pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a538f1e924
vuln-list-alt/oval/p11/ALT-PU-2018-1384/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

132 lines
5.0 KiB
JSON
Raw Blame History

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20181384",
"Version": "oval:org.altlinux.errata:def:20181384",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2018-1384: package `kernel-image-un-def` update to version 4.14.24-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2018-1384",
"RefURL": "https://errata.altlinux.org/ALT-PU-2018-1384",
"Source": "ALTPU"
},
{
"RefID": "CVE-2018-1000028",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000028",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-un-def to version 4.14.24-alt1. \nSecurity Fix(es):\n\n * CVE-2018-1000028: Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS server must export a filesystem with the \"rootsquash\" options enabled. This vulnerability appears to have been fixed in after commit 1995266727fa.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2018-03-06"
},
"Updated": {
"Date": "2018-03-06"
},
"BDUs": null,
"CVEs": [
{
"ID": "CVE-2018-1000028",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"CWE": "CWE-269",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000028",
"Impact": "High",
"Public": "20180209"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20181384001",
"Comment": "kernel-doc-un is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384002",
"Comment": "kernel-headers-modules-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384003",
"Comment": "kernel-headers-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384004",
"Comment": "kernel-image-domU-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384005",
"Comment": "kernel-image-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384006",
"Comment": "kernel-modules-drm-ancient-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384007",
"Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384008",
"Comment": "kernel-modules-drm-radeon-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384009",
"Comment": "kernel-modules-drm-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384010",
"Comment": "kernel-modules-ide-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384011",
"Comment": "kernel-modules-kvm-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384012",
"Comment": "kernel-modules-staging-un-def is earlier than 1:4.14.24-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20181384013",
"Comment": "kernel-modules-v4l-un-def is earlier than 1:4.14.24-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink