vuln-list-alt/oval/p11/ALT-PU-2020-1560/definitions.json

{
  "Definition": [
    {
      "ID": "oval:org.altlinux.errata:def:20201560",
      "Version": "oval:org.altlinux.errata:def:20201560",
      "Class": "patch",
      "Metadata": {
        "Title": "ALT-PU-2020-1560: package `systemd` update to version 245.2-alt1",
        "AffectedList": [
          {
            "Family": "unix",
            "Platforms": [
              "ALT Linux branch p11"
            ],
            "Products": [
              "ALT Container"
            ]
          }
        ],
        "References": [
          {
            "RefID": "ALT-PU-2020-1560",
            "RefURL": "https://errata.altlinux.org/ALT-PU-2020-1560",
            "Source": "ALTPU"
          },
          {
            "RefID": "BDU:2021-00092",
            "RefURL": "https://bdu.fstec.ru/vul/2021-00092",
            "Source": "BDU"
          },
          {
            "RefID": "BDU:2022-06889",
            "RefURL": "https://bdu.fstec.ru/vul/2022-06889",
            "Source": "BDU"
          },
          {
            "RefID": "CVE-2020-13529",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529",
            "Source": "CVE"
          },
          {
            "RefID": "CVE-2020-13776",
            "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-13776",
            "Source": "CVE"
          }
        ],
        "Description": "This update upgrades systemd to version 245.2-alt1. \nSecurity Fix(es):\n\n * BDU:2021-00092: Уязвимость подсистемы инициализации и управления службами Linux systemd, связанная с недостатком механизма проверки вводимых данных, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2022-06889: Уязвимость подсистемы инициализации и управления службами Systemd, связанная с обходом аутентификации посредством спуфинга, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2020-13529: An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP FORCERENEW packet can cause a server running the DHCP client to be vulnerable to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server.\n\n * CVE-2020-13776: systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.",
        "Advisory": {
          "From": "errata.altlinux.org",
          "Severity": "Low",
          "Rights": "Copyright 2024 BaseALT Ltd.",
          "Issued": {
            "Date": "2020-03-24"
          },
          "Updated": {
            "Date": "2020-03-24"
          },
          "BDUs": [
            {
              "ID": "BDU:2021-00092",
              "CVSS": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
              "CVSS3": "AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
              "CWE": "CWE-20",
              "Href": "https://bdu.fstec.ru/vul/2021-00092",
              "Impact": "Low",
              "Public": "20200603"
            },
            {
              "ID": "BDU:2022-06889",
              "CVSS": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
              "CVSS3": "AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
              "CWE": "CWE-290",
              "Href": "https://bdu.fstec.ru/vul/2022-06889",
              "Impact": "Low",
              "Public": "20200818"
            }
          ],
          "CVEs": [
            {
              "ID": "CVE-2020-13529",
              "CVSS": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
              "CVSS3": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
              "CWE": "CWE-290",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-13529",
              "Impact": "Low",
              "Public": "20210510"
            },
            {
              "ID": "CVE-2020-13776",
              "CVSS": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
              "CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
              "CWE": "CWE-269",
              "Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-13776",
              "Impact": "Low",
              "Public": "20200603"
            }
          ],
          "AffectedCPEs": {
            "CPEs": [
              "cpe:/o:alt:container:11"
            ]
          }
        }
      },
      "Criteria": {
        "Operator": "AND",
        "Criterions": [
          {
            "TestRef": "oval:org.altlinux.errata:tst:3001",
            "Comment": "ALT Linux must be installed"
          }
        ],
        "Criterias": [
          {
            "Operator": "OR",
            "Criterions": [
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560001",
                "Comment": "libnss-myhostname is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560002",
                "Comment": "libnss-mymachines is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560003",
                "Comment": "libnss-resolve is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560004",
                "Comment": "libnss-systemd is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560005",
                "Comment": "libsystemd is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560006",
                "Comment": "libsystemd-devel is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560007",
                "Comment": "libsystemd-devel-static is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560008",
                "Comment": "libudev-devel is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560009",
                "Comment": "libudev-devel-static is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560010",
                "Comment": "libudev1 is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560011",
                "Comment": "pam_systemd is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560012",
                "Comment": "pam_systemd_home is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560013",
                "Comment": "systemd is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560014",
                "Comment": "systemd-analyze is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560015",
                "Comment": "systemd-container is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560016",
                "Comment": "systemd-coredump is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560017",
                "Comment": "systemd-homed is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560018",
                "Comment": "systemd-journal-remote is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560019",
                "Comment": "systemd-networkd is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560020",
                "Comment": "systemd-portable is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560021",
                "Comment": "systemd-services is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560022",
                "Comment": "systemd-stateless is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560023",
                "Comment": "systemd-sysvinit is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560024",
                "Comment": "systemd-timesyncd is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560025",
                "Comment": "systemd-utils is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560026",
                "Comment": "udev is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560027",
                "Comment": "udev-hwdb is earlier than 1:245.2-alt1"
              },
              {
                "TestRef": "oval:org.altlinux.errata:tst:20201560028",
                "Comment": "udev-rules is earlier than 1:245.2-alt1"
              }
            ]
          }
        ]
      }
    }
  ]
}