pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
965bfc23c8
vuln-list-alt/oval/c9f2/ALT-PU-2021-1563/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

215 lines
10 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20211563",
"Version": "oval:org.altlinux.errata:def:20211563",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-1563: package `kernel-image-std-def` update to version 5.4.107-alt0.c9f",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-1563",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-1563",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-01688",
"RefURL": "https://bdu.fstec.ru/vul/2021-01688",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01835",
"RefURL": "https://bdu.fstec.ru/vul/2021-01835",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04833",
"RefURL": "https://bdu.fstec.ru/vul/2021-04833",
"Source": "BDU"
},
{
"RefID": "CVE-2019-2308",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-2308",
"Source": "CVE"
},
{
"RefID": "CVE-2021-28375",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-28375",
"Source": "CVE"
},
{
"RefID": "CVE-2021-28660",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-28660",
"Source": "CVE"
},
{
"RefID": "CVE-2021-3444",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-3444",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-std-def to version 5.4.107-alt0.c9f. \nSecurity Fix(es):\n\n * BDU:2021-01688: Уязвимость функции rtw_wx_set_scan() (drivers/staging/rtl8188eu/os_dep/ioctl_linux.c) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-01835: Уязвимость реализации механизма проверки BPF ядра операционных систем Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации или выполнить произвольный код\n\n * BDU:2021-04833: Уязвимость функции fastrpc_internal_invoke (drivers/misc/fastrpc.c) ядра операционной системы Linux, позволяющая нарушителю выполнить произвольную команду управления\n\n * CVE-2019-2308: User application could potentially make RPC call to the fastrpc driver and the driver will allow the message to go through to the remote subsystem in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24\n\n * CVE-2021-28375: An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308.\n\n * CVE-2021-28660: rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the -\u003essid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.\n\n * CVE-2021-3444: The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in the upstream kernel in commit 9b00f1b78809 (\"bpf: Fix truncation handling for mod32 dst reg wrt zero\") and in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-03-26"
},
"Updated": {
"Date": "2021-03-26"
},
"BDUs": [
{
"ID": "BDU:2021-01688",
"CVSS": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-120, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-01688",
"Impact": "High",
"Public": "20210310"
},
{
"ID": "BDU:2021-01835",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-125, CWE-681",
"Href": "https://bdu.fstec.ru/vul/2021-01835",
"Impact": "High",
"Public": "20210213"
},
{
"ID": "BDU:2021-04833",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-269",
"Href": "https://bdu.fstec.ru/vul/2021-04833",
"Impact": "High",
"Public": "20210315"
}
],
"CVEs": [
{
"ID": "CVE-2019-2308",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-2308",
"Impact": "High",
"Public": "20190725"
},
{
"ID": "CVE-2021-28375",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-862",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-28375",
"Impact": "High",
"Public": "20210315"
},
{
"ID": "CVE-2021-28660",
"CVSS": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-28660",
"Impact": "High",
"Public": "20210317"
},
{
"ID": "CVE-2021-3444",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-125",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-3444",
"Impact": "High",
"Public": "20210323"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20211563001",
"Comment": "kernel-doc-std is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563002",
"Comment": "kernel-headers-modules-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563003",
"Comment": "kernel-headers-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563004",
"Comment": "kernel-image-domU-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563005",
"Comment": "kernel-image-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563006",
"Comment": "kernel-modules-drm-ancient-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563007",
"Comment": "kernel-modules-drm-nouveau-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563008",
"Comment": "kernel-modules-drm-radeon-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563009",
"Comment": "kernel-modules-drm-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563010",
"Comment": "kernel-modules-ide-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563011",
"Comment": "kernel-modules-staging-std-def is earlier than 2:5.4.107-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20211563012",
"Comment": "kernel-modules-v4l-std-def is earlier than 2:5.4.107-alt0.c9f"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink