pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p11/ALT-PU-2020-1945/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

583 lines
29 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20201945",
"Version": "oval:org.altlinux.errata:def:20201945",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-1945: package `kernel-image-std-debug` update to version 5.4.40-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-1945",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-1945",
"Source": "ALTPU"
},
{
"RefID": "BDU:2015-05303",
"RefURL": "https://bdu.fstec.ru/vul/2015-05303",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05304",
"RefURL": "https://bdu.fstec.ru/vul/2015-05304",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05305",
"RefURL": "https://bdu.fstec.ru/vul/2015-05305",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05306",
"RefURL": "https://bdu.fstec.ru/vul/2015-05306",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05307",
"RefURL": "https://bdu.fstec.ru/vul/2015-05307",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05308",
"RefURL": "https://bdu.fstec.ru/vul/2015-05308",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05309",
"RefURL": "https://bdu.fstec.ru/vul/2015-05309",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05310",
"RefURL": "https://bdu.fstec.ru/vul/2015-05310",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05311",
"RefURL": "https://bdu.fstec.ru/vul/2015-05311",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05312",
"RefURL": "https://bdu.fstec.ru/vul/2015-05312",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05313",
"RefURL": "https://bdu.fstec.ru/vul/2015-05313",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05314",
"RefURL": "https://bdu.fstec.ru/vul/2015-05314",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05315",
"RefURL": "https://bdu.fstec.ru/vul/2015-05315",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05542",
"RefURL": "https://bdu.fstec.ru/vul/2015-05542",
"Source": "BDU"
},
{
"RefID": "BDU:2015-05543",
"RefURL": "https://bdu.fstec.ru/vul/2015-05543",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04798",
"RefURL": "https://bdu.fstec.ru/vul/2019-04798",
"Source": "BDU"
},
{
"RefID": "BDU:2020-00158",
"RefURL": "https://bdu.fstec.ru/vul/2020-00158",
"Source": "BDU"
},
{
"RefID": "BDU:2020-00338",
"RefURL": "https://bdu.fstec.ru/vul/2020-00338",
"Source": "BDU"
},
{
"RefID": "BDU:2020-00785",
"RefURL": "https://bdu.fstec.ru/vul/2020-00785",
"Source": "BDU"
},
{
"RefID": "BDU:2020-00786",
"RefURL": "https://bdu.fstec.ru/vul/2020-00786",
"Source": "BDU"
},
{
"RefID": "BDU:2020-00787",
"RefURL": "https://bdu.fstec.ru/vul/2020-00787",
"Source": "BDU"
},
{
"RefID": "BDU:2020-00851",
"RefURL": "https://bdu.fstec.ru/vul/2020-00851",
"Source": "BDU"
},
{
"RefID": "BDU:2020-01796",
"RefURL": "https://bdu.fstec.ru/vul/2020-01796",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03819",
"RefURL": "https://bdu.fstec.ru/vul/2020-03819",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05179",
"RefURL": "https://bdu.fstec.ru/vul/2022-05179",
"Source": "BDU"
},
{
"RefID": "CVE-2013-1798",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2013-1798",
"Source": "CVE"
},
{
"RefID": "CVE-2019-14896",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-14896",
"Source": "CVE"
},
{
"RefID": "CVE-2019-14897",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-14897",
"Source": "CVE"
},
{
"RefID": "CVE-2019-19076",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-19076",
"Source": "CVE"
},
{
"RefID": "CVE-2019-19377",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-19377",
"Source": "CVE"
},
{
"RefID": "CVE-2019-19769",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-19769",
"Source": "CVE"
},
{
"RefID": "CVE-2019-3016",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-3016",
"Source": "CVE"
},
{
"RefID": "CVE-2020-11884",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-11884",
"Source": "CVE"
},
{
"RefID": "CVE-2020-8647",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-8647",
"Source": "CVE"
},
{
"RefID": "CVE-2020-8648",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-8648",
"Source": "CVE"
},
{
"RefID": "CVE-2020-8649",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-8649",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-std-debug to version 5.4.40-alt1. \nSecurity Fix(es):\n\n * BDU:2015-05303: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05304: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05305: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05306: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05307: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05308: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05309: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05310: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05311: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05312: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05313: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05314: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05315: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить доступность защищаемой информации\n\n * BDU:2015-05542: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2015-05543: Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2019-04798: Уязвимость функции add_ie_rates (drivers/net/wireless/marvell/libertas/cfg.c) драйвера Marvell WiFi ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-00158: Уязвимость функции nfp_abm_u32_knode_replace() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-00338: Уязвимость функции perf_trace_lock_acquire ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-00785: Уязвимость функции vc_do_resize ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании\n\n * BDU:2020-00786: Уязвимость функции vgacon_invert_region ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании\n\n * BDU:2020-00787: Уязвимость функции n_tty_receive_buf_common ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании\n\n * BDU:2020-00851: Уязвимость подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционных систем Linux, позволяющая нарушителю получить доступ к конфиденциальным данным\n\n * BDU:2020-01796: Уязвимость функции lbs_ibss_join_existing (drivers/net/wireless/marvell/libertas/cfg.c) драйвера Marvell WiFi ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2020-03819: Уязвимость функции enable_sacf_uaccess ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-05179: Уязвимость функции btrfs_queue_work ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2013-1798: The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive information from host OS memory or cause a denial of service (host OS OOPS) via a crafted application.\n\n * CVE-2019-14896: A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.\n\n * CVE-2019-14897: A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA.\n\n * CVE-2019-19076: A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption), aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted\n\n * CVE-2019-19377: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.\n\n * CVE-2019-19769: In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).\n\n * CVE-2019-3016: In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.\n\n * CVE-2020-11884: In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.\n\n * CVE-2020-8647: There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.\n\n * CVE-2020-8648: There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.\n\n * CVE-2020-8649: There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-05-11"
},
"Updated": {
"Date": "2020-05-11"
},
"BDUs": [
{
"ID": "BDU:2015-05303",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05303",
"Impact": "High",
"Public": "20110103"
},
{
"ID": "BDU:2015-05304",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05304",
"Impact": "High"
},
{
"ID": "BDU:2015-05305",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05305",
"Impact": "High"
},
{
"ID": "BDU:2015-05306",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05306",
"Impact": "High"
},
{
"ID": "BDU:2015-05307",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05307",
"Impact": "High"
},
{
"ID": "BDU:2015-05308",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05308",
"Impact": "High"
},
{
"ID": "BDU:2015-05309",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05309",
"Impact": "High"
},
{
"ID": "BDU:2015-05310",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05310",
"Impact": "High"
},
{
"ID": "BDU:2015-05311",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05311",
"Impact": "High"
},
{
"ID": "BDU:2015-05312",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05312",
"Impact": "High"
},
{
"ID": "BDU:2015-05313",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05313",
"Impact": "High"
},
{
"ID": "BDU:2015-05314",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05314",
"Impact": "High"
},
{
"ID": "BDU:2015-05315",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2015-05315",
"Impact": "High"
},
{
"ID": "BDU:2015-05542",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-189",
"Href": "https://bdu.fstec.ru/vul/2015-05542",
"Impact": "High"
},
{
"ID": "BDU:2015-05543",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CWE": "CWE-189",
"Href": "https://bdu.fstec.ru/vul/2015-05543",
"Impact": "High"
},
{
"ID": "BDU:2019-04798",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-122, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2019-04798",
"Impact": "Critical",
"Public": "20191126"
},
{
"ID": "BDU:2020-00158",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400, CWE-401",
"Href": "https://bdu.fstec.ru/vul/2020-00158",
"Impact": "Low",
"Public": "20190927"
},
{
"ID": "BDU:2020-00338",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-00338",
"Impact": "Low",
"Public": "20191211"
},
{
"ID": "BDU:2020-00785",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-00785",
"Impact": "High",
"Public": "20200204"
},
{
"ID": "BDU:2020-00786",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-00786",
"Impact": "High",
"Public": "20200204"
},
{
"ID": "BDU:2020-00787",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-00787",
"Impact": "High",
"Public": "20200204"
},
{
"ID": "BDU:2020-00851",
"CVSS": "AV:L/AC:H/Au:S/C:C/I:N/A:N",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-200, CWE-362",
"Href": "https://bdu.fstec.ru/vul/2020-00851",
"Impact": "Low",
"Public": "20200130"
},
{
"ID": "BDU:2020-01796",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-121, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2020-01796",
"Impact": "Critical",
"Public": "20191128"
},
{
"ID": "BDU:2020-03819",
"CVSS": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://bdu.fstec.ru/vul/2020-03819",
"Impact": "High",
"Public": "20200421"
},
{
"ID": "BDU:2022-05179",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-05179",
"Impact": "High",
"Public": "20191128"
}
],
"CVEs": [
{
"ID": "CVE-2013-1798",
"CVSS": "AV:A/AC:H/Au:N/C:C/I:N/A:C",
"CWE": "CWE-20",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2013-1798",
"Impact": "Low",
"Public": "20130322"
},
{
"ID": "CVE-2019-14896",
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-14896",
"Impact": "Critical",
"Public": "20191127"
},
{
"ID": "CVE-2019-14897",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-14897",
"Impact": "Critical",
"Public": "20191129"
},
{
"ID": "CVE-2019-19076",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-19076",
"Impact": "Low",
"Public": "20191118"
},
{
"ID": "CVE-2019-19377",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-19377",
"Impact": "High",
"Public": "20191129"
},
{
"ID": "CVE-2019-19769",
"CVSS": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-19769",
"Impact": "Low",
"Public": "20191212"
},
{
"ID": "CVE-2019-3016",
"CVSS": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-3016",
"Impact": "Low",
"Public": "20200131"
},
{
"ID": "CVE-2020-11884",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-11884",
"Impact": "High",
"Public": "20200429"
},
{
"ID": "CVE-2020-8647",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-8647",
"Impact": "Low",
"Public": "20200206"
},
{
"ID": "CVE-2020-8648",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-8648",
"Impact": "High",
"Public": "20200206"
},
{
"ID": "CVE-2020-8649",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-8649",
"Impact": "Low",
"Public": "20200206"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20201945001",
"Comment": "kernel-headers-modules-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945002",
"Comment": "kernel-headers-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945003",
"Comment": "kernel-image-domU-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945004",
"Comment": "kernel-image-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945005",
"Comment": "kernel-modules-drm-ancient-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945006",
"Comment": "kernel-modules-drm-nouveau-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945007",
"Comment": "kernel-modules-drm-radeon-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945008",
"Comment": "kernel-modules-drm-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945009",
"Comment": "kernel-modules-ide-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945010",
"Comment": "kernel-modules-staging-std-debug is earlier than 1:5.4.40-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20201945011",
"Comment": "kernel-modules-v4l-std-debug is earlier than 1:5.4.40-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink