Search...

Critical RCE Vulnerability Reported in Linux Kernel's TIPC Module

2021-11-04T12:09:00

ID THN:E06BED4D2BA11AC485CD7E3489D6C0A8
Type thn
Reporter The Hacker News
Modified 2021-11-05T05:42:00

Description

Cybersecurity researchers have disclosed a security flaw in the Linux Kernel's Transparent Inter Process Communication (TIPC) module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines.

Tracked as CVE-2021-43267 (CVSS score: 9.8), the heap overflow vulnerability "can be exploited locally or remotely within a network to gain kernel privileges, and would allow an attacker to compromise the entire system," cybersecurity firm SentinelOne said in a report published today and shared with The Hacker News.

TIPC is a transport layer protocol designed for nodes running in dynamic cluster environments to reliably communicate with each other in a manner that's more efficient and fault-tolerant than other protocols such as TCP. The vulnerability identified by SentinelOne has to do with insufficient validation of user-supplied sizes for a new message type called "MSG_CRYPTO" that was introduced in September 2020 and enables peer nodes in the cluster to send cryptographic keys.

While the protocol has checks in place to validate such messages after decryption to ensure that a packet's actual payload size doesn't exceed that of the maximum user message size and that the latter is greater than the message header size, no restrictions were found to be placed on the length of the key (aka 'keylen') itself, resulting in a scenario where "an attacker can create a packet with a small body size to allocate heap memory, and then use an arbitrary size in the 'keylen' attribute to write outside the bounds of this location."

There is no evidence that the flaw has been abused in real-world attacks to date, and following responsible disclosure on October 19, the issue has been addressed in Linux Kernel version 5.15 released on October 31, 2021.

"The function tipc_crypto_key_rcv is used to parse MSG_CRYPTO messages to receive keys from other nodes in the cluster in order to decrypt any further messages from them," Linux kernel maintainers said in a fix pushed late last month. "This patch verifies that any supplied sizes in the message body are valid for the received message."

"While TIPC itself isn't loaded automatically by the system but by end users, the ability to configure it from an unprivileged local perspective and the possibility of remote exploitation makes this a dangerous vulnerability for those that use it in their networks," SentinelOne researcher Max Van Amerongen said.

Found this article interesting? Follow THN on Facebook, Twitter  and LinkedIn to read more exclusive content we post.

JSON Vulners Source

Initial Source

{"id": "THN:E06BED4D2BA11AC485CD7E3489D6C0A8", "vendorId": null, "type": "thn", "bulletinFamily": "info", "title": "Critical RCE Vulnerability Reported in Linux Kernel's TIPC Module", "description": "[![](https://thehackernews.com/new-images/img/a/AVvXsEhk51n43-UDQZvP3aB2B6UZCR6acN1doK3-fYgEhMNBlV395MmmEaxIuhR_sqqg0vorMvqXAmSUCMkc6oBmVKu2HiQjH8qwAhbs3d4XH484xJQ_8a47axCnMHcAXjyh2q1o6JyLXRIS4j4mwDU_wkNxDH5dcDEHM9iLFg0kib-mFY4exTVe9FYoFbt0)](<https://thehackernews.com/new-images/img/a/AVvXsEhk51n43-UDQZvP3aB2B6UZCR6acN1doK3-fYgEhMNBlV395MmmEaxIuhR_sqqg0vorMvqXAmSUCMkc6oBmVKu2HiQjH8qwAhbs3d4XH484xJQ_8a47axCnMHcAXjyh2q1o6JyLXRIS4j4mwDU_wkNxDH5dcDEHM9iLFg0kib-mFY4exTVe9FYoFbt0>)\n\nCybersecurity researchers have disclosed a security flaw in the Linux Kernel's Transparent Inter Process Communication ([TIPC](<https://www.kernel.org/doc/html/latest/networking/tipc.html>)) module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines.\n\nTracked as [CVE-2021-43267](<https://nvd.nist.gov/vuln/detail/CVE-2021-43267>) (CVSS score: 9.8), the heap overflow vulnerability \"can be exploited locally or remotely within a network to gain kernel privileges, and would allow an attacker to compromise the entire system,\" cybersecurity firm SentinelOne [said](<https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/>) in a report published today and shared with The Hacker News.\n\n[![Automatic GitHub Backups](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAASwAAAD6AQMAAAAho+iwAAAAA1BMVEXm5+i1+56pAAAAH0lEQVQYGe3AAQ0AAADCIPuntscHAwAAAAAAAAAAIOQmFgAB/YLDRAAAAABJRU5ErkJggg==)](<https://go.thn.li/backhub-d3> \"Automatic GitHub Backups\" )\n\nTIPC is a transport layer [protocol](<https://www.landley.net/kdocs/ols/2004/ols2004v2-pages-61-70.pdf>) [designed](<https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/getting-started-with-tipc_configuring-and-managing-networking>) for nodes running in dynamic cluster environments to reliably communicate with each other in a manner that's more efficient and fault-tolerant than other protocols such as TCP. The vulnerability identified by SentinelOne has to do with insufficient validation of user-supplied sizes for a new message type called \"[MSG_CRYPTO](<https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/tree/net/tipc/crypto.c>)\" that was introduced in September 2020 and enables peer nodes in the cluster to send cryptographic keys.\n\nWhile the protocol has checks in place to validate such messages after decryption to ensure that a packet's actual payload size doesn't exceed that of the maximum user message size and that the latter is greater than the message header size, no restrictions were found to be placed on the length of the key (aka 'keylen') itself, resulting in a scenario where \"an attacker can create a packet with a small body size to allocate heap memory, and then use an arbitrary size in the 'keylen' attribute to write outside the bounds of this location.\"\n\n[![](https://thehackernews.com/new-images/img/a/AVvXsEhbDNMj0HxlX213rlWjaQ_i_hgj70ms6rNuoS9HlWMrI_zB2b1npHFLJewvpCQhhIaI_oWLRbikXxW64yOntoLQp470qMIjOuJ4whx52C6-LR2_Hod8Xg_7teKc-gM4dEq-6YXbFyWAL7msOrBXwjE9kVRC7x9CiIDY2soeMb5J3fQJHwv9bpc6ZT25)](<https://thehackernews.com/new-images/img/a/AVvXsEhbDNMj0HxlX213rlWjaQ_i_hgj70ms6rNuoS9HlWMrI_zB2b1npHFLJewvpCQhhIaI_oWLRbikXxW64yOntoLQp470qMIjOuJ4whx52C6-LR2_Hod8Xg_7teKc-gM4dEq-6YXbFyWAL7msOrBXwjE9kVRC7x9CiIDY2soeMb5J3fQJHwv9bpc6ZT25>)\n\nThere is no evidence that the flaw has been abused in real-world attacks to date, and following responsible disclosure on October 19, the issue has been addressed in Linux Kernel version 5.15 released on October 31, 2021.\n\n[![Prevent Data Breaches](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAASwAAAD6AQMAAAAho+iwAAAAA1BMVEXm5+i1+56pAAAAH0lEQVQYGe3AAQ0AAADCIPuntscHAwAAAAAAAAAAIOQmFgAB/YLDRAAAAABJRU5ErkJggg==)](<https://go.thn.li/csec-inside-2-d> \"Prevent Data Breaches\" )\n\n\"The function tipc_crypto_key_rcv is used to parse MSG_CRYPTO messages to receive keys from other nodes in the cluster in order to decrypt any further messages from them,\" Linux kernel maintainers [said](<https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.15&id=fa40d9734a57bcbfa79a280189799f76c88f7bb0>) in a fix pushed late last month. \"This patch verifies that any supplied sizes in the message body are valid for the received message.\"\n\n\"While TIPC itself isn't loaded automatically by the system but by end users, the ability to configure it from an unprivileged local perspective and the possibility of remote exploitation makes this a dangerous vulnerability for those that use it in their networks,\" SentinelOne researcher Max Van Amerongen said.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "published": "2021-11-04T12:09:00", "modified": "2021-11-05T05:42:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://thehackernews.com/2021/11/critical-rce-vulnerability-reported-in.html", "reporter": "The Hacker News", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-05T06:36:19", "viewCount": 31, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4750", "RHSA-2021:4647"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-11-05T06:36:19", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-11-05T06:36:19", "rev": 2}, "vulnersScore": 5.3}}

{"redhatcve": [{"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "afc68de06085be71fc343ab09bd888b1", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent interprocess communication. An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system.\n#### Mitigation\n\nThe TIPC module will NOT be automatically loaded. When required, administrative action is needed to explicitly load this module. \n\n\nLoading the module can be prevented with the following instructions: \n# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf \nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. \n\n\nIf the system requires this module to work correctly, this mitigation may not be suitable. \nIf you need further assistance, see KCS article <https://access.redhat.com/solutions/41278> or contact Red Hat Global Support Services. \n\n\nTo mitigate the issue on systems that do need to use TIPC and do *not* deploy the TIPC protocol level encryption but rather use different ways to ensure secure communication between nodes (eg. physical network separation, IPSec/MACsec): \n\n\n\\- BEWARE THAT THIS WILL DISABLE THE TIPC PROTOCOL LEVEL ENCRYPTION - \n\n\n1) On the host, save the following in a file with the ".stp" extension: \n\n\n%{ \n\n\n#include <linux/skbuff.h> \n\n\n#define MSG_CRYPTO 14 \n#define SOCK_WAKEUP 14 /* pseudo user */ \n#define TOP_SRV 15 /* pseudo user */ \n\n\nstruct tipc_msg { \n __be32 hdr[15]; \n}; \n\n\nstatic inline struct tipc_msg *buf_msg(struct sk_buff *skb) \n{ \n return (struct tipc_msg *)skb->data; \n} \n\n\nstatic inline u32 msg_word(struct tipc_msg *m, u32 pos) \n{ \n return ntohl(m->hdr[pos]); \n} \n\n\nstatic inline void msg_set_word(struct tipc_msg *m, u32 w, u32 val) \n{ \n m->hdr[w] = htonl(val); \n} \n\n\nstatic inline u32 msg_bits(struct tipc_msg *m, u32 w, u32 pos, u32 mask) \n{ \n return (msg_word(m, w) >> pos) & mask; \n} \n\n\nstatic inline void msg_set_bits(struct tipc_msg *m, u32 w, \n u32 pos, u32 mask, u32 val) \n{ \n val = (val & mask) << pos; \n mask = mask << pos; \n m->hdr[w] &= ~htonl(mask); \n m->hdr[w] |= htonl(val); \n} \n\n\nstatic inline u32 msg_user(struct tipc_msg *m) \n{ \n return msg_bits(m, 0, 25, 0xf); \n} \n\n\nstatic inline void msg_set_user(struct tipc_msg *m, u32 n) \n{ \n msg_set_bits(m, 0, 25, 0xf, n); \n} \n\n\n%} \n\n\nfunction sanitize:long (skb:long) %{ \n struct sk_buff *skb; \n struct tipc_msg *hdr; \n\n\n#if STAP_COMPAT_VERSION >= STAP_VERSION(1,8) \n skb = (struct sk_buff *) (unsigned long) STAP_ARG_skb; \n#else \n skb = (struct sk_buff *) (unsigned long) THIS->skb; \n#endif \n\n\n hdr = buf_msg(skb); \n\n\n if(msg_user(hdr) == MSG_CRYPTO) { \n msg_set_user(hdr, TOP_SRV); // set to invalid in this context \n } \n\n\n%} \n\n\nprobe module("tipc").function("tipc_data_input").call { \n sanitize($skb); \n} \n\n\n2) Install the "systemtap" package and any required dependencies (such as \n kernel-devel and kernel-debuginfo packages). \n\n\n3) Run the "stap -g [filename-from-step-1].stp" command as root. \n\n\nIf the host is rebooted, the changes will be lost and the script must be \nrun again. \n\n\nAlternatively, build the systemtap script on a development system with \n"stap -g -p 4 [filename-from-step-1].stp", distribute the resulting kernel \nmodule to all affected systems, and run "staprun -L <module>" on those. \nWhen using this approach only systemtap-runtime package is required on the \naffected systems. Please notice that the kernel version must be the same across \nall systems. \n\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-19T19:52:48", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-27T04:29:25", "history": [{"bulletin": {"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "d640096e78889f65f59d2b6d8417ac29", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-04T16:39:57", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-04T19:27:30", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.6", "vendorCvss": {"score": "8.1", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, "lastseen": "2021-11-04T19:27:30", "differentElements": ["description", "modified"], "edition": 1}, {"bulletin": {"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "8bfe4d553cb803d1d14652385fef7e15", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.\n#### Mitigation\n\nThe TIPC module will NOT be autoloaded when required it requires administrative action to load this module. \n\n\nLoading th emodule can be prevented with the following instructions: \n\n\n# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf \n\n\nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. \n\n\nIf the system requires this module to work correctly, this mitigation may not be suitable. \n\n\nIf you need further assistance, see KCS article <https://access.redhat.com/solutions/41278> or contact Red Hat Global Support Services. \n\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-05T04:13:38", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-05T04:28:10", "history": [], "viewCount": 6, "enchantments": {}, "objectVersion": "1.6", "vendorCvss": {"score": "8.1", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, "lastseen": "2021-11-05T04:28:10", "differentElements": ["modified"], "edition": 2}, {"bulletin": {"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "d2282a270aeeb3389e48fdbe836855f8", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.\n#### Mitigation\n\nThe TIPC module will NOT be autoloaded when required it requires administrative action to load this module. \n\n\nLoading th emodule can be prevented with the following instructions: \n\n\n# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf \n\n\nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. \n\n\nIf the system requires this module to work correctly, this mitigation may not be suitable. \n\n\nIf you need further assistance, see KCS article <https://access.redhat.com/solutions/41278> or contact Red Hat Global Support Services. \n\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-05T06:32:28", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-05T07:29:11", "history": [], "viewCount": 6, "enchantments": {}, "objectVersion": "1.6", "vendorCvss": {"score": "8.1", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, "lastseen": "2021-11-05T07:29:11", "differentElements": ["cvss", "modified"], "edition": 3}, {"bulletin": {"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "b1ffee647708af61ab65b61f6a232bc2", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.\n#### Mitigation\n\nThe TIPC module will NOT be autoloaded when required it requires administrative action to load this module. \n\n\nLoading th emodule can be prevented with the following instructions: \n\n\n# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf \n\n\nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. \n\n\nIf the system requires this module to work correctly, this mitigation may not be suitable. \n\n\nIf you need further assistance, see KCS article <https://access.redhat.com/solutions/41278> or contact Red Hat Global Support Services. \n\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-05T10:25:13", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-05T10:27:37", "history": [], "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:4D962DB3523D376C2D55CF5317453915", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}], "modified": "2021-11-05T10:27:37", "rev": 2}, "score": {"value": 6.1, "vector": "NONE", "modified": "2021-11-05T10:27:37", "rev": 2}}, "objectVersion": "1.6", "vendorCvss": {"score": "8.1", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, "lastseen": "2021-11-05T10:27:37", "differentElements": ["description", "modified"], "edition": 4}, {"bulletin": {"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "3b6ca62abd611d285d408d72a34b574f", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent interprocess communication. An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system.\n#### Mitigation\n\nThe TIPC module will NOT be autoloaded when required it requires administrative action to load this module. \n\n\nLoading th emodule can be prevented with the following instructions: \n\n\n# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf \n\n\nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. \n\n\nIf the system requires this module to work correctly, this mitigation may not be suitable. \n\n\nIf you need further assistance, see KCS article <https://access.redhat.com/solutions/41278> or contact Red Hat Global Support Services. \n\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-05T16:19:06", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-05T16:27:29", "history": [], "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF"]}], "modified": "2021-11-05T16:27:29", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-11-05T16:27:29", "rev": 2}}, "objectVersion": "1.6", "vendorCvss": {"score": "8.1", "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, "lastseen": "2021-11-05T16:27:29", "differentElements": ["description", "modified", "vendorCvss"], "edition": 5}, {"bulletin": {"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "38b3be47f66888f082f361d4ab8016cc", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent interprocess communication. An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system.\n#### Mitigation\n\nThe TIPC module will NOT be automatically loaded. When required, administrative action is needed to explicitly load this module. \n\n\nLoading the module can be prevented with the following instructions: \n# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf \nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. \n\n\nIf the system requires this module to work correctly, this mitigation may not be suitable. \nIf you need further assistance, see KCS article <https://access.redhat.com/solutions/41278> or contact Red Hat Global Support Services. \n\n\nTo mitigate the issue on systems that do need to use TIPC and do *not* deploy the TIPC protocol level encryption but rather use different ways to ensure secure communication between nodes (eg. physical network separation, IPSec/MACsec): \n\n\n\\- BEWARE THAT THIS WILL DISABLE THE TIPC PROTOCOL LEVEL ENCRYPTION - \n\n\n1) On the host, save the following in a file with the ".stp" extension: \n\n\n%{ \n\n\n#include <linux/skbuff.h> \n\n\n#define MSG_CRYPTO 14 \n#define SOCK_WAKEUP 14 /* pseudo user */ \n#define TOP_SRV 15 /* pseudo user */ \n\n\nstruct tipc_msg { \n __be32 hdr[15]; \n}; \n\n\nstatic inline struct tipc_msg *buf_msg(struct sk_buff *skb) \n{ \n return (struct tipc_msg *)skb->data; \n} \n\n\nstatic inline u32 msg_word(struct tipc_msg *m, u32 pos) \n{ \n return ntohl(m->hdr[pos]); \n} \n\n\nstatic inline void msg_set_word(struct tipc_msg *m, u32 w, u32 val) \n{ \n m->hdr[w] = htonl(val); \n} \n\n\nstatic inline u32 msg_bits(struct tipc_msg *m, u32 w, u32 pos, u32 mask) \n{ \n return (msg_word(m, w) >> pos) & mask; \n} \n\n\nstatic inline void msg_set_bits(struct tipc_msg *m, u32 w, \n u32 pos, u32 mask, u32 val) \n{ \n val = (val & mask) << pos; \n mask = mask << pos; \n m->hdr[w] &= ~htonl(mask); \n m->hdr[w] |= htonl(val); \n} \n\n\nstatic inline u32 msg_user(struct tipc_msg *m) \n{ \n return msg_bits(m, 0, 25, 0xf); \n} \n\n\nstatic inline void msg_set_user(struct tipc_msg *m, u32 n) \n{ \n msg_set_bits(m, 0, 25, 0xf, n); \n} \n\n\n%} \n\n\nfunction sanitize:long (skb:long) %{ \n struct sk_buff *skb; \n struct tipc_msg *hdr; \n\n\n#if STAP_COMPAT_VERSION >= STAP_VERSION(1,8) \n skb = (struct sk_buff *) (unsigned long) STAP_ARG_skb; \n#else \n skb = (struct sk_buff *) (unsigned long) THIS->skb; \n#endif \n\n\n hdr = buf_msg(skb); \n\n\n if(msg_user(hdr) == MSG_CRYPTO) { \n msg_set_user(hdr, TOP_SRV); // set to invalid in this context \n } \n\n\n%} \n\n\nprobe module("tipc").function("tipc_data_input").call { \n sanitize($skb); \n} \n\n\n2) Install the "systemtap" package and any required dependencies (such as \n kernel-devel and kernel-debuginfo packages). \n\n\n3) Run the "stap -g [filename-from-step-1].stp" command as root. \n\n\nIf the host is rebooted, the changes will be lost and the script must be \nrun again. \n\n\nAlternatively, build the systemtap script on a development system with \n"stap -g -p 4 [filename-from-step-1].stp", distribute the resulting kernel \nmodule to all affected systems, and run "staprun -L <module>" on those. \nWhen using this approach only systemtap-runtime package is required on the \naffected systems. Please notice that the kernel version must be the same across \nall systems. \n\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-09T10:15:41", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-09T10:34:11", "history": [], "viewCount": 19, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "threatpost", "idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}], "modified": "2021-11-09T10:34:11", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-11-09T10:34:11", "rev": 2}}, "objectVersion": "1.6", "vendorCvss": {"score": "8.8", "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, "lastseen": "2021-11-09T10:34:11", "differentElements": ["modified"], "edition": 6}, {"bulletin": {"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "183d4f2f87a12056a8be46e3ef7eac1c", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent interprocess communication. An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system.\n#### Mitigation\n\nThe TIPC module will NOT be automatically loaded. When required, administrative action is needed to explicitly load this module. \n\n\nLoading the module can be prevented with the following instructions: \n# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf \nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. \n\n\nIf the system requires this module to work correctly, this mitigation may not be suitable. \nIf you need further assistance, see KCS article <https://access.redhat.com/solutions/41278> or contact Red Hat Global Support Services. \n\n\nTo mitigate the issue on systems that do need to use TIPC and do *not* deploy the TIPC protocol level encryption but rather use different ways to ensure secure communication between nodes (eg. physical network separation, IPSec/MACsec): \n\n\n\\- BEWARE THAT THIS WILL DISABLE THE TIPC PROTOCOL LEVEL ENCRYPTION - \n\n\n1) On the host, save the following in a file with the ".stp" extension: \n\n\n%{ \n\n\n#include <linux/skbuff.h> \n\n\n#define MSG_CRYPTO 14 \n#define SOCK_WAKEUP 14 /* pseudo user */ \n#define TOP_SRV 15 /* pseudo user */ \n\n\nstruct tipc_msg { \n __be32 hdr[15]; \n}; \n\n\nstatic inline struct tipc_msg *buf_msg(struct sk_buff *skb) \n{ \n return (struct tipc_msg *)skb->data; \n} \n\n\nstatic inline u32 msg_word(struct tipc_msg *m, u32 pos) \n{ \n return ntohl(m->hdr[pos]); \n} \n\n\nstatic inline void msg_set_word(struct tipc_msg *m, u32 w, u32 val) \n{ \n m->hdr[w] = htonl(val); \n} \n\n\nstatic inline u32 msg_bits(struct tipc_msg *m, u32 w, u32 pos, u32 mask) \n{ \n return (msg_word(m, w) >> pos) & mask; \n} \n\n\nstatic inline void msg_set_bits(struct tipc_msg *m, u32 w, \n u32 pos, u32 mask, u32 val) \n{ \n val = (val & mask) << pos; \n mask = mask << pos; \n m->hdr[w] &= ~htonl(mask); \n m->hdr[w] |= htonl(val); \n} \n\n\nstatic inline u32 msg_user(struct tipc_msg *m) \n{ \n return msg_bits(m, 0, 25, 0xf); \n} \n\n\nstatic inline void msg_set_user(struct tipc_msg *m, u32 n) \n{ \n msg_set_bits(m, 0, 25, 0xf, n); \n} \n\n\n%} \n\n\nfunction sanitize:long (skb:long) %{ \n struct sk_buff *skb; \n struct tipc_msg *hdr; \n\n\n#if STAP_COMPAT_VERSION >= STAP_VERSION(1,8) \n skb = (struct sk_buff *) (unsigned long) STAP_ARG_skb; \n#else \n skb = (struct sk_buff *) (unsigned long) THIS->skb; \n#endif \n\n\n hdr = buf_msg(skb); \n\n\n if(msg_user(hdr) == MSG_CRYPTO) { \n msg_set_user(hdr, TOP_SRV); // set to invalid in this context \n } \n\n\n%} \n\n\nprobe module("tipc").function("tipc_data_input").call { \n sanitize($skb); \n} \n\n\n2) Install the "systemtap" package and any required dependencies (such as \n kernel-devel and kernel-debuginfo packages). \n\n\n3) Run the "stap -g [filename-from-step-1].stp" command as root. \n\n\nIf the host is rebooted, the changes will be lost and the script must be \nrun again. \n\n\nAlternatively, build the systemtap script on a development system with \n"stap -g -p 4 [filename-from-step-1].stp", distribute the resulting kernel \nmodule to all affected systems, and run "staprun -L <module>" on those. \nWhen using this approach only systemtap-runtime package is required on the \naffected systems. Please notice that the kernel version must be the same across \nall systems. \n\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-10T09:18:27", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-10T10:30:22", "history": [], "viewCount": 19, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "threatpost", "idList": ["THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:34D5930F2474", "FEDORA:507B630528FB"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}], "modified": "2021-11-10T10:30:22", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-11-10T10:30:22", "rev": 2}}, "objectVersion": "1.6", "vendorCvss": {"score": "8.8", "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, "lastseen": "2021-11-10T10:30:22", "differentElements": ["modified"], "edition": 7}, {"bulletin": {"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "90f7541009f659a97b92a0c8ea76e20c", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent interprocess communication. An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system.\n#### Mitigation\n\nThe TIPC module will NOT be automatically loaded. When required, administrative action is needed to explicitly load this module. \n\n\nLoading the module can be prevented with the following instructions: \n# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf \nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. \n\n\nIf the system requires this module to work correctly, this mitigation may not be suitable. \nIf you need further assistance, see KCS article <https://access.redhat.com/solutions/41278> or contact Red Hat Global Support Services. \n\n\nTo mitigate the issue on systems that do need to use TIPC and do *not* deploy the TIPC protocol level encryption but rather use different ways to ensure secure communication between nodes (eg. physical network separation, IPSec/MACsec): \n\n\n\\- BEWARE THAT THIS WILL DISABLE THE TIPC PROTOCOL LEVEL ENCRYPTION - \n\n\n1) On the host, save the following in a file with the ".stp" extension: \n\n\n%{ \n\n\n#include <linux/skbuff.h> \n\n\n#define MSG_CRYPTO 14 \n#define SOCK_WAKEUP 14 /* pseudo user */ \n#define TOP_SRV 15 /* pseudo user */ \n\n\nstruct tipc_msg { \n __be32 hdr[15]; \n}; \n\n\nstatic inline struct tipc_msg *buf_msg(struct sk_buff *skb) \n{ \n return (struct tipc_msg *)skb->data; \n} \n\n\nstatic inline u32 msg_word(struct tipc_msg *m, u32 pos) \n{ \n return ntohl(m->hdr[pos]); \n} \n\n\nstatic inline void msg_set_word(struct tipc_msg *m, u32 w, u32 val) \n{ \n m->hdr[w] = htonl(val); \n} \n\n\nstatic inline u32 msg_bits(struct tipc_msg *m, u32 w, u32 pos, u32 mask) \n{ \n return (msg_word(m, w) >> pos) & mask; \n} \n\n\nstatic inline void msg_set_bits(struct tipc_msg *m, u32 w, \n u32 pos, u32 mask, u32 val) \n{ \n val = (val & mask) << pos; \n mask = mask << pos; \n m->hdr[w] &= ~htonl(mask); \n m->hdr[w] |= htonl(val); \n} \n\n\nstatic inline u32 msg_user(struct tipc_msg *m) \n{ \n return msg_bits(m, 0, 25, 0xf); \n} \n\n\nstatic inline void msg_set_user(struct tipc_msg *m, u32 n) \n{ \n msg_set_bits(m, 0, 25, 0xf, n); \n} \n\n\n%} \n\n\nfunction sanitize:long (skb:long) %{ \n struct sk_buff *skb; \n struct tipc_msg *hdr; \n\n\n#if STAP_COMPAT_VERSION >= STAP_VERSION(1,8) \n skb = (struct sk_buff *) (unsigned long) STAP_ARG_skb; \n#else \n skb = (struct sk_buff *) (unsigned long) THIS->skb; \n#endif \n\n\n hdr = buf_msg(skb); \n\n\n if(msg_user(hdr) == MSG_CRYPTO) { \n msg_set_user(hdr, TOP_SRV); // set to invalid in this context \n } \n\n\n%} \n\n\nprobe module("tipc").function("tipc_data_input").call { \n sanitize($skb); \n} \n\n\n2) Install the "systemtap" package and any required dependencies (such as \n kernel-devel and kernel-debuginfo packages). \n\n\n3) Run the "stap -g [filename-from-step-1].stp" command as root. \n\n\nIf the host is rebooted, the changes will be lost and the script must be \nrun again. \n\n\nAlternatively, build the systemtap script on a development system with \n"stap -g -p 4 [filename-from-step-1].stp", distribute the resulting kernel \nmodule to all affected systems, and run "staprun -L <module>" on those. \nWhen using this approach only systemtap-runtime package is required on the \naffected systems. Please notice that the kernel version must be the same across \nall systems. \n\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-15T14:36:20", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-15T16:31:26", "history": [], "viewCount": 20, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4648.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4644.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-15T16:31:26", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2021-11-15T16:31:26", "rev": 2}}, "objectVersion": "1.6", "vendorCvss": {"score": "8.8", "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, "lastseen": "2021-11-15T16:31:26", "differentElements": ["modified"], "edition": 8}, {"bulletin": {"id": "RH:CVE-2021-43267", "vendorId": null, "hash": "518ac4b7f83ff603bcc473f8dd8ff197", "type": "redhatcve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent interprocess communication. An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system.\n#### Mitigation\n\nThe TIPC module will NOT be automatically loaded. When required, administrative action is needed to explicitly load this module. \n\n\nLoading the module can be prevented with the following instructions: \n# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf \nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. \n\n\nIf the system requires this module to work correctly, this mitigation may not be suitable. \nIf you need further assistance, see KCS article <https://access.redhat.com/solutions/41278> or contact Red Hat Global Support Services. \n\n\nTo mitigate the issue on systems that do need to use TIPC and do *not* deploy the TIPC protocol level encryption but rather use different ways to ensure secure communication between nodes (eg. physical network separation, IPSec/MACsec): \n\n\n\\- BEWARE THAT THIS WILL DISABLE THE TIPC PROTOCOL LEVEL ENCRYPTION - \n\n\n1) On the host, save the following in a file with the ".stp" extension: \n\n\n%{ \n\n\n#include <linux/skbuff.h> \n\n\n#define MSG_CRYPTO 14 \n#define SOCK_WAKEUP 14 /* pseudo user */ \n#define TOP_SRV 15 /* pseudo user */ \n\n\nstruct tipc_msg { \n __be32 hdr[15]; \n}; \n\n\nstatic inline struct tipc_msg *buf_msg(struct sk_buff *skb) \n{ \n return (struct tipc_msg *)skb->data; \n} \n\n\nstatic inline u32 msg_word(struct tipc_msg *m, u32 pos) \n{ \n return ntohl(m->hdr[pos]); \n} \n\n\nstatic inline void msg_set_word(struct tipc_msg *m, u32 w, u32 val) \n{ \n m->hdr[w] = htonl(val); \n} \n\n\nstatic inline u32 msg_bits(struct tipc_msg *m, u32 w, u32 pos, u32 mask) \n{ \n return (msg_word(m, w) >> pos) & mask; \n} \n\n\nstatic inline void msg_set_bits(struct tipc_msg *m, u32 w, \n u32 pos, u32 mask, u32 val) \n{ \n val = (val & mask) << pos; \n mask = mask << pos; \n m->hdr[w] &= ~htonl(mask); \n m->hdr[w] |= htonl(val); \n} \n\n\nstatic inline u32 msg_user(struct tipc_msg *m) \n{ \n return msg_bits(m, 0, 25, 0xf); \n} \n\n\nstatic inline void msg_set_user(struct tipc_msg *m, u32 n) \n{ \n msg_set_bits(m, 0, 25, 0xf, n); \n} \n\n\n%} \n\n\nfunction sanitize:long (skb:long) %{ \n struct sk_buff *skb; \n struct tipc_msg *hdr; \n\n\n#if STAP_COMPAT_VERSION >= STAP_VERSION(1,8) \n skb = (struct sk_buff *) (unsigned long) STAP_ARG_skb; \n#else \n skb = (struct sk_buff *) (unsigned long) THIS->skb; \n#endif \n\n\n hdr = buf_msg(skb); \n\n\n if(msg_user(hdr) == MSG_CRYPTO) { \n msg_set_user(hdr, TOP_SRV); // set to invalid in this context \n } \n\n\n%} \n\n\nprobe module("tipc").function("tipc_data_input").call { \n sanitize($skb); \n} \n\n\n2) Install the "systemtap" package and any required dependencies (such as \n kernel-devel and kernel-debuginfo packages). \n\n\n3) Run the "stap -g [filename-from-step-1].stp" command as root. \n\n\nIf the host is rebooted, the changes will be lost and the script must be \nrun again. \n\n\nAlternatively, build the systemtap script on a development system with \n"stap -g -p 4 [filename-from-step-1].stp", distribute the resulting kernel \nmodule to all affected systems, and run "staprun -L <module>" on those. \nWhen using this approach only systemtap-runtime package is required on the \naffected systems. Please notice that the kernel version must be the same across \nall systems. \n\n", "published": "2021-11-04T16:39:57", "modified": "2021-11-19T19:52:48", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://access.redhat.com/security/cve/cve-2021-43267", "reporter": "redhat.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-19T22:30:42", "history": [], "viewCount": 21, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4648.NASL", "CENTOS8_RHSA-2021-4646.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-19T22:30:42", "rev": 2}, "score": {"value": 5.0, "vector": "NONE", "modified": "2021-11-19T22:30:42", "rev": 2}}, "objectVersion": "1.6", "vendorCvss": {"score": "8.8", "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}, "lastseen": "2021-11-19T22:30:42", "differentElements": ["cvss2", "cvss3"], "edition": 9}], "viewCount": 22, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4914"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4645.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-11-27T04:29:25", "rev": 2}, "score": {"value": 5.0, "vector": "NONE", "modified": "2021-11-27T04:29:25", "rev": 2}}, "objectVersion": "1.6", "vendorCvss": {"score": "8.8", "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "_object_type": "robots.models.redhatcve.RedhatCVEBulletin", "_object_types": ["robots.models.redhatcve.RedhatCVEBulletin", "robots.models.base.Bulletin"]}], "debiancve": [{"id": "DEBIANCVE:CVE-2021-43267", "vendorId": null, "hash": "0dc67b495760280b6e9db4d1fffa5952", "type": "debiancve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://security-tracker.debian.org/tracker/CVE-2021-43267", "reporter": "Debian Security Bug Tracker", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-05T10:54:20", "history": [{"bulletin": {"id": "DEBIANCVE:CVE-2021-43267", "vendorId": null, "hash": "0f4052c1c6506b232e16299ef6916286", "type": "debiancve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://security-tracker.debian.org/tracker/CVE-2021-43267", "reporter": "Debian Security Bug Tracker", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-29T14:00:38", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4750", "RHSA-2021:4647"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-11-29T14:00:38", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-11-29T14:00:38", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "Debian", "OSVersion": "12", "arch": "all", "packageFilename": "linux_5.15.3-1_all.deb", "packageVersion": "5.15.3-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "11", "arch": "all", "packageFilename": "linux_5.10.70-1_all.deb", "packageVersion": "5.10.70-1", "operator": "le", "status": "open", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "packageFilename": "linux_4.19.208-1_all.deb", "packageVersion": "4.19.208-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "999", "arch": "all", "packageFilename": "linux_5.15.5-1_all.deb", "packageVersion": "5.15.5-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "packageFilename": "linux_4.9.228-1_all.deb", "packageVersion": "4.9.228-1", "operator": "lt", "status": "resolved", "packageName": "linux"}]}, "lastseen": "2021-11-29T14:00:38", "differentElements": ["affectedPackage"], "edition": 1}, {"bulletin": {"id": "DEBIANCVE:CVE-2021-43267", "vendorId": null, "hash": "0dc67b495760280b6e9db4d1fffa5952", "type": "debiancve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://security-tracker.debian.org/tracker/CVE-2021-43267", "reporter": "Debian Security Bug Tracker", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-03T06:48:02", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4644.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "UBUNTU_USN-5165-1.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4647.NASL"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4644", "RHSA-2021:4645", "RHSA-2021:4650", "RHSA-2021:4647", "RHSA-2021:4648", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4914"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-03T06:48:02", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-12-03T06:48:02", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "Debian", "OSVersion": "12", "arch": "all", "packageFilename": "linux_5.15.5-1_all.deb", "packageVersion": "5.15.5-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "11", "arch": "all", "packageFilename": "linux_5.10.70-1_all.deb", "packageVersion": "5.10.70-1", "operator": "le", "status": "open", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "packageFilename": "linux_4.19.208-1_all.deb", "packageVersion": "4.19.208-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "999", "arch": "all", "packageFilename": "linux_5.15.5-1_all.deb", "packageVersion": "5.15.5-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "packageFilename": "linux_4.9.228-1_all.deb", "packageVersion": "4.9.228-1", "operator": "lt", "status": "resolved", "packageName": "linux"}]}, "lastseen": "2021-12-03T06:48:02", "differentElements": ["description"], "edition": 2}, {"bulletin": {"id": "DEBIANCVE:CVE-2021-43267", "vendorId": null, "hash": "a1ce53ffcda0624e77d6f13c565cdaa0", "type": "debiancve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel befor ...", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://security-tracker.debian.org/tracker/CVE-2021-43267", "reporter": "Debian Security Bug Tracker", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-04T19:38:30", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "threatpost", "idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF"]}, {"type": "fedora", "idList": ["FEDORA:34D5930F2474", "FEDORA:507B630528FB"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4914", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4648", "RHSA-2021:4650", "RHSA-2021:4644"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "UBUNTU_USN-5165-1.NASL"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-04T19:38:30", "rev": 2}, "score": {"value": 4.4, "vector": "NONE", "modified": "2021-12-04T19:38:30", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "Debian", "OSVersion": "12", "arch": "all", "packageFilename": "linux_5.15.5-1_all.deb", "packageVersion": "5.15.5-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "11", "arch": "all", "packageFilename": "linux_5.10.70-1_all.deb", "packageVersion": "5.10.70-1", "operator": "le", "status": "open", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "packageFilename": "linux_4.19.208-1_all.deb", "packageVersion": "4.19.208-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "999", "arch": "all", "packageFilename": "linux_5.15.5-1_all.deb", "packageVersion": "5.15.5-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "packageFilename": "linux_4.9.228-1_all.deb", "packageVersion": "4.9.228-1", "operator": "lt", "status": "resolved", "packageName": "linux"}]}, "lastseen": "2021-12-04T19:38:30", "differentElements": ["description"], "edition": 3}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "threatpost", "idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF"]}, {"type": "fedora", "idList": ["FEDORA:34D5930F2474", "FEDORA:507B630528FB"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4914", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4648", "RHSA-2021:4650", "RHSA-2021:4644"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "UBUNTU_USN-5165-1.NASL"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-04T19:38:30", "rev": 2}, "score": {"value": 4.4, "vector": "NONE", "modified": "2021-12-04T19:38:30", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "Debian", "OSVersion": "12", "arch": "all", "packageFilename": "linux_5.15.5-1_all.deb", "packageVersion": "5.15.5-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "11", "arch": "all", "packageFilename": "linux_5.10.70-1_all.deb", "packageVersion": "5.10.70-1", "operator": "le", "status": "open", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "10", "arch": "all", "packageFilename": "linux_4.19.208-1_all.deb", "packageVersion": "4.19.208-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "999", "arch": "all", "packageFilename": "linux_5.15.5-1_all.deb", "packageVersion": "5.15.5-1", "operator": "lt", "status": "resolved", "packageName": "linux"}, {"OS": "Debian", "OSVersion": "9", "arch": "all", "packageFilename": "linux_4.9.228-1_all.deb", "packageVersion": "4.9.228-1", "operator": "lt", "status": "resolved", "packageName": "linux"}], "_object_type": "robots.models.debiancve.DebianCveBulletin", "_object_types": ["robots.models.debiancve.DebianCveBulletin", "robots.models.base.Bulletin"]}], "cve": [{"id": "CVE-2021-43267", "bulletinFamily": "NVD", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.", "published": "2021-11-02T23:15:00", "modified": "2021-11-29T17:23:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43267", "reporter": "cve@mitre.org", "references": ["https://security.netapp.com/advisory/ntap-20211125-0002/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "type": "cve", "lastseen": "2021-11-30T08:35:52", "history": [{"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "linux:linux_kernel", "name": "linux linux kernel", "operator": "lt", "version": "5.14.16"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.14.16:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.14.16", "versionStartIncluding": "5.10", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2021-43267"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "cwe": ["CWE-20"], "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.", "edition": 3, "enchantments": {"dependencies": {"modified": "2021-11-06T18:04:40", "references": [{"idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:52923238811C7BFD39E0529C85317249"], "type": "threatpost"}, {"idList": ["RH:CVE-2021-43267"], "type": "redhatcve"}, {"idList": ["F5:K20072454"], "type": "f5"}, {"idList": ["UB:CVE-2021-43267"], "type": "ubuntucve"}, {"idList": ["RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4647", "RHSA-2021:4646"], "type": "redhat"}, {"idList": ["ELSA-2021-4647"], "type": "oraclelinux"}, {"idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"], "type": "fedora"}, {"idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"], "type": "thn"}, {"idList": ["REDHAT-RHSA-2021-4750.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "CENTOS8_RHSA-2021-4646.NASL"], "type": "nessus"}, {"idList": ["ALSA-2021:4647"], "type": "almalinux"}], "rev": 2}, "score": {"modified": "2021-11-06T18:04:40", "rev": 2, "value": 5.2, "vector": "NONE"}}, "extraReferences": [{"name": "FEDORA-2021-a093973910", "refsource": "FEDORA", "tags": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/"}, {"name": "FEDORA-2021-bdd146e463", "refsource": "FEDORA", "tags": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "refsource": "MISC", "tags": ["Release Notes", "Mailing List", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16"}, {"name": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "refsource": "MISC", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"}], "hash": "e32192bc4df61d2ed12a12406e7a3b239c899a3269e53903c5dd8e1a00174c1a", "hashmap": [{"hash": "a7198dcae852dc5440f0e6b960f0232d", "key": "affectedSoftware"}, {"hash": "fb8ff0c6824546d4ad2062f975f303f0", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "56e0b1102ca74858ac159196ce090b2a", "key": "title"}, {"hash": "f4446059502f5588cd2c026701baa086", "key": "href"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "c679182a4159ea51ee86a443ba3e45c9", "key": "description"}, {"hash": "c502da4890161ceecaffbd2e2d95f2a6", "key": "cvelist"}, {"hash": "85171354e5d47da60c8f6006ce81d3df", "key": "cpeConfiguration"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "767e04ea548b1d38bae3a049f60f8df3", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "febafc90520c84506463c7c28e9ad4b5", "key": "extraReferences"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "1bfc369386abe0994f59eef1b190c50b", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43267", "id": "CVE-2021-43267", "immutableFields": [], "lastseen": "2021-11-06T18:04:40", "modified": "2021-11-06T05:15:00", "objectVersion": "1.6", "published": "2021-11-02T23:15:00", "references": ["https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"], "reporter": "cve@mitre.org", "title": "CVE-2021-43267", "type": "cve", "viewCount": 43}, "different_elements": ["extraReferences", "references", "modified"], "edition": 3, "lastseen": "2021-11-06T18:04:40"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "linux:linux_kernel", "name": "linux linux kernel", "operator": "lt", "version": "5.14.16"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.14.16:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.14.16", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2021-43267"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "cwe": ["CWE-20"], "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.", "edition": 2, "enchantments": {"dependencies": {"modified": "2021-11-05T07:34:39", "references": [{"idList": ["RH:CVE-2021-43267"], "type": "redhatcve"}, {"idList": ["UB:CVE-2021-43267"], "type": "ubuntucve"}, {"idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"], "type": "thn"}, {"idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:4D962DB3523D376C2D55CF5317453915", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:52923238811C7BFD39E0529C85317249"], "type": "threatpost"}], "rev": 2}, "score": {"modified": "2021-11-05T07:34:39", "rev": 2, "value": 5.7, "vector": "NONE"}}, "extraReferences": [{"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "refsource": "MISC", "tags": ["Release Notes", "Mailing List", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16"}, {"name": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "refsource": "MISC", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"}], "hash": "083604caaa272bb1fe1faab77d5c4cc5c7819b5c9863167f6997fbc55ab374e7", "hashmap": [{"hash": "a7198dcae852dc5440f0e6b960f0232d", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "56e0b1102ca74858ac159196ce090b2a", "key": "title"}, {"hash": "c78f91ffc67b1fba0014e693deccce97", "key": "cpeConfiguration"}, {"hash": "f4446059502f5588cd2c026701baa086", "key": "href"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "c679182a4159ea51ee86a443ba3e45c9", "key": "description"}, {"hash": "03ea1346a10bc5b79b034f9aca80fe76", "key": "references"}, {"hash": "c502da4890161ceecaffbd2e2d95f2a6", "key": "cvelist"}, {"hash": "0369b0b1016b9fb1d0f77eef3421a489", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "e899f1ceead2346c6a5841611008684f", "key": "extraReferences"}, {"hash": "767e04ea548b1d38bae3a049f60f8df3", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43267", "id": "CVE-2021-43267", "immutableFields": [], "lastseen": "2021-11-05T07:34:39", "modified": "2021-11-04T18:15:00", "objectVersion": "1.6", "published": "2021-11-02T23:15:00", "references": ["https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"], "reporter": "cve@mitre.org", "title": "CVE-2021-43267", "type": "cve", "viewCount": 15}, "different_elements": ["extraReferences", "references", "modified", "cpeConfiguration"], "edition": 2, "lastseen": "2021-11-05T07:34:39"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": []}, "cvelist": ["CVE-2021-43267"], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "cwe": [], "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.", "edition": 1, "enchantments": {}, "extraReferences": [{"name": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "refsource": "MISC", "tags": [], "url": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "refsource": "MISC", "tags": [], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16"}], "hash": "e60b8351a7c3d3209be5d0b16c2726ea1cacd7f4e972326c6f3a0a286b23befe", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "56e0b1102ca74858ac159196ce090b2a", "key": "title"}, {"hash": "f4446059502f5588cd2c026701baa086", "key": "href"}, {"hash": "c679182a4159ea51ee86a443ba3e45c9", "key": "description"}, {"hash": "03ea1346a10bc5b79b034f9aca80fe76", "key": "references"}, {"hash": "c502da4890161ceecaffbd2e2d95f2a6", "key": "cvelist"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cwe"}, {"hash": "92b1257b8c0673ab3c9d6c288dd0e4d9", "key": "extraReferences"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "393c85860d09eddfc21669158259c1f7", "key": "modified"}, {"hash": "767e04ea548b1d38bae3a049f60f8df3", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "81342635da437da3b0897e10f103e0d6", "key": "cpeConfiguration"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43267", "id": "CVE-2021-43267", "immutableFields": [], "lastseen": "2021-11-03T07:34:37", "modified": "2021-11-03T00:06:00", "objectVersion": "1.6", "published": "2021-11-02T23:15:00", "references": ["https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"], "reporter": "cve@mitre.org", "title": "CVE-2021-43267", "type": "cve", "viewCount": 4}, "different_elements": ["extraReferences", "cvss", "modified", "cwe", "affectedSoftware", "cpeConfiguration"], "edition": 1, "lastseen": "2021-11-03T07:34:37"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "linux:linux_kernel", "name": "linux linux kernel", "operator": "lt", "version": "5.14.16"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.14.16:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.14.16", "versionStartIncluding": "5.10", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2021-43267"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "cwe": ["CWE-20"], "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.", "edition": 5, "enchantments": {"dependencies": {"modified": "2021-11-26T16:57:17", "references": [{"idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:52923238811C7BFD39E0529C85317249"], "type": "threatpost"}, {"idList": ["RH:CVE-2021-43267"], "type": "redhatcve"}, {"idList": ["F5:K20072454"], "type": "f5"}, {"idList": ["UB:CVE-2021-43267"], "type": "ubuntucve"}, {"idList": ["RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4647", "RHSA-2021:4646"], "type": "redhat"}, {"idList": ["ELSA-2021-4647"], "type": "oraclelinux"}, {"idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"], "type": "fedora"}, {"idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"], "type": "thn"}, {"idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"], "type": "githubexploit"}, {"idList": ["REDHAT-RHSA-2021-4750.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "CENTOS8_RHSA-2021-4646.NASL"], "type": "nessus"}, {"idList": ["ALSA-2021:4647"], "type": "almalinux"}], "rev": 2}, "score": {"modified": "2021-11-26T16:57:17", "rev": 2, "value": 5.2, "vector": "NONE"}}, "extraReferences": [{"name": "FEDORA-2021-a093973910", "refsource": "FEDORA", "tags": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/"}, {"name": "FEDORA-2021-bdd146e463", "refsource": "FEDORA", "tags": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "refsource": "MISC", "tags": ["Release Notes", "Mailing List", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16"}, {"name": "https://security.netapp.com/advisory/ntap-20211125-0002/", "refsource": "CONFIRM", "tags": [], "url": "https://security.netapp.com/advisory/ntap-20211125-0002/"}, {"name": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "refsource": "MISC", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"}], "hash": "af2648e2c91ecd212466f3269d003e6eda5c54e5ddde121e21a48e14e77bef76", "hashmap": [{"hash": "a7198dcae852dc5440f0e6b960f0232d", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "7fb5b70a5efbacbfe2e62d3eaa66d6d1", "key": "extraReferences"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "56e0b1102ca74858ac159196ce090b2a", "key": "title"}, {"hash": "f4446059502f5588cd2c026701baa086", "key": "href"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "e63509ce8b627fb239a5a63969122026", "key": "cvss2"}, {"hash": "c679182a4159ea51ee86a443ba3e45c9", "key": "description"}, {"hash": "c502da4890161ceecaffbd2e2d95f2a6", "key": "cvelist"}, {"hash": "293c9b0b0d9de655d3d48d5a67a808f4", "key": "modified"}, {"hash": "85171354e5d47da60c8f6006ce81d3df", "key": "cpeConfiguration"}, {"hash": "ad35358d166de03a84a3a9280d95337a", "key": "cvss3"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "767e04ea548b1d38bae3a049f60f8df3", "key": "published"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "d0327e2b6bd7bc55a3cce4696037fe37", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43267", "id": "CVE-2021-43267", "immutableFields": [], "lastseen": "2021-11-26T16:57:17", "modified": "2021-11-25T07:15:00", "objectVersion": "1.6", "published": "2021-11-02T23:15:00", "references": ["https://security.netapp.com/advisory/ntap-20211125-0002/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"], "reporter": "cve@mitre.org", "title": "CVE-2021-43267", "type": "cve", "viewCount": 54}, "different_elements": ["extraReferences", "cpe23", "modified", "cpe", "affectedConfiguration", "affectedSoftware", "cpeConfiguration"], "edition": 5, "lastseen": "2021-11-26T16:57:17"}, {"bulletin": {"affectedConfiguration": [], "affectedSoftware": [{"cpeName": "linux:linux_kernel", "name": "linux linux kernel", "operator": "lt", "version": "5.14.16"}], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.14.16:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.14.16", "versionStartIncluding": "5.10", "vulnerable": true}], "operator": "OR"}]}, "cvelist": ["CVE-2021-43267"], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "cwe": ["CWE-20"], "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.", "edition": 4, "enchantments": {"dependencies": {"modified": "2021-11-25T08:35:17", "references": [{"idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:52923238811C7BFD39E0529C85317249"], "type": "threatpost"}, {"idList": ["RH:CVE-2021-43267"], "type": "redhatcve"}, {"idList": ["F5:K20072454"], "type": "f5"}, {"idList": ["UB:CVE-2021-43267"], "type": "ubuntucve"}, {"idList": ["RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4647", "RHSA-2021:4646"], "type": "redhat"}, {"idList": ["ELSA-2021-4647"], "type": "oraclelinux"}, {"idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"], "type": "fedora"}, {"idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"], "type": "thn"}, {"idList": ["REDHAT-RHSA-2021-4750.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "CENTOS8_RHSA-2021-4646.NASL"], "type": "nessus"}, {"idList": ["ALSA-2021:4647"], "type": "almalinux"}], "rev": 2}, "score": {"modified": "2021-11-25T08:35:17", "rev": 2, "value": 5.2, "vector": "NONE"}}, "extraReferences": [{"name": "FEDORA-2021-a093973910", "refsource": "FEDORA", "tags": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/"}, {"name": "FEDORA-2021-bdd146e463", "refsource": "FEDORA", "tags": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "refsource": "MISC", "tags": ["Release Notes", "Mailing List", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16"}, {"name": "https://security.netapp.com/advisory/ntap-20211125-0002/", "refsource": "CONFIRM", "tags": [], "url": "https://security.netapp.com/advisory/ntap-20211125-0002/"}, {"name": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "refsource": "MISC", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"}], "hash": "f23d8ed02238178545cfbd235ee38c0de2a016446f7fa2208b438f8357b3bb27", "hashmap": [{"hash": "a7198dcae852dc5440f0e6b960f0232d", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "7fb5b70a5efbacbfe2e62d3eaa66d6d1", "key": "extraReferences"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedConfiguration"}, {"hash": "56e0b1102ca74858ac159196ce090b2a", "key": "title"}, {"hash": "f4446059502f5588cd2c026701baa086", "key": "href"}, {"hash": "226da5129ffaaee3d5b48e506b957d58", "key": "cwe"}, {"hash": "c679182a4159ea51ee86a443ba3e45c9", "key": "description"}, {"hash": "c502da4890161ceecaffbd2e2d95f2a6", "key": "cvelist"}, {"hash": "293c9b0b0d9de655d3d48d5a67a808f4", "key": "modified"}, {"hash": "85171354e5d47da60c8f6006ce81d3df", "key": "cpeConfiguration"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "767e04ea548b1d38bae3a049f60f8df3", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "0b053db5674b87efff89989a8a720df3", "key": "cvss"}, {"hash": "d0327e2b6bd7bc55a3cce4696037fe37", "key": "references"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43267", "id": "CVE-2021-43267", "immutableFields": [], "lastseen": "2021-11-25T08:35:17", "modified": "2021-11-25T07:15:00", "objectVersion": "1.6", "published": "2021-11-02T23:15:00", "references": ["https://security.netapp.com/advisory/ntap-20211125-0002/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"], "reporter": "cve@mitre.org", "title": "CVE-2021-43267", "type": "cve", "viewCount": 48}, "different_elements": ["cvss3", "cvss2"], "edition": 4, "lastseen": "2021-11-25T08:35:17"}], "edition": 6, "hashmap": [{"key": "affectedConfiguration", "hash": "fc851a19effa98ba91f650968914be34"}, {"key": "affectedSoftware", "hash": "0d5c29724ee948aee0709ee30cc1d719"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "538a54aa45b272b7616f474ccd86fa5c"}, {"key": "cpe23", "hash": "c6b3c89fc20c9ff27f4520f53bd91451"}, {"key": "cpeConfiguration", "hash": "36f3915b5f1b6f8858d9cb3b76ce36e0"}, {"key": "cvelist", "hash": "c502da4890161ceecaffbd2e2d95f2a6"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "cvss2", "hash": "e63509ce8b627fb239a5a63969122026"}, {"key": "cvss3", "hash": "ad35358d166de03a84a3a9280d95337a"}, {"key": "cwe", "hash": "226da5129ffaaee3d5b48e506b957d58"}, {"key": "description", "hash": "c679182a4159ea51ee86a443ba3e45c9"}, {"key": "extraReferences", "hash": "729d1846df90e5bc9f51a7e4bea07490"}, {"key": "href", "hash": "f4446059502f5588cd2c026701baa086"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "4188164753fe8f5dc5b5b18799d7ddb7"}, {"key": "published", "hash": "767e04ea548b1d38bae3a049f60f8df3"}, {"key": "references", "hash": "d0327e2b6bd7bc55a3cce4696037fe37"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "56e0b1102ca74858ac159196ce090b2a"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "7ce5cbb6cf5f3fadbb8809866e18342cda1abacd465072a3e9bd764189f206b1", "viewCount": 59, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4914"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4645.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-11-30T08:35:52", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-11-30T08:35:52", "rev": 2}, "twitter": {"counter": 4, "tweets": [{"link": "https://twitter.com/Elinostro/status/1466912675112361986", "text": "CVE-2021-43267 mitigado"}, {"link": "https://twitter.com/Elinostro/status/1466912675112361986", "text": "CVE-2021-43267 mitigado"}, {"link": "https://twitter.com/Securityblog/status/1467211170931171339", "text": "Exploiting CVE-2021-43267 - Haxxin"}, {"link": "https://twitter.com/_sSUb__/status/1467544251147821059", "text": "PoC of Linux Kernel TIPC remote code execution (CVE-2021-43267) flaw disclosed"}], "modified": "2021-11-30T08:35:52"}}, "objectVersion": "1.6", "cpe": ["cpe:/o:fedoraproject:fedora:34", "cpe:/o:netapp:h700e_firmware:-", "cpe:/o:netapp:h300s_firmware:-", "cpe:/o:netapp:h500s_firmware:-", "cpe:/o:netapp:h500e_firmware:-", "cpe:/o:fedoraproject:fedora:35", "cpe:/o:netapp:h300e_firmware:-", "cpe:/o:netapp:h410s_firmware:-", "cpe:/o:netapp:h700s_firmware:-"], "affectedSoftware": [{"cpeName": "netapp:h500s_firmware", "name": "netapp h500s firmware", "operator": "eq", "version": "-"}, {"cpeName": "fedoraproject:fedora", "name": "fedoraproject fedora", "operator": "eq", "version": "35"}, {"cpeName": "netapp:h410s_firmware", "name": "netapp h410s firmware", "operator": "eq", "version": "-"}, {"cpeName": "netapp:h300e_firmware", "name": "netapp h300e firmware", "operator": "eq", "version": "-"}, {"cpeName": "netapp:h700e_firmware", "name": "netapp h700e firmware", "operator": "eq", "version": "-"}, {"cpeName": "fedoraproject:fedora", "name": "fedoraproject fedora", "operator": "eq", "version": "34"}, {"cpeName": "netapp:h500e_firmware", "name": "netapp h500e firmware", "operator": "eq", "version": "-"}, {"cpeName": "netapp:h300s_firmware", "name": "netapp h300s firmware", "operator": "eq", "version": "-"}, {"cpeName": "linux:linux_kernel", "name": "linux linux kernel", "operator": "lt", "version": "5.14.16"}, {"cpeName": "netapp:h700s_firmware", "name": "netapp h700s firmware", "operator": "eq", "version": "-"}], "affectedConfiguration": [{"cpeName": "netapp:h500s", "name": "netapp h500s", "operator": "eq", "version": "-"}, {"cpeName": "netapp:h300e", "name": "netapp h300e", "operator": "eq", "version": "-"}, {"cpeName": "netapp:h300s", "name": "netapp h300s", "operator": "eq", "version": "-"}, {"cpeName": "netapp:h500e", "name": "netapp h500e", "operator": "eq", "version": "-"}, {"cpeName": "netapp:h700e", "name": "netapp h700e", "operator": "eq", "version": "-"}, {"cpeName": "netapp:h700s", "name": "netapp h700s", "operator": "eq", "version": "-"}, {"cpeName": "netapp:h410s", "name": "netapp h410s", "operator": "eq", "version": "-"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.14.16:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.14.16", "versionStartIncluding": "5.10", "vulnerable": true}], "operator": "OR"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}]}, "extraReferences": [{"name": "FEDORA-2021-bdd146e463", "refsource": "FEDORA", "tags": ["Third Party Advisory", "Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CVWL7HZV5T5OEKJPO2D67RMFMKBBXGGB/"}, {"name": "https://security.netapp.com/advisory/ntap-20211125-0002/", "refsource": "CONFIRM", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20211125-0002/"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "refsource": "MISC", "tags": ["Release Notes", "Mailing List", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16"}, {"name": "FEDORA-2021-a093973910", "refsource": "FEDORA", "tags": ["Third Party Advisory", "Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RDDEW4APTYKJK365HC2JZIVXYUV7ZRN7/"}, {"name": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "refsource": "MISC", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0"}], "cpe23": ["cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*"], "cwe": ["CWE-20"], "scheme": null}], "ubuntucve": [{"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "809117271bddef1f0c5bc553f12bdb01", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/", "https://ubuntu.com/security/notices/USN-5165-1", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-06T21:19:00", "history": [{"bulletin": {"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "55f89bd49e487b5d34b62b315c54e7bd", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-03T21:19:17", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "14.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-snapdragon"}], "bugs": []}, "lastseen": "2021-11-03T21:19:17", "differentElements": ["affectedPackage"], "edition": 1}, {"bulletin": {"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "d0013f1841f414e8922ab598925c5417", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-04T21:18:54", "history": [], "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:FD860186AF836DDB884B5B0B3CAB65FC", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}], "modified": "2021-11-04T21:18:54", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2021-11-04T21:18:54", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-snapdragon"}], "bugs": []}, "lastseen": "2021-11-04T21:18:54", "differentElements": ["cvss"], "edition": 2}, {"bulletin": {"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "557c893da8263d21d4d71ecea59fa46c", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-05T21:19:23", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "threatpost", "idList": ["THREATPOST:FD860186AF836DDB884B5B0B3CAB65FC", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}], "modified": "2021-11-05T21:19:23", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2021-11-05T21:19:23", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-snapdragon"}], "bugs": []}, "lastseen": "2021-11-05T21:19:23", "differentElements": ["references"], "edition": 3}, {"bulletin": {"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "6244b71aab8f73f580a53250133d0e87", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-06T21:21:07", "history": [], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4645.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4750.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "CENTOS8_RHSA-2021-4646.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:67D559705BBC50D04C82D7016012BCB7"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-06T21:21:07", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-11-06T21:21:07", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "linux-snapdragon"}], "bugs": []}, "lastseen": "2021-11-06T21:21:07", "differentElements": ["affectedPackage"], "edition": 4}, {"bulletin": {"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "c8eae6c4f349d50e0c243e1f9ea82274", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-22T21:18:49", "history": [], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "redhat", "idList": ["RHSA-2021:4646", "RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4648"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-22T21:18:49", "rev": 2}, "score": {"value": 4.6, "vector": "NONE", "modified": "2021-11-22T21:18:49", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-snapdragon"}], "bugs": []}, "lastseen": "2021-11-22T21:18:49", "differentElements": ["affectedPackage"], "edition": 5}, {"bulletin": {"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "99874e8f15666f395a4b37f695831c44", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-24T21:18:53", "history": [], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4648.NASL", "CENTOS8_RHSA-2021-4646.NASL"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-24T21:18:53", "rev": 2}, "score": {"value": 4.6, "vector": "NONE", "modified": "2021-11-24T21:18:53", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-snapdragon"}], "bugs": []}, "lastseen": "2021-11-24T21:18:53", "differentElements": ["cvss2", "cvss3"], "edition": 6}, {"bulletin": {"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "5598745c096b3dd8c99a71074fcf7614", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-26T21:18:59", "history": [], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4644.NASL"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4644", "RHSA-2021:4647", "RHSA-2021:4650"]}, {"type": "threatpost", "idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-26T21:18:59", "rev": 2}, "score": {"value": 4.6, "vector": "NONE", "modified": "2021-11-26T21:18:59", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-snapdragon"}], "bugs": []}, "lastseen": "2021-11-26T21:18:59", "differentElements": ["affectedPackage"], "edition": 7}, {"bulletin": {"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "5945b565111da8d59f3c3e4433c24366", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-30T21:19:08", "history": [], "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "redhat", "idList": ["RHSA-2021:4650", "RHSA-2021:4750", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4647"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4650.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-30T21:19:08", "rev": 2}, "score": {"value": 4.6, "vector": "NONE", "modified": "2021-11-30T21:19:08", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-snapdragon"}], "bugs": []}, "lastseen": "2021-11-30T21:19:08", "differentElements": ["affectedPackage", "references"], "edition": 8}, {"bulletin": {"id": "UB:CVE-2021-43267", "vendorId": null, "hash": "4d40d6d85e3547a03de412b57c511d20", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before\n5.14.16. The Transparent Inter-Process Communication (TIPC) functionality\nallows remote attackers to exploit insufficient validation of user-supplied\nsizes for the MSG_CRYPTO message type.", "published": "2021-11-02T00:00:00", "modified": "2021-11-02T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://ubuntu.com/security/CVE-2021-43267", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://git.kernel.org/linus/fa40d9734a57bcbfa79a280189799f76c88f7bb0 ", "https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16", "https://www.sentinelone.com/labs/tipc-remote-linux-kernel-heap-overflow-allows-arbitrary-code-execution/", "https://ubuntu.com/security/notices/USN-5165-1", "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "https://launchpad.net/bugs/cve/CVE-2021-43267", "https://security-tracker.debian.org/tracker/CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-01T21:18:58", "history": [], "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4914"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4645.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-01T21:18:58", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-12-01T21:18:58", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "5.14.0-1008.8", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-snapdragon"}], "bugs": []}, "lastseen": "2021-12-01T21:18:58", "differentElements": ["affectedPackage"], "edition": 9}], "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4914"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4645.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-01T21:18:58", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-12-01T21:18:58", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-aws-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-aws-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-azure-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-azure-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-azure-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-bluefield"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-dell300x"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-gcp-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gcp-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-4.15"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-gke-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gke-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-gkeop-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-hwe-edge"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-ibm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-intel-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-kvm"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-lts-xenial"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.10"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-oem-5.13"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "5.14.0-1008.8", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.14"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-5.6"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oem-osp1"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.0"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-oracle-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.10", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-raspi"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi-5.4"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "18.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-raspi2-5.3"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "21.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needed", "packageName": "linux-riscv-5.11"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "20.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-riscv-5.8"}, {"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "5.15", "packageFilename": "UNKNOWN", "operator": "lt", "status": "released", "packageName": "linux-snapdragon"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "linux-snapdragon"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.ubuntucve.UbuntuCVEBulletin"]}], "githubexploit": [{"id": "8E748CCF-23CD-5107-BDA7-6321BBC68A2E", "vendorId": null, "hash": "ba15e0ffb11a726cc4ead2e1e75c0740", "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for ['CVE-2021-43267']", "description": "# CVE-2021-43267\nLocal...", "published": "2021-11-26T01:51:57", "modified": "2021-12-03T00:24:47", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "", "reporter": "", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-03T10:01:42", "history": [{"bulletin": {"id": "8E748CCF-23CD-5107-BDA7-6321BBC68A2E", "vendorId": "GITHUBEXPL:OHNONOYESYES-CVE-2021-43267", "hash": "bad4de5ee297bbc1aef4befebad86526", "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for Improper Input Validation in Linux Linux Kernel", "description": "# CVE-2021-43267\nLocal PoC exploit for CVE-2021-43267 (Linux TIPC)\n\n\nReference: https://haxx.in/posts/pwning-tipc/\n", "published": "2021-11-26T01:51:57", "modified": "2021-11-26T07:22:48", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://github.com/ohnonoyesyes/CVE-2021-43267", "reporter": "ohnonoyesyes", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-26T16:02:25", "history": [], "viewCount": 24, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4648.NASL", "CENTOS8_RHSA-2021-4646.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-26T16:02:25", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-11-26T16:02:25", "rev": 2}}, "objectVersion": "1.6"}, "lastseen": "2021-11-26T16:02:25", "differentElements": ["cvss2", "cvss3", "modified"], "edition": 1}, {"bulletin": {"id": "8E748CCF-23CD-5107-BDA7-6321BBC68A2E", "vendorId": "GITHUBEXPL:OHNONOYESYES-CVE-2021-43267", "hash": "d0890ffec1a76236590537d66f5c2aeb", "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for Improper Input Validation in Linux Linux Kernel", "description": "# CVE-2021-43267\nLocal PoC exploit for CVE-2021-43267 (Linux TIPC)\n\n\nReference: https://haxx.in/posts/pwning-tipc/\n", "published": "2021-11-26T01:51:57", "modified": "2021-11-27T06:48:45", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/ohnonoyesyes/CVE-2021-43267", "reporter": "ohnonoyesyes", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-27T07:01:10", "history": [], "viewCount": 38, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4647.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "CENTOS8_RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4644.NASL"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4646", "RHSA-2021:4648", "RHSA-2021:4647", "RHSA-2021:4645"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-27T07:01:10", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-11-27T07:01:10", "rev": 2}}, "objectVersion": "1.6"}, "lastseen": "2021-11-27T07:01:10", "differentElements": ["modified"], "edition": 2}, {"bulletin": {"id": "8E748CCF-23CD-5107-BDA7-6321BBC68A2E", "vendorId": "GITHUBEXPL:OHNONOYESYES-CVE-2021-43267", "hash": "2ef2b2d581eb1e089dc4fe61d7ececb0", "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for Improper Input Validation in Linux Linux Kernel", "description": "# CVE-2021-43267\nLocal PoC exploit for CVE-2021-43267 (Linux TIPC)\n\n\nReference: https://haxx.in/posts/pwning-tipc/\n", "published": "2021-11-26T01:51:57", "modified": "2021-11-27T08:32:22", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/ohnonoyesyes/CVE-2021-43267", "reporter": "ohnonoyesyes", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-27T19:07:20", "history": [], "viewCount": 53, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4650"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4645.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4644.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-27T19:07:20", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-11-27T19:07:20", "rev": 2}}, "objectVersion": "1.6"}, "lastseen": "2021-11-27T19:07:20", "differentElements": ["modified"], "edition": 3}, {"bulletin": {"id": "8E748CCF-23CD-5107-BDA7-6321BBC68A2E", "vendorId": "GITHUBEXPL:OHNONOYESYES-CVE-2021-43267", "hash": "ed178fd665e575095f1a6402161ca3cd", "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for Improper Input Validation in Linux Linux Kernel", "description": "# CVE-2021-43267\nLocal PoC exploit for CVE-2021-43267 (Linux TIPC)\n\n\nReference: https://haxx.in/posts/pwning-tipc/\n", "published": "2021-11-26T01:51:57", "modified": "2021-11-28T01:12:42", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/ohnonoyesyes/CVE-2021-43267", "reporter": "ohnonoyesyes", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-28T07:08:57", "history": [], "viewCount": 92, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4750.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4650.NASL"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4650", "RHSA-2021:4646", "RHSA-2021:4644", "RHSA-2021:4647", "RHSA-2021:4648", "RHSA-2021:4645"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-28T07:08:57", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-11-28T07:08:57", "rev": 2}}, "objectVersion": "1.6"}, "lastseen": "2021-11-28T07:08:57", "differentElements": ["modified"], "edition": 4}, {"bulletin": {"id": "8E748CCF-23CD-5107-BDA7-6321BBC68A2E", "vendorId": "GITHUBEXPL:OHNONOYESYES-CVE-2021-43267", "hash": "64626d5fad9f5746eafe278198ae5a04", "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for Improper Input Validation in Linux Linux Kernel", "description": "# CVE-2021-43267\nLocal PoC exploit for CVE-2021-43267 (Linux TIPC)\n\n\nReference: https://haxx.in/posts/pwning-tipc/\n", "published": "2021-11-26T01:51:57", "modified": "2021-11-29T03:09:04", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/ohnonoyesyes/CVE-2021-43267", "reporter": "ohnonoyesyes", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-29T10:01:36", "history": [], "viewCount": 111, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4644.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4646", "RHSA-2021:4648", "RHSA-2021:4645", "RHSA-2021:4644", "RHSA-2021:4647", "RHSA-2021:4650"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-29T10:01:36", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-11-29T10:01:36", "rev": 2}}, "objectVersion": "1.6"}, "lastseen": "2021-11-29T10:01:36", "differentElements": ["modified"], "edition": 5}, {"bulletin": {"id": "8E748CCF-23CD-5107-BDA7-6321BBC68A2E", "vendorId": "GITHUBEXPL:OHNONOYESYES-CVE-2021-43267", "hash": "2f1a1dcdd93c4a253f1ab68f2afea72c", "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for Improper Input Validation in Linux Linux Kernel", "description": "# CVE-2021-43267\nLocal PoC exploit for CVE-2021-43267 (Linux TIPC)\n\n\nReference: https://haxx.in/posts/pwning-tipc/\n", "published": "2021-11-26T01:51:57", "modified": "2021-11-29T11:08:27", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/ohnonoyesyes/CVE-2021-43267", "reporter": "ohnonoyesyes", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-30T01:01:31", "history": [], "viewCount": 125, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "redhat", "idList": ["RHSA-2021:4645", "RHSA-2021:4646", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4647", "RHSA-2021:4648"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4645.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-30T01:01:31", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-11-30T01:01:31", "rev": 2}}, "objectVersion": "1.6"}, "lastseen": "2021-11-30T01:01:31", "differentElements": ["title"], "edition": 6}, {"bulletin": {"id": "8E748CCF-23CD-5107-BDA7-6321BBC68A2E", "vendorId": "GITHUBEXPL:OHNONOYESYES-CVE-2021-43267", "hash": "c1abf0e3205862a6c0f5dd2cbf451e60", "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for Improper Input Validation in Netapp H500S Firmware", "description": "# CVE-2021-43267\nLocal PoC exploit for CVE-2021-43267 (Linux TIPC)\n\n\nReference: https://haxx.in/posts/pwning-tipc/\n", "published": "2021-11-26T01:51:57", "modified": "2021-11-29T11:08:27", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/ohnonoyesyes/CVE-2021-43267", "reporter": "ohnonoyesyes", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-30T13:02:31", "history": [], "viewCount": 131, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "redhat", "idList": ["RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4647"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4650.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL"]}, {"type": "threatpost", "idList": ["THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-30T13:02:31", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-11-30T13:02:31", "rev": 2}}, "objectVersion": "1.6"}, "lastseen": "2021-11-30T13:02:31", "differentElements": ["modified", "title"], "edition": 7}, {"bulletin": {"id": "8E748CCF-23CD-5107-BDA7-6321BBC68A2E", "vendorId": "GITHUBEXPL:OHNONOYESYES-CVE-2021-43267", "hash": "aa117e385302cad8a0bcd0cee736727d", "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for ['CVE-2021-43267']", "description": "# CVE-2021-43267\nLocal PoC exploit for CVE-2021-43267 (Linux TIPC)\n\n\nReference: https://haxx.in/posts/pwning-tipc/\n", "published": "2021-11-26T01:51:57", "modified": "2021-12-01T08:20:45", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/ohnonoyesyes/CVE-2021-43267", "reporter": "ohnonoyesyes", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-01T16:02:05", "history": [], "viewCount": 134, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4750", "RHSA-2021:4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-01T16:02:05", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-12-01T16:02:05", "rev": 2}}, "objectVersion": "1.6"}, "lastseen": "2021-12-01T16:02:05", "differentElements": ["modified"], "edition": 8}], "viewCount": 139, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4914"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4645.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-03T10:01:42", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-12-03T10:01:42", "rev": 2}}, "objectVersion": "1.6", "_object_type": "robots.models.githubexploit.GithubExploitBulletin", "_object_types": ["robots.models.githubexploit.GithubExploitBulletin", "robots.models.base.Bulletin"], "privateArea": 1}], "f5": [{"id": "F5:K20072454", "vendorId": null, "hash": "a15af8c562eaf4bc7b6409c8c1770b42", "type": "f5", "bulletinFamily": "software", "title": "Linux kernel vulnerability CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. ([CVE-2021-43267](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267>))\n\nImpact\n\nAn attacker can exploit the vulnerability to access restricted information, modify files, or cause a denial-of-service (DoS) attack.\n", "published": "2021-11-23T17:51:00", "modified": "2021-11-23T17:51:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://support.f5.com/csp/article/K20072454", "reporter": "f5", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-26T18:10:13", "history": [{"bulletin": {"id": "F5:K20072454", "vendorId": null, "hash": "b5d1d34e0a47ec2357ceb05636d08806", "type": "f5", "bulletinFamily": "software", "title": "Linux kernel vulnerability CVE-2021-43267", "description": "An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. ([CVE-2021-43267](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267>))\n\nImpact\n\nAn attacker can exploit the vulnerability to access restricted information, modify files, or cause a denial-of-service (DoS) attack.\n", "published": "2021-11-23T17:51:00", "modified": "2021-11-23T17:51:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://support.f5.com/csp/article/K20072454", "reporter": "f5", "references": [], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-23T18:10:11", "history": [], "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "redhat", "idList": ["RHSA-2021:4650", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4647", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:67D559705BBC50D04C82D7016012BCB7"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-23T18:10:11", "rev": 2}, "score": {"value": 3.9, "vector": "NONE", "modified": "2021-11-23T18:10:11", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "8.1.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "8.0.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "7.1.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "7.0.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "6.1.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip afm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip afm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip afm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip afm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip afm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip afm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip afm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip afm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip afm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip apm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip apm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip apm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip apm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip apm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip apm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip apm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip apm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip apm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip asm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip asm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip asm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip asm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip asm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip asm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip asm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip asm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip asm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip dns"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip dns"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip dns"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip dns"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip dns"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip dns"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip dns"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip dns"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip dns"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip fps"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip fps"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip fps"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip fps"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip fps"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip fps"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip fps"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip fps"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip fps"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip pem"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip pem"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip pem"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip pem"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip pem"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip pem"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip pem"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip pem"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip pem"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip aam"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip aam"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip aam"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip aam"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip aam"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip aam"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip aam"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip aam"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip aam"}, {"version": "1.2.1", "operator": "eq", "name": "f5os"}, {"version": "1.1.2", "operator": "eq", "name": "f5os"}, {"version": "1.2.2", "operator": "eq", "name": "f5os"}, {"version": "1.1.3", "operator": "eq", "name": "f5os"}, {"version": "1.1.4", "operator": "eq", "name": "f5os"}, {"version": "1.1.0", "operator": "eq", "name": "f5os"}, {"version": "1.2.0", "operator": "eq", "name": "f5os"}, {"version": "1.1.1", "operator": "eq", "name": "f5os"}, {"version": "5.1.0", "operator": "eq", "name": "traffix sdc"}, {"version": "5.2.0", "operator": "eq", "name": "traffix sdc"}, {"version": "16.1.0", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "15.1.1", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "15.1.0", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "14.1.4", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "14.1.2", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "14.1.0", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "16.1.0", "operator": "eq", "name": "f5 ddos hybrid defender"}, {"version": "15.1.1", "operator": "eq", "name": "f5 ddos hybrid defender"}, {"version": "15.1.0", "operator": "eq", "name": "f5 ddos hybrid defender"}, {"version": "14.1.2", "operator": "eq", "name": "f5 ddos hybrid defender"}, {"version": "14.1.0", "operator": "eq", "name": "f5 ddos hybrid defender"}]}, "lastseen": "2021-11-23T18:10:11", "differentElements": ["cvss2", "cvss3"], "edition": 1}], "viewCount": 18, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4750", "RHSA-2021:4647"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-11-26T18:10:13", "rev": 2}, "score": {"value": 3.9, "vector": "NONE", "modified": "2021-11-26T18:10:13", "rev": 2}}, "objectVersion": "1.6", "affectedSoftware": [{"version": "8.1.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "8.0.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "7.1.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "7.0.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "6.1.0", "operator": "eq", "name": "big-iq centralized management"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip afm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip afm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip afm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip afm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip afm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip afm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip afm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip afm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip afm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip afm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip afm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip afm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip analytics"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip analytics"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip apm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip apm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip apm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip apm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip apm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip apm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip apm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip apm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip apm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip apm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip apm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip apm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip asm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip asm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip asm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip asm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip asm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip asm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip asm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip asm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip asm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip asm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip asm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip asm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip dns"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip dns"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip dns"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip dns"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip dns"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip dns"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip dns"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip dns"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip dns"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip dns"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip dns"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip dns"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip fps"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip fps"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip fps"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip fps"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip fps"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip fps"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip fps"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip fps"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip fps"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip fps"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip fps"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip fps"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip gtm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip gtm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip link controller"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip link controller"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip ltm"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip ltm"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip pem"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip pem"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip pem"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip pem"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip pem"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip pem"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip pem"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip pem"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip pem"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip pem"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip pem"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip pem"}, {"version": "16.1.2", "operator": "eq", "name": "big-ip aam"}, {"version": "16.1.1", "operator": "eq", "name": "big-ip aam"}, {"version": "16.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.4", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.3", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.2", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.1", "operator": "eq", "name": "big-ip aam"}, {"version": "15.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "14.1.4", "operator": "eq", "name": "big-ip aam"}, {"version": "14.1.3", "operator": "eq", "name": "big-ip aam"}, {"version": "14.1.2", "operator": "eq", "name": "big-ip aam"}, {"version": "14.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "13.1.4", "operator": "eq", "name": "big-ip aam"}, {"version": "13.1.3", "operator": "eq", "name": "big-ip aam"}, {"version": "13.1.1", "operator": "eq", "name": "big-ip aam"}, {"version": "13.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.6", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.5", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.4", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.3", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.2", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.1", "operator": "eq", "name": "big-ip aam"}, {"version": "12.1.0", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.5", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.4", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.3", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.2", "operator": "eq", "name": "big-ip aam"}, {"version": "11.6.1", "operator": "eq", "name": "big-ip aam"}, {"version": "1.2.1", "operator": "eq", "name": "f5os"}, {"version": "1.1.2", "operator": "eq", "name": "f5os"}, {"version": "1.2.2", "operator": "eq", "name": "f5os"}, {"version": "1.1.3", "operator": "eq", "name": "f5os"}, {"version": "1.1.4", "operator": "eq", "name": "f5os"}, {"version": "1.1.0", "operator": "eq", "name": "f5os"}, {"version": "1.2.0", "operator": "eq", "name": "f5os"}, {"version": "1.1.1", "operator": "eq", "name": "f5os"}, {"version": "5.1.0", "operator": "eq", "name": "traffix sdc"}, {"version": "5.2.0", "operator": "eq", "name": "traffix sdc"}, {"version": "16.1.0", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "15.1.1", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "15.1.0", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "14.1.4", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "14.1.2", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "14.1.0", "operator": "eq", "name": "f5 ssl orchestrator"}, {"version": "16.1.0", "operator": "eq", "name": "f5 ddos hybrid defender"}, {"version": "15.1.1", "operator": "eq", "name": "f5 ddos hybrid defender"}, {"version": "15.1.0", "operator": "eq", "name": "f5 ddos hybrid defender"}, {"version": "14.1.2", "operator": "eq", "name": "f5 ddos hybrid defender"}, {"version": "14.1.0", "operator": "eq", "name": "f5 ddos hybrid defender"}], "_object_type": "robots.models.f5.F5Bulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.f5.F5Bulletin"]}], "nessus": [{"id": "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "vendorId": null, "hash": "ec6455361e767c211e193a0a7d8226a6", "type": "nessus", "bulletinFamily": "scanner", "title": "Photon OS 4.0: Linux PHSA-2021-4.0-0127", "description": "An update of the linux package has been released.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter- Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)", "published": "2021-11-12T00:00:00", "modified": "2021-11-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155322", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-03T23:53:23", "history": [{"bulletin": {"id": "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "vendorId": null, "hash": "1b30ba10610c23940a0256719eec259b", "type": "nessus", "bulletinFamily": "scanner", "title": "Photon OS 4.0: Linux PHSA-2021-4.0-0127", "description": "An update of the linux package has been released.", "published": "2021-11-12T00:00:00", "modified": "2021-11-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155322", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-13T12:35:58", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}], "modified": "2021-11-13T12:35:58", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-11-13T12:35:58", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155322", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-4.0-0127. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155322);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/12\");\n\n script_cve_id(\"CVE-2021-43267\");\n\n script_name(english:\"Photon OS 4.0: Linux PHSA-2021-4.0-0127\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:4.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 4\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', reference:'linux-api-headers-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-intel-sgx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-python3-perf-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-tools-5.10.78-1.ph4')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux');\n}\n", "naslFamily": "PhotonOS Local Security Checks", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:4.0"], "solution": "Update the affected Linux packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.2"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-11T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-13T12:35:58", "differentElements": ["vpr"], "edition": 1}, {"bulletin": {"id": "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "vendorId": null, "hash": "83e7c4659e1d97fd2fbb2558f5cc31f2", "type": "nessus", "bulletinFamily": "scanner", "title": "Photon OS 4.0: Linux PHSA-2021-4.0-0127", "description": "An update of the linux package has been released.", "published": "2021-11-12T00:00:00", "modified": "2021-11-12T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155322", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-13T23:57:56", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-13T23:57:56", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-11-13T23:57:56", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155322", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-4.0-0127. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155322);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/12\");\n\n script_cve_id(\"CVE-2021-43267\");\n\n script_name(english:\"Photon OS 4.0: Linux PHSA-2021-4.0-0127\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:4.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 4\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', reference:'linux-api-headers-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-intel-sgx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-python3-perf-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-tools-5.10.78-1.ph4')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux');\n}\n", "naslFamily": "PhotonOS Local Security Checks", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:4.0"], "solution": "Update the affected Linux packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-11T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-13T23:57:56", "differentElements": ["description", "modified", "sourceData"], "edition": 2}, {"bulletin": {"id": "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "vendorId": null, "hash": "7cbfab77bc46239c4e76913a23469378", "type": "nessus", "bulletinFamily": "scanner", "title": "Photon OS 4.0: Linux PHSA-2021-4.0-0127", "description": "An update of the linux package has been released.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter- Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)", "published": "2021-11-12T00:00:00", "modified": "2021-11-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155322", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-16T11:40:25", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4648.NASL", "CENTOS8_RHSA-2021-4646.NASL"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-16T11:40:25", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-11-16T11:40:25", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155322", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-4.0-0127. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155322);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/15\");\n\n script_cve_id(\"CVE-2021-43267\");\n\n script_name(english:\"Photon OS 4.0: Linux PHSA-2021-4.0-0127\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-\n Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of\n user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)\n\n\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:4.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 4\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', reference:'linux-api-headers-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-intel-sgx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-python3-perf-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-tools-5.10.78-1.ph4')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux');\n}\n", "naslFamily": "PhotonOS Local Security Checks", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:4.0"], "solution": "Update the affected Linux packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-11T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-16T11:40:25", "differentElements": ["vpr"], "edition": 3}, {"bulletin": {"id": "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "vendorId": null, "hash": "ec6455361e767c211e193a0a7d8226a6", "type": "nessus", "bulletinFamily": "scanner", "title": "Photon OS 4.0: Linux PHSA-2021-4.0-0127", "description": "An update of the linux package has been released.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter- Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)", "published": "2021-11-12T00:00:00", "modified": "2021-11-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155322", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-30T11:46:09", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4750", "RHSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-11-30T11:46:09", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-11-30T11:46:09", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155322", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-4.0-0127. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155322);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/15\");\n\n script_cve_id(\"CVE-2021-43267\");\n\n script_name(english:\"Photon OS 4.0: Linux PHSA-2021-4.0-0127\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-\n Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of\n user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)\n\n\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:4.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 4\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', reference:'linux-api-headers-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-intel-sgx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-python3-perf-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-tools-5.10.78-1.ph4')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux');\n}\n", "naslFamily": "PhotonOS Local Security Checks", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:4.0"], "solution": "Update the affected Linux packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.5"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-11T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-30T11:46:09", "differentElements": ["vpr"], "edition": 4}, {"bulletin": {"id": "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "vendorId": null, "hash": "cae13766deca4a8937534b2cb30f8b47", "type": "nessus", "bulletinFamily": "scanner", "title": "Photon OS 4.0: Linux PHSA-2021-4.0-0127", "description": "An update of the linux package has been released.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter- Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)", "published": "2021-11-12T00:00:00", "modified": "2021-11-15T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155322", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-03T11:44:57", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4914"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4644.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "CENTOS8_RHSA-2021-4646.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4645.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-03T11:44:57", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-12-03T11:44:57", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155322", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-4.0-0127. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155322);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/15\");\n\n script_cve_id(\"CVE-2021-43267\");\n\n script_name(english:\"Photon OS 4.0: Linux PHSA-2021-4.0-0127\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-\n Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of\n user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)\n\n\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:4.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 4\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', reference:'linux-api-headers-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-intel-sgx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-python3-perf-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-tools-5.10.78-1.ph4')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux');\n}\n", "naslFamily": "PhotonOS Local Security Checks", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:4.0"], "solution": "Update the affected Linux packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.6"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-11T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-12-03T11:44:57", "differentElements": ["vpr"], "edition": 5}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4647", "RHSA-2021:4750", "RHSA-2021:4645", "RHSA-2021:4914"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "UBUNTU_USN-5165-1.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-03T23:53:23", "rev": 2}, "score": {"value": 4.9, "vector": "NONE", "modified": "2021-12-03T23:53:23", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155322", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-4.0-0127. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155322);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/15\");\n\n script_cve_id(\"CVE-2021-43267\");\n\n script_name(english:\"Photon OS 4.0: Linux PHSA-2021-4.0-0127\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-\n Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of\n user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)\n\n\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-4.0-0127.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:4.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 4\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', reference:'linux-api-headers-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-gpu-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-intel-sgx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-sound-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-oprofile-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-python3-perf-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-devel-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-docs-5.10.78-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-tools-5.10.78-1.ph4')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux');\n}\n", "naslFamily": "PhotonOS Local Security Checks", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:4.0"], "solution": "Update the affected Linux packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.5"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-11T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.nessus.NessusBulletin", "robots.models.base.Bulletin"]}, {"id": "REDHAT-RHSA-2021-4644.NASL", "vendorId": null, "hash": "04016d17fb04c3bb71693c8ac56e0f0e", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4644)", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155361", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://cwe.mitre.org/data/definitions/20.html", "https://access.redhat.com/errata/RHSA-2021:4644", "https://bugzilla.redhat.com/2020362", "https://access.redhat.com/security/cve/CVE-2021-43267", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-03T23:51:33", "history": [{"bulletin": {"id": "REDHAT-RHSA-2021-4644.NASL", "vendorId": null, "hash": "4bac0cec1a2eda9de3fb778fcd77d020", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4644)", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155361", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/errata/RHSA-2021:4644", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://cwe.mitre.org/data/definitions/20.html", "https://bugzilla.redhat.com/2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-16T23:44:42", "history": [], "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4647.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL"]}, {"type": "redhat", "idList": ["RHSA-2021:4650", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4647", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:67D559705BBC50D04C82D7016012BCB7"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-16T23:44:42", "rev": 2}, "score": {"value": 4.8, "vector": "NONE", "modified": "2021-11-16T23:44:42", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155361", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4644. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155361);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4644\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4644)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-305.el8.x86_64': {'reference':'kpatch-patch-4_18_0-305-1-8.el8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.10.2.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_10_2-1-5.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.12.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_12_1-1-4.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.17.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_17_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.19.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_19_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.25.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_25_1-1-2.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.3.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_3_1-1-7.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.7.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_7_1-1-6.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-305 / kpatch-patch-4_18_0-305_10_2 / etc');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-16T23:44:42", "differentElements": ["cpe", "cvss"], "edition": 1}, {"bulletin": {"id": "REDHAT-RHSA-2021-4644.NASL", "vendorId": null, "hash": "65aafcf5e914d9669dcd0429aa261e6a", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4644)", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155361", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/errata/RHSA-2021:4644", "https://cwe.mitre.org/data/definitions/20.html", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://bugzilla.redhat.com/2020362", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-25T11:47:45", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4648.NASL", "CENTOS8_RHSA-2021-4646.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-25T11:47:45", "rev": 2}, "score": {"value": 4.8, "vector": "NONE", "modified": "2021-11-25T11:47:45", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155361", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4644. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155361);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4644\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4644)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-305.el8.x86_64': {'reference':'kpatch-patch-4_18_0-305-1-8.el8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.10.2.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_10_2-1-5.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.12.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_12_1-1-4.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.17.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_17_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.19.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_19_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.25.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_25_1-1-2.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.3.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_3_1-1-7.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.7.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_7_1-1-6.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-305 / kpatch-patch-4_18_0-305_10_2 / etc');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["p-cpe:2.3:a:redhat:enterprise_linux:kpatch-patch-4_18_0-305:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_aus:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_e4s:8.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:rhel_tus:8.4:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1:*:*:*:*:*:*:*"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-25T11:47:45", "differentElements": ["cpe", "cvss", "vpr"], "edition": 2}, {"bulletin": {"id": "REDHAT-RHSA-2021-4644.NASL", "vendorId": null, "hash": "04016d17fb04c3bb71693c8ac56e0f0e", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4644)", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155361", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/errata/RHSA-2021:4644", "https://cwe.mitre.org/data/definitions/20.html", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://bugzilla.redhat.com/2020362", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-30T11:48:00", "history": [], "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4750", "RHSA-2021:4647"]}, {"type": "nessus", "idList": ["UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-11-30T11:48:00", "rev": 2}, "score": {"value": 4.7, "vector": "NONE", "modified": "2021-11-30T11:48:00", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155361", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4644. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155361);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4644\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4644)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-305.el8.x86_64': {'reference':'kpatch-patch-4_18_0-305-1-8.el8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.10.2.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_10_2-1-5.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.12.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_12_1-1-4.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.17.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_17_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.19.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_19_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.25.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_25_1-1-2.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.3.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_3_1-1-7.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.7.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_7_1-1-6.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-305 / kpatch-patch-4_18_0-305_10_2 / etc');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.5"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-30T11:48:00", "differentElements": ["vpr"], "edition": 3}, {"bulletin": {"id": "REDHAT-RHSA-2021-4644.NASL", "vendorId": null, "hash": "39bee382f316f0eb94521cdd934262a8", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4644)", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155361", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://cwe.mitre.org/data/definitions/20.html", "https://access.redhat.com/errata/RHSA-2021:4644", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://bugzilla.redhat.com/2020362", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-03T11:46:34", "history": [], "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4914"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4645.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-03T11:46:34", "rev": 2}, "score": {"value": 4.7, "vector": "NONE", "modified": "2021-12-03T11:46:34", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155361", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4644. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155361);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4644\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4644)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-305.el8.x86_64': {'reference':'kpatch-patch-4_18_0-305-1-8.el8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.10.2.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_10_2-1-5.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.12.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_12_1-1-4.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.17.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_17_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.19.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_19_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.25.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_25_1-1-2.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.3.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_3_1-1-7.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.7.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_7_1-1-6.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-305 / kpatch-patch-4_18_0-305_10_2 / etc');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.6"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-12-03T11:46:34", "differentElements": ["vpr"], "edition": 4}], "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4647", "RHSA-2021:4750", "RHSA-2021:4645", "RHSA-2021:4914"]}, {"type": "nessus", "idList": ["PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "UBUNTU_USN-5165-1.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4645.NASL", "CENTOS8_RHSA-2021-4647.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-03T23:51:33", "rev": 2}, "score": {"value": 4.7, "vector": "NONE", "modified": "2021-12-03T23:51:33", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155361", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4644. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155361);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4644\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4644)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2021:4644 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4644\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-305.el8.x86_64': {'reference':'kpatch-patch-4_18_0-305-1-8.el8', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.10.2.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_10_2-1-5.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.12.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_12_1-1-4.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.17.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_17_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.19.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_19_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.25.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_25_1-1-2.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.3.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_3_1-1-7.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n '4.18.0-305.7.1.el8_4.x86_64': {'reference':'kpatch-patch-4_18_0-305_7_1-1-6.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-305 / kpatch-patch-4_18_0-305_10_2 / etc');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_10_2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_12_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_17_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_19_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_3_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_7_1"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.5"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.nessus.NessusBulletin", "robots.models.base.Bulletin"]}, {"id": "REDHAT-RHSA-2021-4645.NASL", "vendorId": null, "hash": "816342078273f659544ff6dc5981528b", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4645)", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155364", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/errata/RHSA-2021:4645", "https://cwe.mitre.org/data/definitions/20.html", "https://bugzilla.redhat.com/2020362", "https://access.redhat.com/security/cve/CVE-2021-43267", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-03T23:51:30", "history": [{"bulletin": {"id": "REDHAT-RHSA-2021-4645.NASL", "vendorId": null, "hash": "7555d2bc982caa0873e41ff1d5b20021", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4645)", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155364", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://access.redhat.com/errata/RHSA-2021:4645", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://cwe.mitre.org/data/definitions/20.html", "https://bugzilla.redhat.com/2020362"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-16T23:44:44", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL"]}, {"type": "redhat", "idList": ["RHSA-2021:4650", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4647", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:67D559705BBC50D04C82D7016012BCB7"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}], "modified": "2021-11-16T23:44:44", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-11-16T23:44:44", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155364", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4645. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155364);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4645\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4645)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in\nthe RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kpatch-patch-4_18_0-348 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-348\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-348.el8.x86_64': {'reference':'kpatch-patch-4_18_0-348-1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-348');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-348"], "solution": "Update the affected kpatch-patch-4_18_0-348 package.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-16T23:44:44", "differentElements": ["cpe", "cvss"], "edition": 1}, {"bulletin": {"id": "REDHAT-RHSA-2021-4645.NASL", "vendorId": null, "hash": "000ccb0eebc6887d4ed36fafbdf00623", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4645)", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155364", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/errata/RHSA-2021:4645", "https://cwe.mitre.org/data/definitions/20.html", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://bugzilla.redhat.com/2020362", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-25T11:47:18", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4648.NASL", "CENTOS8_RHSA-2021-4646.NASL"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}], "modified": "2021-11-25T11:47:18", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-11-25T11:47:18", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155364", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4645. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155364);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4645\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4645)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in\nthe RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kpatch-patch-4_18_0-348 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-348\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-348.el8.x86_64': {'reference':'kpatch-patch-4_18_0-348-1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-348');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:2.3:o:redhat:enterprise_linux:8:*:*:*:*:*:*:*", "p-cpe:2.3:a:redhat:enterprise_linux:kpatch-patch-4_18_0-348:*:*:*:*:*:*:*"], "solution": "Update the affected kpatch-patch-4_18_0-348 package.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-25T11:47:18", "differentElements": ["cpe", "cvss", "vpr"], "edition": 2}, {"bulletin": {"id": "REDHAT-RHSA-2021-4645.NASL", "vendorId": null, "hash": "816342078273f659544ff6dc5981528b", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4645)", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155364", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/errata/RHSA-2021:4645", "https://cwe.mitre.org/data/definitions/20.html", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://bugzilla.redhat.com/2020362", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-30T11:47:59", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:0CEE2152383E504E337851A592F0AD9D"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4646", "RHSA-2021:4645", "RHSA-2021:4750", "RHSA-2021:4647"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "UBUNTU_USN-5165-1.NASL", "REDHAT-RHSA-2021-4650.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4648.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4646.NASL"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-11-30T11:47:59", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-11-30T11:47:59", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155364", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4645. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155364);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4645\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4645)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in\nthe RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kpatch-patch-4_18_0-348 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-348\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-348.el8.x86_64': {'reference':'kpatch-patch-4_18_0-348-1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-348');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-348"], "solution": "Update the affected kpatch-patch-4_18_0-348 package.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.5"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-30T11:47:59", "differentElements": ["vpr"], "edition": 3}, {"bulletin": {"id": "REDHAT-RHSA-2021-4645.NASL", "vendorId": null, "hash": "d916983eb0c5a70ccb105a62212f09fa", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kpatch-patch (RHSA-2021:4645)", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155364", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://cwe.mitre.org/data/definitions/20.html", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://bugzilla.redhat.com/2020362", "https://access.redhat.com/errata/RHSA-2021:4645", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-03T11:46:37", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:52923238811C7BFD39E0529C85317249"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4645", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4750", "RHSA-2021:4646", "RHSA-2021:4914"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4644.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "UBUNTU_USN-5165-1.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-03T11:46:37", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-12-03T11:46:37", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155364", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4645. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155364);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4645\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4645)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in\nthe RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kpatch-patch-4_18_0-348 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-348\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-348.el8.x86_64': {'reference':'kpatch-patch-4_18_0-348-1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-348');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-348"], "solution": "Update the affected kpatch-patch-4_18_0-348 package.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.6"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": []}, "lastseen": "2021-12-03T11:46:37", "differentElements": ["vpr"], "edition": 4}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-43267"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "threatpost", "idList": ["THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:67D559705BBC50D04C82D7016012BCB7", "THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "redhat", "idList": ["RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4644", "RHSA-2021:4650", "RHSA-2021:4647", "RHSA-2021:4750", "RHSA-2021:4645", "RHSA-2021:4914"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "UBUNTU_USN-5165-1.NASL", "CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4647.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4646.NASL", "CENTOS8_RHSA-2021-4647.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "ubuntu", "idList": ["USN-5165-1"]}], "modified": "2021-12-03T23:51:30", "rev": 2}, "score": {"value": 4.5, "vector": "NONE", "modified": "2021-12-03T23:51:30", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155364", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4645. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155364);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4645\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2021:4645)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in\nthe RHSA-2021:4645 advisory.\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kpatch-patch-4_18_0-348 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-348\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar kernel_live_checks = {\n '4.18.0-348.el8.x86_64': {'reference':'kpatch-patch-4_18_0-348-1-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']}\n};\n\nvar kpatch_details = kernel_live_checks[uname_r];\nif (empty_or_null(kpatch_details)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nvar flag = 0;\nvar reference = NULL;\nvar release = NULL;\nvar sp = NULL;\nvar cpu = NULL;\nvar el_string = NULL;\nvar rpm_spec_vers_cmp = NULL;\nvar epoch = NULL;\nvar allowmaj = NULL;\nvar exists_check = NULL;\nvar repo_list = NULL;\nif (!empty_or_null(kpatch_details['repo_list'])) repo_list = kpatch_details['repo_list'];\nif (!empty_or_null(kpatch_details['reference'])) reference = kpatch_details['reference'];\nif (!empty_or_null(kpatch_details['release'])) release = 'RHEL' + kpatch_details['release'];\nif (!empty_or_null(kpatch_details['sp'])) sp = kpatch_details['sp'];\nif (!empty_or_null(kpatch_details['cpu'])) cpu = kpatch_details['cpu'];\nif (!empty_or_null(kpatch_details['el_string'])) el_string = kpatch_details['el_string'];\nif (!empty_or_null(kpatch_details['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = kpatch_details['rpm_spec_vers_cmp'];\nif (!empty_or_null(kpatch_details['epoch'])) epoch = kpatch_details['epoch'];\nif (!empty_or_null(kpatch_details['allowmaj'])) allowmaj = kpatch_details['allowmaj'];\nif (!empty_or_null(kpatch_details['exists_check'])) exists_check = kpatch_details['exists_check'];\nif (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-348');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-348"], "solution": "Update the affected kpatch-patch-4_18_0-348 package.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9.5"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-11-02T00:00:00", "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.nessus.NessusBulletin", "robots.models.base.Bulletin"]}, {"id": "REDHAT-RHSA-2021-4646.NASL", "vendorId": null, "hash": "d51e61ac3f7dc42f1e91769e8add3a62", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kernel-rt (RHSA-2021:4646)", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4646 advisory.\n\n - kernel: timer tree corruption leads to missing wakeup and system freeze (CVE-2021-20317)\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155368", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20317", "https://access.redhat.com/security/cve/CVE-2021-20317", "https://bugzilla.redhat.com/2005258", "https://cwe.mitre.org/data/definitions/20.html", "https://cwe.mitre.org/data/definitions/665.html", "https://bugzilla.redhat.com/2020362", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://access.redhat.com/errata/RHSA-2021:4646", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267"], "cvelist": ["CVE-2021-20317", "CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-12-03T23:51:30", "history": [{"bulletin": {"id": "REDHAT-RHSA-2021-4646.NASL", "vendorId": null, "hash": "7a0d7253336fbbfccb2dfb45ab1c316d", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kernel-rt (RHSA-2021:4646)", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4646 advisory.\n\n - kernel: timer tree corruption leads to missing wakeup and system freeze (CVE-2021-20317)\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155368", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugzilla.redhat.com/2005258", "https://access.redhat.com/security/cve/CVE-2021-20317", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "https://access.redhat.com/security/cve/CVE-2021-43267", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20317", "https://access.redhat.com/errata/RHSA-2021:4646", "https://cwe.mitre.org/data/definitions/20.html", "https://cwe.mitre.org/data/definitions/665.html", "https://bugzilla.redhat.com/2020362"], "cvelist": ["CVE-2021-20317", "CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-16T23:44:44", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-20317", "CVE-2021-43267"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-20317", "RH:CVE-2021-43267"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-20317", "UB:CVE-2021-43267"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2021-4646.NASL", "REDHAT-RHSA-2021-4645.NASL", "REDHAT-RHSA-2021-4647.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4644.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4648.NASL", "REDHAT-RHSA-2021-4750.NASL", "AL2_ALAS-2021-1719.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4650.NASL"]}, {"type": "redhat", "idList": ["RHSA-2021:4650", "RHSA-2021:4648", "RHSA-2021:4644", "RHSA-2021:4647", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "thn", "idList": ["THN:E06BED4D2BA11AC485CD7E3489D6C0A8"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "threatpost", "idList": ["THREATPOST:40C2E3AB1CAE05F4EFE1D2E86BE20DF5", "THREATPOST:34B94592C49D703BE22E06FA042168FF", "THREATPOST:52923238811C7BFD39E0529C85317249", "THREATPOST:0CEE2152383E504E337851A592F0AD9D", "THREATPOST:67D559705BBC50D04C82D7016012BCB7"]}, {"type": "amazon", "idList": ["ALAS2-2021-1719"]}], "modified": "2021-11-16T23:44:44", "rev": 2}, "score": {"value": 5.1, "vector": "NONE", "modified": "2021-11-16T23:44:44", "rev": 2}}, "objectVersion": "1.6", "pluginID": "155368", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4646. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155368);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/16\");\n\n script_cve_id(\"CVE-2021-20317\", \"CVE-2021-43267\");\n script_xref(name:\"RHSA\", value:\"2021:4646\");\n\n script_name(english:\"RHEL 8 : kernel-rt (RHSA-2021:4646)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4646 advisory.\n\n - kernel: timer tree corruption leads to missing wakeup and system freeze (CVE-2021-20317)\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/20.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/665.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-43267\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2005258\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2020362\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 665);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-20317', 'CVE-2021-43267');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2021:4646');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'reference':'kernel-rt-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-core-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-debug-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-debug-core-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-debug-devel-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-debug-kvm-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-debug-modules-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-debug-modules-extra-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-devel-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-kvm-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-modules-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']},\n {'reference':'kernel-rt-modules-extra-4.18.0-348.2.1.rt7.132.el8_5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc');\n}\n", "naslFamily": "Red Hat Local Security Checks", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2021-43267", "vpr": {"risk factor": "Critical", "score": "9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2021-11-15T00:00:00", "vulnerabilityPublicationDate": "2021-09-27T00:00:00", "exploitableWith": []}, "lastseen": "2021-11-16T23:44:44", "differentElements": ["cpe", "cvss"], "edition": 1}, {"bulletin": {"id": "REDHAT-RHSA-2021-4646.NASL", "vendorId": null, "hash": "08068d65b6b185a45762a7e6ddc3c217", "type": "nessus", "bulletinFamily": "scanner", "title": "RHEL 8 : kernel-rt (RHSA-2021:4646)", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4646 advisory.\n\n - kernel: timer tree corruption leads to missing wakeup and system freeze (CVE-2021-20317)\n\n - kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "published": "2021-11-16T00:00:00", "modified": "2021-11-16T00:00:00", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/155368", "reporter": "This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://cwe.mitre.org/data/definitions/20.html", "https://access.redhat.com/security/cve/CVE-2021-43267", "https://access.redhat.com/security/cve/CVE-2021-20317", "https://cwe.mitre.org/data/definitions/665.html", "https://bugzilla.redhat.com/2020362", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43267", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20317", "https://bugzilla.redhat.com/2005258", "https://access.redhat.com/errata/RHSA-2021:4646"], "cvelist": ["CVE-2021-20317", "CVE-2021-43267"], "immutableFields": [], "lastseen": "2021-11-25T11:47:49", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "redhatcve", "idList": ["RH:CVE-2021-43267", "RH:CVE-2021-20317"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-43267", "UB:CVE-2021-20317"]}, {"type": "cve", "idList": ["CVE-2021-43267", "CVE-2021-20317"]}, {"type": "f5", "idList": ["F5:K20072454"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-4647"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2021-4644.NASL", "CENTOS8_RHSA-2021-4647.NASL", "REDHAT-RHSA-2021-4650.NASL", "REDHAT-RHSA-2021-4647.NASL", "AL2_ALAS-2021-1719.NASL", "REDHAT-RHSA-2021-4750.NASL", "ORACLELINUX_ELSA-2021-4647.NASL", "REDHAT-RHSA-2021-4645.NASL", "PHOTONOS_PHSA-2021-4_0-0127_LINUX.NASL", "REDHAT-RHSA-2021-4648.NASL", "CENTOS8_RHSA-2021-4646.NASL"]}, {"type": "almalinux", "idList": ["ALSA-2021:4647"]}, {"type": "redhat", "idList": ["RHSA-2021:4647", "RHSA-2021:4650", "RHSA-2021:4644", "RHSA-2021:4648", "RHSA-2021:4646", "RHSA-2021:4645"]}, {"type": "fedora", "idList": ["FEDORA:507B630528FB", "FEDORA:34D5930F2474"]}, {"type": "githubexploit", "idList": ["8E748CCF-23CD-5107-BDA7-6321BBC68A2E"]}, {"typ