From 82604d0bd956aa4fd27a203d7dd35745d7e37df5 Mon Sep 17 00:00:00 2001 From: pepelyaevip Date: Sun, 22 Dec 2024 03:05:37 +0000 Subject: [PATCH] ALT Vulnerability --- oval/c10f1/ALT-PU-2024-16642/definitions.json | 97 +++++ oval/c10f1/ALT-PU-2024-16642/objects.json | 34 ++ oval/c10f1/ALT-PU-2024-16642/states.json | 23 ++ oval/c10f1/ALT-PU-2024-16642/tests.json | 30 ++ oval/p10/ALT-PU-2024-17254/definitions.json | 357 ++++++++++++++++++ oval/p10/ALT-PU-2024-17254/objects.json | 52 +++ oval/p10/ALT-PU-2024-17254/states.json | 23 ++ oval/p10/ALT-PU-2024-17254/tests.json | 66 ++++ 8 files changed, 682 insertions(+) create mode 100644 oval/c10f1/ALT-PU-2024-16642/definitions.json create mode 100644 oval/c10f1/ALT-PU-2024-16642/objects.json create mode 100644 oval/c10f1/ALT-PU-2024-16642/states.json create mode 100644 oval/c10f1/ALT-PU-2024-16642/tests.json create mode 100644 oval/p10/ALT-PU-2024-17254/definitions.json create mode 100644 oval/p10/ALT-PU-2024-17254/objects.json create mode 100644 oval/p10/ALT-PU-2024-17254/states.json create mode 100644 oval/p10/ALT-PU-2024-17254/tests.json diff --git a/oval/c10f1/ALT-PU-2024-16642/definitions.json b/oval/c10f1/ALT-PU-2024-16642/definitions.json new file mode 100644 index 0000000000..d6236f965c --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-16642/definitions.json @@ -0,0 +1,97 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202416642", + "Version": "oval:org.altlinux.errata:def:202416642", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-16642: package `puppetserver` update to version 8.4.0-alt0.c9f2.1", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch c10f1" + ], + "Products": [ + "ALT SP Workstation", + "ALT SP Server" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-16642", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-16642", + "Source": "ALTPU" + } + ], + "Description": "This update upgrades puppetserver to version 8.4.0-alt0.c9f2.1. \nSecurity Fix(es):\n\n * #38464: Новая версия\n\n * #41623: Не хватает зависимости на java\n\n * #47704: Неверное отображение версии Puppetserver\n\n * #47705: Не запускается сервис PuppetServer (requires Ruby 3.1.0 or greater)\n\n * #51594: puppetserver не запускается после установки пакета", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "Low", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-12-21" + }, + "Updated": { + "Date": "2024-12-21" + }, + "BDUs": null, + "Bugzilla": [ + { + "ID": "38464", + "Href": "https://bugzilla.altlinux.org/38464", + "Data": "Новая версия" + }, + { + "ID": "41623", + "Href": "https://bugzilla.altlinux.org/41623", + "Data": "Не хватает зависимости на java" + }, + { + "ID": "47704", + "Href": "https://bugzilla.altlinux.org/47704", + "Data": "Неверное отображение версии Puppetserver" + }, + { + "ID": "47705", + "Href": "https://bugzilla.altlinux.org/47705", + "Data": "Не запускается сервис PuppetServer (requires Ruby 3.1.0 or greater)" + }, + { + "ID": "51594", + "Href": "https://bugzilla.altlinux.org/51594", + "Data": "puppetserver не запускается после установки пакета" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:spworkstation:10", + "cpe:/o:alt:spserver:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:5001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202416642001", + "Comment": "puppetserver is earlier than 0:8.4.0-alt0.c9f2.1" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-16642/objects.json b/oval/c10f1/ALT-PU-2024-16642/objects.json new file mode 100644 index 0000000000..9b5d75d371 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-16642/objects.json @@ -0,0 +1,34 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:5001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:sp(?:server|workstation):(\\d+)" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202416642001", + "Version": "1", + "Comment": "puppetserver is installed", + "Name": "puppetserver" + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-16642/states.json b/oval/c10f1/ALT-PU-2024-16642/states.json new file mode 100644 index 0000000000..dc8b480fb0 --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-16642/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:5001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202416642001", + "Version": "1", + "Comment": "package EVR is earlier than 0:8.4.0-alt0.c9f2.1", + "Arch": {}, + "EVR": { + "Text": "0:8.4.0-alt0.c9f2.1", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/c10f1/ALT-PU-2024-16642/tests.json b/oval/c10f1/ALT-PU-2024-16642/tests.json new file mode 100644 index 0000000000..1c9f043cee --- /dev/null +++ b/oval/c10f1/ALT-PU-2024-16642/tests.json @@ -0,0 +1,30 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:5001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'c10f1' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:5001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:5001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202416642001", + "Version": "1", + "Check": "all", + "Comment": "puppetserver is earlier than 0:8.4.0-alt0.c9f2.1", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202416642001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202416642001" + } + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-17254/definitions.json b/oval/p10/ALT-PU-2024-17254/definitions.json new file mode 100644 index 0000000000..7bb437c047 --- /dev/null +++ b/oval/p10/ALT-PU-2024-17254/definitions.json @@ -0,0 +1,357 @@ +{ + "Definition": [ + { + "ID": "oval:org.altlinux.errata:def:202417254", + "Version": "oval:org.altlinux.errata:def:202417254", + "Class": "patch", + "Metadata": { + "Title": "ALT-PU-2024-17254: package `kernel-image-rt` update to version 5.10.231-alt1.rt123", + "AffectedList": [ + { + "Family": "unix", + "Platforms": [ + "ALT Linux branch p10" + ], + "Products": [ + "ALT Server", + "ALT Virtualization Server", + "ALT Workstation", + "ALT Workstation K", + "ALT Education", + "Simply Linux", + "Starterkit", + "ALT Container" + ] + } + ], + "References": [ + { + "RefID": "ALT-PU-2024-17254", + "RefURL": "https://errata.altlinux.org/ALT-PU-2024-17254", + "Source": "ALTPU" + }, + { + "RefID": "CVE-2024-50264", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50264", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50265", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50265", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50267", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50267", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50268", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50268", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50269", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50269", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50273", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50273", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50278", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50278", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50279", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50279", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50282", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50282", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50287", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50287", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50296", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50296", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50299", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50299", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50301", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50301", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-50302", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-50302", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-53052", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-53052", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-53060", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-53060", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-53061", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-53061", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-53063", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-53063", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-53066", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-53066", + "Source": "CVE" + }, + { + "RefID": "CVE-2024-53101", + "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2024-53101", + "Source": "CVE" + } + ], + "Description": "This update upgrades kernel-image-rt to version 5.10.231-alt1.rt123. \nSecurity Fix(es):\n\n * CVE-2024-50264: In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk-\u003etrans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk-\u003etrans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk-\u003etrans to NULL.\n\n * CVE-2024-50265: In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove()\n\nSyzkaller is able to provoke null-ptr-dereference in ocfs2_xa_remove():\n\n[ 57.319872] (a.out,1161,7):ocfs2_xa_remove:2028 ERROR: status = -12\n[ 57.320420] (a.out,1161,7):ocfs2_xa_cleanup_value_truncate:1999 ERROR: Partial truncate while removing xattr overlay.upper. Leaking 1 clusters and removing the entry\n[ 57.321727] BUG: kernel NULL pointer dereference, address: 0000000000000004\n[...]\n[ 57.325727] RIP: 0010:ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[...]\n[ 57.331328] Call Trace:\n[ 57.331477] \u003cTASK\u003e\n[...]\n[ 57.333511] ? do_user_addr_fault+0x3e5/0x740\n[ 57.333778] ? exc_page_fault+0x70/0x170\n[ 57.334016] ? asm_exc_page_fault+0x2b/0x30\n[ 57.334263] ? __pfx_ocfs2_xa_block_wipe_namevalue+0x10/0x10\n[ 57.334596] ? ocfs2_xa_block_wipe_namevalue+0x2a/0xc0\n[ 57.334913] ocfs2_xa_remove_entry+0x23/0xc0\n[ 57.335164] ocfs2_xa_set+0x704/0xcf0\n[ 57.335381] ? _raw_spin_unlock+0x1a/0x40\n[ 57.335620] ? ocfs2_inode_cache_unlock+0x16/0x20\n[ 57.335915] ? trace_preempt_on+0x1e/0x70\n[ 57.336153] ? start_this_handle+0x16c/0x500\n[ 57.336410] ? preempt_count_sub+0x50/0x80\n[ 57.336656] ? _raw_read_unlock+0x20/0x40\n[ 57.336906] ? start_this_handle+0x16c/0x500\n[ 57.337162] ocfs2_xattr_block_set+0xa6/0x1e0\n[ 57.337424] __ocfs2_xattr_set_handle+0x1fd/0x5d0\n[ 57.337706] ? ocfs2_start_trans+0x13d/0x290\n[ 57.337971] ocfs2_xattr_set+0xb13/0xfb0\n[ 57.338207] ? dput+0x46/0x1c0\n[ 57.338393] ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338665] ? ocfs2_xattr_trusted_set+0x28/0x30\n[ 57.338948] __vfs_removexattr+0x92/0xc0\n[ 57.339182] __vfs_removexattr_locked+0xd5/0x190\n[ 57.339456] ? preempt_count_sub+0x50/0x80\n[ 57.339705] vfs_removexattr+0x5f/0x100\n[...]\n\nReproducer uses faultinject facility to fail ocfs2_xa_remove() -\u003e\nocfs2_xa_value_truncate() with -ENOMEM.\n\nIn this case the comment mentions that we can return 0 if\nocfs2_xa_cleanup_value_truncate() is going to wipe the entry\nanyway. But the following 'rc' check is wrong and execution flow do\n'ocfs2_xa_remove_entry(loc);' twice:\n* 1st: in ocfs2_xa_cleanup_value_truncate();\n* 2nd: returning back to ocfs2_xa_remove() instead of going to 'out'.\n\nFix this by skipping the 2nd removal of the same entry and making\nsyzkaller repro happy.\n\n * CVE-2024-50267: In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: io_edgeport: fix use after free in debug printk\n\nThe \"dev_dbg(\u0026urb-\u003edev-\u003edev, ...\" which happens after usb_free_urb(urb)\nis a use after free of the \"urb\" pointer. Store the \"dev\" pointer at the\nstart of the function to avoid this issue.\n\n * CVE-2024-50268: In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd()\n\nThe \"*cmd\" variable can be controlled by the user via debugfs. That means\n\"new_cam\" can be as high as 255 while the size of the uc-\u003eupdated[] array\nis UCSI_MAX_ALTMODES (30).\n\nThe call tree is:\nucsi_cmd() // val comes from simple_attr_write_xsigned()\n-\u003e ucsi_send_command()\n -\u003e ucsi_send_command_common()\n -\u003e ucsi_run_command() // calls ucsi-\u003eops-\u003esync_control()\n -\u003e ucsi_ccg_sync_control()\n\n * CVE-2024-50269: In the Linux kernel, the following vulnerability has been resolved:\n\nusb: musb: sunxi: Fix accessing an released usb phy\n\nCommit 6ed05c68cbca (\"usb: musb: sunxi: Explicitly release USB PHY on\nexit\") will cause that usb phy @glue-\u003exceiv is accessed after released.\n\n1) register platform driver @sunxi_musb_driver\n// get the usb phy @glue-\u003exceiv\nsunxi_musb_probe() -\u003e devm_usb_get_phy().\n\n2) register and unregister platform driver @musb_driver\nmusb_probe() -\u003e sunxi_musb_init()\nuse the phy here\n//the phy is released here\nmusb_remove() -\u003e sunxi_musb_exit() -\u003e devm_usb_put_phy()\n\n3) register @musb_driver again\nmusb_probe() -\u003e sunxi_musb_init()\nuse the phy here but the phy has been released at 2).\n...\n\nFixed by reverting the commit, namely, removing devm_usb_put_phy()\nfrom sunxi_musb_exit().\n\n * CVE-2024-50273: In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reinitialize delayed ref list after deleting it from the list\n\nAt insert_delayed_ref() if we need to update the action of an existing\nref to BTRFS_DROP_DELAYED_REF, we delete the ref from its ref head's\nref_add_list using list_del(), which leaves the ref's add_list member\nnot reinitialized, as list_del() sets the next and prev members of the\nlist to LIST_POISON1 and LIST_POISON2, respectively.\n\nIf later we end up calling drop_delayed_ref() against the ref, which can\nhappen during merging or when destroying delayed refs due to a transaction\nabort, we can trigger a crash since at drop_delayed_ref() we call\nlist_empty() against the ref's add_list, which returns false since\nthe list was not reinitialized after the list_del() and as a consequence\nwe call list_del() again at drop_delayed_ref(). This results in an\ninvalid list access since the next and prev members are set to poison\npointers, resulting in a splat if CONFIG_LIST_HARDENED and\nCONFIG_DEBUG_LIST are set or invalid poison pointer dereferences\notherwise.\n\nSo fix this by deleting from the list with list_del_init() instead.\n\n * CVE-2024-50278: In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix potential out-of-bounds access on the first resume\n\nOut-of-bounds access occurs if the fast device is expanded unexpectedly\nbefore the first-time resume of the cache table. This happens because\nexpanding the fast device requires reloading the cache table for\ncache_create to allocate new in-core data structures that fit the new\nsize, and the check in cache_preresume is not performed during the\nfirst resume, leading to the issue.\n\nReproduce steps:\n\n1. prepare component devices:\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\n\n2. load a cache table of 512 cache blocks, and deliberately expand the\n fast device before resuming the cache, making the in-core data\n structures inadequate.\n\ndmsetup create cache --notable\ndmsetup reload cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\ndmsetup reload cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\n3. suspend the cache to write out the in-core dirty bitset and hint\n array, leading to out-of-bounds access to the dirty bitset at offset\n 0x40:\n\ndmsetup suspend cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in is_dirty_callback+0x2b/0x80\n Read of size 8 at addr ffffc90000085040 by task dmsetup/90\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc90000085000, ffffc90000087000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc90000084f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000084f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n \u003effffc90000085000: 00 00 00 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc90000085080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc90000085100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by checking the size change on the first resume.\n\n * CVE-2024-50279: In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: fix out-of-bounds access to the dirty bitset when resizing\n\ndm-cache checks the dirty bits of the cache blocks to be dropped when\nshrinking the fast device, but an index bug in bitset iteration causes\nout-of-bounds access.\n\nReproduce steps:\n\n1. create a cache device of 1024 cache blocks (128 bytes dirty bitset)\n\ndmsetup create cmeta --table \"0 8192 linear /dev/sdc 0\"\ndmsetup create cdata --table \"0 131072 linear /dev/sdc 8192\"\ndmsetup create corig --table \"0 524288 linear /dev/sdc 262144\"\ndd if=/dev/zero of=/dev/mapper/cmeta bs=4k count=1 oflag=direct\ndmsetup create cache --table \"0 524288 cache /dev/mapper/cmeta \\\n/dev/mapper/cdata /dev/mapper/corig 128 2 metadata2 writethrough smq 0\"\n\n2. shrink the fast device to 512 cache blocks, triggering out-of-bounds\n access to the dirty bitset (offset 0x80)\n\ndmsetup suspend cache\ndmsetup reload cdata --table \"0 65536 linear /dev/sdc 8192\"\ndmsetup resume cdata\ndmsetup resume cache\n\nKASAN reports:\n\n BUG: KASAN: vmalloc-out-of-bounds in cache_preresume+0x269/0x7b0\n Read of size 8 at addr ffffc900000f3080 by task dmsetup/131\n\n (...snip...)\n The buggy address belongs to the virtual mapping at\n [ffffc900000f3000, ffffc900000f5000) created by:\n cache_ctr+0x176a/0x35f0\n\n (...snip...)\n Memory state around the buggy address:\n ffffc900000f2f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003effffc900000f3080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n ffffc900000f3100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ffffc900000f3180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n\nFix by making the index post-incremented.\n\n * CVE-2024-50282: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()\n\nAvoid a possible buffer overflow if size is larger than 4K.\n\n(cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434)\n\n * CVE-2024-50287: In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-tpg: prevent the risk of a division by zero\n\nAs reported by Coverity, the logic at tpg_precalculate_line()\nblindly rescales the buffer even when scaled_witdh is equal to\nzero. If this ever happens, this will cause a division by zero.\n\nInstead, add a WARN_ON_ONCE() to trigger such cases and return\nwithout doing any precalculation.\n\n * CVE-2024-50296: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when uninstalling driver\n\nWhen the driver is uninstalled and the VF is disabled concurrently, a\nkernel crash occurs. The reason is that the two actions call function\npci_disable_sriov(). The num_VFs is checked to determine whether to\nrelease the corresponding resources. During the second calling, num_VFs\nis not 0 and the resource release function is called. However, the\ncorresponding resource has been released during the first invoking.\nTherefore, the problem occurs:\n\n[15277.839633][T50670] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n...\n[15278.131557][T50670] Call trace:\n[15278.134686][T50670] klist_put+0x28/0x12c\n[15278.138682][T50670] klist_del+0x14/0x20\n[15278.142592][T50670] device_del+0xbc/0x3c0\n[15278.146676][T50670] pci_remove_bus_device+0x84/0x120\n[15278.151714][T50670] pci_stop_and_remove_bus_device+0x6c/0x80\n[15278.157447][T50670] pci_iov_remove_virtfn+0xb4/0x12c\n[15278.162485][T50670] sriov_disable+0x50/0x11c\n[15278.166829][T50670] pci_disable_sriov+0x24/0x30\n[15278.171433][T50670] hnae3_unregister_ae_algo_prepare+0x60/0x90 [hnae3]\n[15278.178039][T50670] hclge_exit+0x28/0xd0 [hclge]\n[15278.182730][T50670] __se_sys_delete_module.isra.0+0x164/0x230\n[15278.188550][T50670] __arm64_sys_delete_module+0x1c/0x30\n[15278.193848][T50670] invoke_syscall+0x50/0x11c\n[15278.198278][T50670] el0_svc_common.constprop.0+0x158/0x164\n[15278.203837][T50670] do_el0_svc+0x34/0xcc\n[15278.207834][T50670] el0_svc+0x20/0x30\n\nFor details, see the following figure.\n\n rmmod hclge disable VFs\n----------------------------------------------------\nhclge_exit() sriov_numvfs_store()\n ... device_lock()\n pci_disable_sriov() hns3_pci_sriov_configure()\n pci_disable_sriov()\n sriov_disable()\n sriov_disable() if !num_VFs :\n if !num_VFs : return;\n return; sriov_del_vfs()\n sriov_del_vfs() ...\n ... klist_put()\n klist_put() ...\n ... num_VFs = 0;\n num_VFs = 0; device_unlock();\n\nIn this patch, when driver is removing, we get the device_lock()\nto protect num_VFs, just like sriov_numvfs_store().\n\n * CVE-2024-50299: In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: properly validate chunk size in sctp_sf_ootb()\n\nA size validation fix similar to that in Commit 50619dbf8db7 (\"sctp: add\nsize validation when walking chunks\") is also required in sctp_sf_ootb()\nto address a crash reported by syzbot:\n\n BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712\n sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712\n sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166\n sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407\n sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88\n sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243\n sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159\n ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233\n\n * CVE-2024-50301: In the Linux kernel, the following vulnerability has been resolved:\n\nsecurity/keys: fix slab-out-of-bounds in key_task_permission\n\nKASAN reports an out of bounds read:\nBUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36\nBUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline]\nBUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410\nsecurity/keys/permission.c:54\nRead of size 4 at addr ffff88813c3ab618 by task stress-ng/4362\n\nCPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0x107/0x167 lib/dump_stack.c:123\n print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n __kuid_val include/linux/uidgid.h:36 [inline]\n uid_eq include/linux/uidgid.h:63 [inline]\n key_task_permission+0x394/0x410 security/keys/permission.c:54\n search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793\n\nThis issue was also reported by syzbot.\n\nIt can be reproduced by following these steps(more details [1]):\n1. Obtain more than 32 inputs that have similar hashes, which ends with the\n pattern '0xxxxxxxe6'.\n2. Reboot and add the keys obtained in step 1.\n\nThe reproducer demonstrates how this issue happened:\n1. In the search_nested_keyrings function, when it iterates through the\n slots in a node(below tag ascend_to_node), if the slot pointer is meta\n and node-\u003eback_pointer != NULL(it means a root), it will proceed to\n descend_to_node. However, there is an exception. If node is the root,\n and one of the slots points to a shortcut, it will be treated as a\n keyring.\n2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function.\n However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as\n ASSOC_ARRAY_PTR_SUBTYPE_MASK.\n3. When 32 keys with the similar hashes are added to the tree, the ROOT\n has keys with hashes that are not similar (e.g. slot 0) and it splits\n NODE A without using a shortcut. When NODE A is filled with keys that\n all hashes are xxe6, the keys are similar, NODE A will split with a\n shortcut. Finally, it forms the tree as shown below, where slot 6 points\n to a shortcut.\n\n NODE A\n +------\u003e+---+\n ROOT | | 0 | xxe6\n +---+ | +---+\n xxxx | 0 | shortcut : : xxe6\n +---+ | +---+\n xxe6 : : | | | xxe6\n +---+ | +---+\n | 6 |---+ : : xxe6\n +---+ +---+\n xxe6 : : | f | xxe6\n +---+ +---+\n xxe6 | f |\n +---+\n\n4. As mentioned above, If a slot(slot 6) of the root points to a shortcut,\n it may be mistakenly transferred to a key*, leading to a read\n out-of-bounds read.\n\nTo fix this issue, one should jump to descend_to_node if the ptr is a\nshortcut, regardless of whether the node is root or not.\n\n[1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/\n\n[jarkko: tweaked the commit message a bit to have an appropriate closes\n tag.]\n\n * CVE-2024-50302: In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: zero-initialize the report buffer\n\nSince the report buffer is used by all kinds of drivers in various ways, let's\nzero-initialize it during allocation to make sure that it can't be ever used\nto leak kernel memory via specially-crafted report.\n\n * CVE-2024-53052: In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/rw: fix missing NOWAIT check for O_DIRECT start write\n\nWhen io_uring starts a write, it'll call kiocb_start_write() to bump the\nsuper block rwsem, preventing any freezes from happening while that\nwrite is in-flight. The freeze side will grab that rwsem for writing,\nexcluding any new writers from happening and waiting for existing writes\nto finish. But io_uring unconditionally uses kiocb_start_write(), which\nwill block if someone is currently attempting to freeze the mount point.\nThis causes a deadlock where freeze is waiting for previous writes to\ncomplete, but the previous writes cannot complete, as the task that is\nsupposed to complete them is blocked waiting on starting a new write.\nThis results in the following stuck trace showing that dependency with\nthe write blocked starting a new write:\n\ntask:fio state:D stack:0 pid:886 tgid:886 ppid:876\nCall trace:\n __switch_to+0x1d8/0x348\n __schedule+0x8e8/0x2248\n schedule+0x110/0x3f0\n percpu_rwsem_wait+0x1e8/0x3f8\n __percpu_down_read+0xe8/0x500\n io_write+0xbb8/0xff8\n io_issue_sqe+0x10c/0x1020\n io_submit_sqes+0x614/0x2110\n __arm64_sys_io_uring_enter+0x524/0x1038\n invoke_syscall+0x74/0x268\n el0_svc_common.constprop.0+0x160/0x238\n do_el0_svc+0x44/0x60\n el0_svc+0x44/0xb0\n el0t_64_sync_handler+0x118/0x128\n el0t_64_sync+0x168/0x170\nINFO: task fsfreeze:7364 blocked for more than 15 seconds.\n Not tainted 6.12.0-rc5-00063-g76aaf945701c #7963\n\nwith the attempting freezer stuck trying to grab the rwsem:\n\ntask:fsfreeze state:D stack:0 pid:7364 tgid:7364 ppid:995\nCall trace:\n __switch_to+0x1d8/0x348\n __schedule+0x8e8/0x2248\n schedule+0x110/0x3f0\n percpu_down_write+0x2b0/0x680\n freeze_super+0x248/0x8a8\n do_vfs_ioctl+0x149c/0x1b18\n __arm64_sys_ioctl+0xd0/0x1a0\n invoke_syscall+0x74/0x268\n el0_svc_common.constprop.0+0x160/0x238\n do_el0_svc+0x44/0x60\n el0_svc+0x44/0xb0\n el0t_64_sync_handler+0x118/0x128\n el0t_64_sync+0x168/0x170\n\nFix this by having the io_uring side honor IOCB_NOWAIT, and only attempt a\nblocking grab of the super block rwsem if it isn't set. For normal issue\nwhere IOCB_NOWAIT would always be set, this returns -EAGAIN which will\nhave io_uring core issue a blocking attempt of the write. That will in\nturn also get completions run, ensuring forward progress.\n\nSince freezing requires CAP_SYS_ADMIN in the first place, this isn't\nsomething that can be triggered by a regular user.\n\n * CVE-2024-53060: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: prevent NULL pointer dereference if ATIF is not supported\n\nacpi_evaluate_object() may return AE_NOT_FOUND (failure), which\nwould result in dereferencing buffer.pointer (obj) while being NULL.\n\nAlthough this case may be unrealistic for the current code, it is\nstill better to protect against possible bugs.\n\nBail out also when status is AE_NOT_FOUND.\n\nThis fixes 1 FORWARD_NULL issue reported by Coverity\nReport: CID 1600951: Null pointer dereferences (FORWARD_NULL)\n\n(cherry picked from commit 91c9e221fe2553edf2db71627d8453f083de87a1)\n\n * CVE-2024-53061: In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: s5p-jpeg: prevent buffer overflows\n\nThe current logic allows word to be less than 2. If this happens,\nthere will be buffer overflows, as reported by smatch. Add extra\nchecks to prevent it.\n\nWhile here, remove an unused word = 0 assignment.\n\n * CVE-2024-53063: In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won't check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.\n\n * CVE-2024-53066: In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: Fix KMSAN warning in decode_getfattr_attrs()\n\nFix the following KMSAN warning:\n\nCPU: 1 UID: 0 PID: 7651 Comm: cp Tainted: G B\nTainted: [B]=BAD_PAGE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n=====================================================\n=====================================================\nBUG: KMSAN: uninit-value in decode_getfattr_attrs+0x2d6d/0x2f90\n decode_getfattr_attrs+0x2d6d/0x2f90\n decode_getfattr_generic+0x806/0xb00\n nfs4_xdr_dec_getattr+0x1de/0x240\n rpcauth_unwrap_resp_decode+0xab/0x100\n rpcauth_unwrap_resp+0x95/0xc0\n call_decode+0x4ff/0xb50\n __rpc_execute+0x57b/0x19d0\n rpc_execute+0x368/0x5e0\n rpc_run_task+0xcfe/0xee0\n nfs4_proc_getattr+0x5b5/0x990\n __nfs_revalidate_inode+0x477/0xd00\n nfs_access_get_cached+0x1021/0x1cc0\n nfs_do_access+0x9f/0xae0\n nfs_permission+0x1e4/0x8c0\n inode_permission+0x356/0x6c0\n link_path_walk+0x958/0x1330\n path_lookupat+0xce/0x6b0\n filename_lookup+0x23e/0x770\n vfs_statx+0xe7/0x970\n vfs_fstatat+0x1f2/0x2c0\n __se_sys_newfstatat+0x67/0x880\n __x64_sys_newfstatat+0xbd/0x120\n x64_sys_call+0x1826/0x3cf0\n do_syscall_64+0xd0/0x1b0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe KMSAN warning is triggered in decode_getfattr_attrs(), when calling\ndecode_attr_mdsthreshold(). It appears that fattr-\u003emdsthreshold is not\ninitialized.\n\nFix the issue by initializing fattr-\u003emdsthreshold to NULL in\nnfs_fattr_init().\n\n * CVE-2024-53101: In the Linux kernel, the following vulnerability has been resolved:\n\nfs: Fix uninitialized value issue in from_kuid and from_kgid\n\nocfs2_setattr() uses attr-\u003eia_mode, attr-\u003eia_uid and attr-\u003eia_gid in\na trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set.\n\nInitialize all fields of newattrs to avoid uninitialized variables, by\nchecking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0.", + "Advisory": { + "From": "errata.altlinux.org", + "Severity": "High", + "Rights": "Copyright 2024 BaseALT Ltd.", + "Issued": { + "Date": "2024-12-22" + }, + "Updated": { + "Date": "2024-12-22" + }, + "BDUs": null, + "CVEs": [ + { + "ID": "CVE-2024-50264", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "CWE": "CWE-416", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50264", + "Impact": "High", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50265", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-476", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50265", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50267", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "CWE": "CWE-416", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50267", + "Impact": "High", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50268", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "CWE": "CWE-125", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50268", + "Impact": "High", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50269", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "CWE": "CWE-416", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50269", + "Impact": "High", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50273", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-908", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50273", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50278", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "CWE": "CWE-125", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50278", + "Impact": "High", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50279", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "CWE": "CWE-125", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50279", + "Impact": "High", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50282", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "CWE": "CWE-120", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50282", + "Impact": "High", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50287", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-369", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50287", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50296", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-476", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50296", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50299", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-908", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50299", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50301", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", + "CWE": "CWE-125", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50301", + "Impact": "High", + "Public": "20241119" + }, + { + "ID": "CVE-2024-50302", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-908", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-50302", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-53052", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-667", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-53052", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-53060", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-476", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-53060", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-53061", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "CWE": "CWE-191", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-53061", + "Impact": "High", + "Public": "20241119" + }, + { + "ID": "CVE-2024-53063", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-755", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-53063", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-53066", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-908", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-53066", + "Impact": "Low", + "Public": "20241119" + }, + { + "ID": "CVE-2024-53101", + "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "CWE": "CWE-908", + "Href": "https://nvd.nist.gov/vuln/detail/CVE-2024-53101", + "Impact": "Low", + "Public": "20241125" + } + ], + "AffectedCPEs": { + "CPEs": [ + "cpe:/o:alt:kworkstation:10", + "cpe:/o:alt:workstation:10", + "cpe:/o:alt:server:10", + "cpe:/o:alt:server-v:10", + "cpe:/o:alt:education:10", + "cpe:/o:alt:slinux:10", + "cpe:/o:alt:starterkit:10", + "cpe:/o:alt:starterkit:p10", + "cpe:/o:alt:container:10" + ] + } + } + }, + "Criteria": { + "Operator": "AND", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:2001", + "Comment": "ALT Linux must be installed" + } + ], + "Criterias": [ + { + "Operator": "OR", + "Criterions": [ + { + "TestRef": "oval:org.altlinux.errata:tst:202417254001", + "Comment": "kernel-headers-modules-rt is earlier than 0:5.10.231-alt1.rt123" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202417254002", + "Comment": "kernel-headers-rt is earlier than 0:5.10.231-alt1.rt123" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202417254003", + "Comment": "kernel-image-rt is earlier than 0:5.10.231-alt1.rt123" + }, + { + "TestRef": "oval:org.altlinux.errata:tst:202417254004", + "Comment": "kernel-image-rt-checkinstall is earlier than 0:5.10.231-alt1.rt123" + } + ] + } + ] + } + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-17254/objects.json b/oval/p10/ALT-PU-2024-17254/objects.json new file mode 100644 index 0000000000..5de65f4c6e --- /dev/null +++ b/oval/p10/ALT-PU-2024-17254/objects.json @@ -0,0 +1,52 @@ +{ + "TextFileContent54Objects": [ + { + "ID": "oval:org.altlinux.errata:obj:2001", + "Version": "1", + "Comment": "Evaluate `/etc/os-release` file content", + "Path": { + "Datatype": "string", + "Text": "/etc" + }, + "Filepath": { + "Datatype": "string", + "Text": "os-release" + }, + "Pattern": { + "Datatype": "string", + "Operation": "pattern match", + "Text": "cpe:\\/o:alt:(?!sp)[a-z\\-]+:p?(\\d+)(?:\\.\\d)*" + }, + "Instance": { + "Datatype": "int", + "Text": "1" + } + } + ], + "RPMInfoObjects": [ + { + "ID": "oval:org.altlinux.errata:obj:202417254001", + "Version": "1", + "Comment": "kernel-headers-modules-rt is installed", + "Name": "kernel-headers-modules-rt" + }, + { + "ID": "oval:org.altlinux.errata:obj:202417254002", + "Version": "1", + "Comment": "kernel-headers-rt is installed", + "Name": "kernel-headers-rt" + }, + { + "ID": "oval:org.altlinux.errata:obj:202417254003", + "Version": "1", + "Comment": "kernel-image-rt is installed", + "Name": "kernel-image-rt" + }, + { + "ID": "oval:org.altlinux.errata:obj:202417254004", + "Version": "1", + "Comment": "kernel-image-rt-checkinstall is installed", + "Name": "kernel-image-rt-checkinstall" + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-17254/states.json b/oval/p10/ALT-PU-2024-17254/states.json new file mode 100644 index 0000000000..6d8ec3d8ae --- /dev/null +++ b/oval/p10/ALT-PU-2024-17254/states.json @@ -0,0 +1,23 @@ +{ + "TextFileContent54State": [ + { + "ID": "oval:org.altlinux.errata:ste:2001", + "Version": "1", + "Text": {} + } + ], + "RPMInfoStates": [ + { + "ID": "oval:org.altlinux.errata:ste:202417254001", + "Version": "1", + "Comment": "package EVR is earlier than 0:5.10.231-alt1.rt123", + "Arch": {}, + "EVR": { + "Text": "0:5.10.231-alt1.rt123", + "Datatype": "evr_string", + "Operation": "less than" + }, + "Subexpression": {} + } + ] +} \ No newline at end of file diff --git a/oval/p10/ALT-PU-2024-17254/tests.json b/oval/p10/ALT-PU-2024-17254/tests.json new file mode 100644 index 0000000000..66bc984619 --- /dev/null +++ b/oval/p10/ALT-PU-2024-17254/tests.json @@ -0,0 +1,66 @@ +{ + "TextFileContent54Tests": [ + { + "ID": "oval:org.altlinux.errata:tst:2001", + "Version": "1", + "Check": "all", + "Comment": "ALT Linux based on branch 'p10' must be installed", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:2001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:2001" + } + } + ], + "RPMInfoTests": [ + { + "ID": "oval:org.altlinux.errata:tst:202417254001", + "Version": "1", + "Check": "all", + "Comment": "kernel-headers-modules-rt is earlier than 0:5.10.231-alt1.rt123", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202417254001" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202417254001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202417254002", + "Version": "1", + "Check": "all", + "Comment": "kernel-headers-rt is earlier than 0:5.10.231-alt1.rt123", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202417254002" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202417254001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202417254003", + "Version": "1", + "Check": "all", + "Comment": "kernel-image-rt is earlier than 0:5.10.231-alt1.rt123", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202417254003" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202417254001" + } + }, + { + "ID": "oval:org.altlinux.errata:tst:202417254004", + "Version": "1", + "Check": "all", + "Comment": "kernel-image-rt-checkinstall is earlier than 0:5.10.231-alt1.rt123", + "Object": { + "ObjectRef": "oval:org.altlinux.errata:obj:202417254004" + }, + "State": { + "StateRef": "oval:org.altlinux.errata:ste:202417254001" + } + } + ] +} \ No newline at end of file