2024-06-28 13:17:52 +00:00
{
"Definition" : [
{
"ID" : "oval:org.altlinux.errata:def:20202449" ,
"Version" : "oval:org.altlinux.errata:def:20202449" ,
"Class" : "patch" ,
"Metadata" : {
"Title" : "ALT-PU-2020-2449: package `kernel-image-std-def` update to version 5.4.53-alt1" ,
"AffectedList" : [
{
"Family" : "unix" ,
"Platforms" : [
"ALT Linux branch c10f1"
] ,
"Products" : [
"ALT SP Workstation" ,
"ALT SP Server"
]
}
] ,
"References" : [
{
"RefID" : "ALT-PU-2020-2449" ,
"RefURL" : "https://errata.altlinux.org/ALT-PU-2020-2449" ,
"Source" : "ALTPU"
} ,
{
"RefID" : "BDU:2021-03189" ,
"RefURL" : "https://bdu.fstec.ru/vul/2021-03189" ,
"Source" : "BDU"
} ,
{
"RefID" : "CVE-2020-14356" ,
"RefURL" : "https://nvd.nist.gov/vuln/detail/CVE-2020-14356" ,
"Source" : "CVE"
}
] ,
"Description" : "This update upgrades kernel-image-std-def to version 5.4.53-alt1. \nSecurity Fix(es):\n\n * BDU:2021-03189: Уязвимость подсистемы cgroupv2 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии\n\n * CVE-2020-14356: A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system." ,
"Advisory" : {
"From" : "errata.altlinux.org" ,
"Severity" : "High" ,
"Rights" : "Copyright 2024 BaseALT Ltd." ,
"Issued" : {
"Date" : "2020-07-24"
} ,
"Updated" : {
"Date" : "2020-07-24"
} ,
"BDUs" : [
{
"ID" : "BDU:2021-03189" ,
"CVSS" : "AV:L/AC:L/Au:S/C:C/I:C/A:C" ,
"CVSS3" : "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" ,
"CWE" : "CWE-476" ,
"Href" : "https://bdu.fstec.ru/vul/2021-03189" ,
"Impact" : "High" ,
"Public" : "20200707"
}
] ,
"CVEs" : [
{
"ID" : "CVE-2020-14356" ,
"CVSS" : "AV:L/AC:L/Au:N/C:C/I:C/A:C" ,
"CVSS3" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" ,
"CWE" : "CWE-476" ,
"Href" : "https://nvd.nist.gov/vuln/detail/CVE-2020-14356" ,
"Impact" : "High" ,
"Public" : "20200819"
}
] ,
"AffectedCPEs" : {
"CPEs" : [
"cpe:/o:alt:spworkstation:10" ,
"cpe:/o:alt:spserver:10"
]
}
}
} ,
"Criteria" : {
"Operator" : "AND" ,
"Criterions" : [
{
2024-12-12 21:07:30 +00:00
"TestRef" : "oval:org.altlinux.errata:tst:5001" ,
2024-06-28 13:17:52 +00:00
"Comment" : "ALT Linux must be installed"
}
] ,
"Criterias" : [
{
"Operator" : "OR" ,
"Criterions" : [
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449001" ,
"Comment" : "kernel-doc-std is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449002" ,
"Comment" : "kernel-headers-modules-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449003" ,
"Comment" : "kernel-headers-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449004" ,
"Comment" : "kernel-image-domU-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449005" ,
"Comment" : "kernel-image-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449006" ,
"Comment" : "kernel-modules-drm-ancient-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449007" ,
"Comment" : "kernel-modules-drm-nouveau-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449008" ,
"Comment" : "kernel-modules-drm-radeon-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449009" ,
"Comment" : "kernel-modules-drm-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449010" ,
"Comment" : "kernel-modules-ide-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449011" ,
"Comment" : "kernel-modules-staging-std-def is earlier than 1:5.4.53-alt1"
} ,
{
"TestRef" : "oval:org.altlinux.errata:tst:20202449012" ,
"Comment" : "kernel-modules-v4l-std-def is earlier than 1:5.4.53-alt1"
}
]
}
]
}
}
]
}
