2024-27388", "CVE-2024-27397", "CVE-2024-27403", "CVE-2024-27415", "CVE-2024-27417", "CVE-2024-31076", "CVE-2024-34777", "CVE-2024-35790", "CVE-2024-35805", "CVE-2024-35808", "CVE-2024-35809", "CVE-2024-35823", "CVE-2024-35839", "CVE-2024-35852", "CVE-2024-35853", "CVE-2024-35854", "CVE-2024-35855", "CVE-2024-35870", "CVE-2024-35877", "CVE-2024-35879", "CVE-2024-35886", "CVE-2024-35888", "CVE-2024-35893", "CVE-2024-35895", "CVE-2024-35896", "CVE-2024-35897", "CVE-2024-35899", "CVE-2024-35900", "CVE-2024-35904", "CVE-2024-35905", "CVE-2024-35910", "CVE-2024-35924", "CVE-2024-35925", "CVE-2024-35930", "CVE-2024-35939", "CVE-2024-35947", "CVE-2024-35950", "CVE-2024-35955", "CVE-2024-35958", "CVE-2024-35960", "CVE-2024-35962", "CVE-2024-35969", "CVE-2024-35973", "CVE-2024-35984", "CVE-2024-35989", "CVE-2024-35995", "CVE-2024-35997", "CVE-2024-36000", "CVE-2024-36004", "CVE-2024-36005", "CVE-2024-36007", "CVE-2024-36015", "CVE-2024-36016", "CVE-2024-36020", "CVE-2024-36021", "CVE-2024-36031", "CVE-2024-36478", "CVE-2024-36489", "CVE-2024-36883", "CVE-2024-36886", "CVE-2024-36898", "CVE-2024-36899", "CVE-2024-36900", "CVE-2024-36901", "CVE-2024-36902", "CVE-2024-36903", "CVE-2024-36904", "CVE-2024-36905", "CVE-2024-36908", "CVE-2024-36916", "CVE-2024-36917", "CVE-2024-36919", "CVE-2024-36923", "CVE-2024-36924", "CVE-2024-36927", "CVE-2024-36933", "CVE-2024-36938", "CVE-2024-36939", "CVE-2024-36940", "CVE-2024-36950", "CVE-2024-36952", "CVE-2024-36953", "CVE-2024-36954", "CVE-2024-36959", "CVE-2024-36960", "CVE-2024-36964", "CVE-2024-36971", "CVE-2024-36978", "CVE-2024-37353", "CVE-2024-37356", "CVE-2024-38538", "CVE-2024-38540", "CVE-2024-38541", "CVE-2024-38544", "CVE-2024-38552", "CVE-2024-38555", "CVE-2024-38556", "CVE-2024-38558", "CVE-2024-38559", "CVE-2024-38564", "CVE-2024-38577", "CVE-2024-38588", "CVE-2024-38596", "CVE-2024-38598", "CVE-2024-38601", "CVE-2024-38608", "CVE-2024-38615", "CVE-2024-38619", "CVE-2024-38632", "CVE-2024-38662", "CVE-2024-39276", "CVE-2024-39277", "CVE-2024-39472", "CVE-2024-39476", "CVE-2024-39480", "CVE-2024-39487", "CVE-2024-39493", "CVE-2024-39499", "CVE-2024-39500", "CVE-2024-39503", "CVE-2024-39508", "CVE-2024-39510", "CVE-2024-40899", "CVE-2024-40904", "CVE-2024-40905", "CVE-2024-40913", "CVE-2024-40934", "CVE-2024-40935", "CVE-2024-40956", "CVE-2024-40960", "CVE-2024-40972", "CVE-2024-40980", "CVE-2024-40983", "CVE-2024-40984", "CVE-2024-40990", "CVE-2024-40995", "CVE-2024-40998", "CVE-2024-41005", "CVE-2024-41007", "CVE-2024-41009");
  script_tag(name:"creation_date", value:"2024-10-09 04:31:34 +0000 (Wed, 09 Oct 2024)");
  script_version("2024-10-09T08:09:35+0000");
  script_tag(name:"last_modification", value:"2024-10-09 08:09:35 +0000 (Wed, 09 Oct 2024)");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2024-08-28 18:58:48 +0000 (Wed, 28 Aug 2024)");

  script_name("Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2519)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2024 Greenbone AG");
  script_family("Huawei EulerOS Local Security Checks");
  script_dependencies("gb_huawei_euleros_consolidation.nasl");
  script_mandatory_keys("ssh/login/euleros", "ssh/login/rpms", re:"ssh/login/release=EULEROS\-2\.0SP12");

  script_xref(name:"Advisory-ID", value:"EulerOS-SA-2024-2519");
  script_xref(name:"URL", value:"https://developer.huaweicloud.com/intl/en-us/euleros/securitydetail.html?secId=EulerOS-SA-2024-2519");

  script_tag(name:"summary", value:"The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2024-2519 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue(CVE-2024-36938)

bpf, sockmap: Prevent lock inversion deadlock in map delete elem(CVE-2024-35895)

cifs: Fix use-after-free in rdata->read_into_pages()(CVE-2023-52741)

crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak(CVE-2024-39493)

Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj(CVE-2022-48775)

drm/amd/display: Fix potential index out of bounds in color transformation function(CVE-2024-38552)

drm/client: Fully protect modes[] with dev->mode_config.mutex(CVE-2024-35950)

drm/vmwgfx: Fix invalid reads in fence signaled events(CVE-2024-36960)

drm/vrr: Set VRR capable prop only if it is attached to connector(CVE-2022-48843)

dyndbg: fix old BUG_ON in >control parser(CVE-2024-35947)

firewire: ohci: mask bus reset interrupts between ISR and bottom half(CVE-2024-36950)

genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline(CVE-2024-31076)

i2c: Fix a potential use after free(CVE-2019-25162)

IB/hfi1: Restore allocated resources on failed copyout(CVE-2023-52747)

ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path(CVE-2022-48810)

ipv6: fix potential 'struct net' leak in inet6_rtm_getaddr()(CVE-2024-27417)

kernel: block: fix overflow in blk_ioctl_discard()(CVE-2024-36917)

kernel: cpu/hotplug: Don't offline the last non-isolated CPU(CVE-2023-52831)

kernel: ext4: fix mb_cache_entry&#39,s e_refcnt leak in ext4_xattr_block_cache_find()(CVE-2024-39276)

kernel: md/dm-raid: don&#39,t call md_reap_sync_thread() directly(CVE-2024-35808)

kernel: mmc: mmc_spi: fix error handling in mmc_spi_probe()(CVE-2023-52708)

kernel: PCI/PM: Drain runtime-idle callbacks before driver removal(CVE-2024-35809)

kernel: perf/core: Bail out early if the request AUX area is out of bound(CVE-2023-52835)

kernel: pinctrl: core: delete incorrect free in pinctrl_enable()(CVE-2024-36940)

kernel: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe(CVE-2022-48715)

kernel: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload(CVE-2024-36919)

kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up(CVE-2024-36952)

kernel: scsi: mpt3sas: Fix use-after-free warning(CVE-2022-48695)

kernel: selinux: avoid dereference of garbage after mount failure(CVE-2024-35904)

kernel: smb: client: fix use-after-free bug in cifs_debug_data_proc_show()(CVE-2023-52752)

kernel:ACPI: CPPC: Use access_width over bit_width for system memory accesses(CVE-2024-35995)

kernel:ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.(CVE-2024-40984)

kernel:af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg(CVE-2024-38596)

kernel:block: Fix wrong offset in bio_truncate()(CVE-2022-48747)

kernel:block: prevent division by zero in blk_rq_stat_sum()(CVE-2024-35925)

kernel:bonding: Fix out-of-bounds read in ... [Please see the references for more information on the vulnerabilities]");

  script_tag(name:"affected", value:"'kernel' package(s) on Huawei EulerOS V2.0SP12.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");
  script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
  script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "EULEROS-2.0SP12") {

  if(!isnull(res = isrpmvuln(pkg:"bpftool", rpm:"bpftool~5.10.0~136.12.0.86.h2059.eulerosv2r12", rls:"EULEROS-2.0SP12"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel", rpm:"kernel~5.10.0~136.12.0.86.h2059.eulerosv2r12", rls:"EULEROS-2.0SP12"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-abi-stablelists", rpm:"kernel-abi-stablelists~5.10.0~136.12.0.86.h2059.eulerosv2r12", rls:"EULEROS-2.0SP12"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tools", rpm:"kernel-tools~5.10.0~136.12.0.86.h2059.eulerosv2r12", rls:"EULEROS-2.0SP12"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tools-libs", rpm:"kernel-tools-libs~5.10.0~136.12.0.86.h2059.eulerosv2r12", rls:"EULEROS-2.0SP12"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"python3-perf", rpm:"python3-perf~5.10.0~136.12.0.86.h2059.eulerosv2r12", rls:"EULEROS-2.0SP12"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
09 Oct 2024 00:00Current
9.8High risk
Vulners AI Score9.8
CVSS39.8
EPSS0.001
SSVC
5
.json
Report