pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2dae4da41e
vuln-list-alt/oval/c10f1/ALT-PU-2021-2165/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

221 lines
11 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20212165",
"Version": "oval:org.altlinux.errata:def:20212165",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-2165: package `kernel-image-rt` update to version 5.10.47-alt1.rt45",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-2165",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-2165",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-02663",
"RefURL": "https://bdu.fstec.ru/vul/2021-02663",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03088",
"RefURL": "https://bdu.fstec.ru/vul/2021-03088",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03095",
"RefURL": "https://bdu.fstec.ru/vul/2021-03095",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03177",
"RefURL": "https://bdu.fstec.ru/vul/2021-03177",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03938",
"RefURL": "https://bdu.fstec.ru/vul/2021-03938",
"Source": "BDU"
},
{
"RefID": "CVE-2020-24586",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-24586",
"Source": "CVE"
},
{
"RefID": "CVE-2020-24587",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-24587",
"Source": "CVE"
},
{
"RefID": "CVE-2020-24588",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-24588",
"Source": "CVE"
},
{
"RefID": "CVE-2020-26147",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-26147",
"Source": "CVE"
},
{
"RefID": "CVE-2021-35039",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-35039",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-rt to version 5.10.47-alt1.rt45. \nSecurity Fix(es):\n\n * BDU:2021-02663: Уязвимость набора стандартов связи для коммуникации IEEE 802.11 операционной системы Windows, позволяющая нарушителю внедрить произвольные сетевые пакеты\n\n * BDU:2021-03088: Уязвимость реализации алгоритмов WPA, WPA2 и WPA3 набора стандартов связи для коммуникации IEEE 802.11, позволяющая нарушителю оказать воздействие на целостность защищаемой информации\n\n * BDU:2021-03095: Уязвимость реализации алгоритмов WEP, WPA, WPA2 и WPA3 набора стандартов связи для коммуникации IEEE 802.11, позволяющая нарушителю внедрить произвольные сетевые пакеты и/или оказать воздействие на целостность защищаемой информации\n\n * BDU:2021-03177: Уязвимость реализации алгоритмов WEP, WPA, WPA2 и WPA3 ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на целостность защищаемой информации\n\n * BDU:2021-03938: Уязвимость компонента kernel/module.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.\n\n * CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.\n\n * CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.\n\n * CVE-2020-26147: An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.\n\n * CVE-2021-35039: kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-07-08"
},
"Updated": {
"Date": "2021-07-08"
},
"BDUs": [
{
"ID": "BDU:2021-02663",
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-306, CWE-327",
"Href": "https://bdu.fstec.ru/vul/2021-02663",
"Impact": "Low",
"Public": "20210510"
},
{
"ID": "BDU:2021-03088",
"CVSS": "AV:A/AC:H/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-326, CWE-327",
"Href": "https://bdu.fstec.ru/vul/2021-03088",
"Impact": "Low",
"Public": "20210510"
},
{
"ID": "BDU:2021-03095",
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-03095",
"Impact": "Low",
"Public": "20210510"
},
{
"ID": "BDU:2021-03177",
"CVSS": "AV:A/AC:H/Au:N/C:P/I:P/A:N",
"CVSS3": "AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2021-03177",
"Impact": "Low",
"Public": "20210510"
},
{
"ID": "BDU:2021-03938",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-347",
"Href": "https://bdu.fstec.ru/vul/2021-03938",
"Impact": "High",
"Public": "20210622"
}
],
"CVEs": [
{
"ID": "CVE-2020-24586",
"CVSS": "AV:A/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-24586",
"Impact": "Low",
"Public": "20210511"
},
{
"ID": "CVE-2020-24587",
"CVSS": "AV:A/AC:H/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"CWE": "CWE-327",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-24587",
"Impact": "Low",
"Public": "20210511"
},
{
"ID": "CVE-2020-24588",
"CVSS": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"CWE": "CWE-327",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-24588",
"Impact": "Low",
"Public": "20210511"
},
{
"ID": "CVE-2020-26147",
"CVSS": "AV:A/AC:H/Au:N/C:P/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-26147",
"Impact": "Low",
"Public": "20210511"
},
{
"ID": "CVE-2021-35039",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-347",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-35039",
"Impact": "High",
"Public": "20210707"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:4001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20212165001",
"Comment": "kernel-headers-modules-rt is earlier than 0:5.10.47-alt1.rt45"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212165002",
"Comment": "kernel-headers-rt is earlier than 0:5.10.47-alt1.rt45"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212165003",
"Comment": "kernel-image-rt is earlier than 0:5.10.47-alt1.rt45"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink