pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vuln-list-alt/oval/p11/ALT-PU-2022-2131/definitions.json
pepelyaevip 43c7060749 ALT Vulnerability
2024-12-18 09:06:35 +00:00

515 lines
26 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20222131",
"Version": "oval:org.altlinux.errata:def:20222131",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2022-2131: package `kernel-image-un-def` update to version 5.18.6-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p11"
],
"Products": [
"ALT Container"
]
}
],
"References": [
{
"RefID": "ALT-PU-2022-2131",
"RefURL": "https://errata.altlinux.org/ALT-PU-2022-2131",
"Source": "ALTPU"
},
{
"RefID": "BDU:2022-02361",
"RefURL": "https://bdu.fstec.ru/vul/2022-02361",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03970",
"RefURL": "https://bdu.fstec.ru/vul/2022-03970",
"Source": "BDU"
},
{
"RefID": "BDU:2022-03984",
"RefURL": "https://bdu.fstec.ru/vul/2022-03984",
"Source": "BDU"
},
{
"RefID": "BDU:2022-04271",
"RefURL": "https://bdu.fstec.ru/vul/2022-04271",
"Source": "BDU"
},
{
"RefID": "BDU:2022-04393",
"RefURL": "https://bdu.fstec.ru/vul/2022-04393",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05184",
"RefURL": "https://bdu.fstec.ru/vul/2022-05184",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05402",
"RefURL": "https://bdu.fstec.ru/vul/2022-05402",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05481",
"RefURL": "https://bdu.fstec.ru/vul/2022-05481",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05844",
"RefURL": "https://bdu.fstec.ru/vul/2022-05844",
"Source": "BDU"
},
{
"RefID": "BDU:2022-06912",
"RefURL": "https://bdu.fstec.ru/vul/2022-06912",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01198",
"RefURL": "https://bdu.fstec.ru/vul/2023-01198",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01275",
"RefURL": "https://bdu.fstec.ru/vul/2023-01275",
"Source": "BDU"
},
{
"RefID": "BDU:2023-03171",
"RefURL": "https://bdu.fstec.ru/vul/2023-03171",
"Source": "BDU"
},
{
"RefID": "CVE-2022-0168",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0168",
"Source": "CVE"
},
{
"RefID": "CVE-2022-0171",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-0171",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1012",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1012",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1263",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1263",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1734",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1734",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1976",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1976",
"Source": "CVE"
},
{
"RefID": "CVE-2022-2153",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-2153",
"Source": "CVE"
},
{
"RefID": "CVE-2022-2380",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-2380",
"Source": "CVE"
},
{
"RefID": "CVE-2022-3078",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-3078",
"Source": "CVE"
},
{
"RefID": "CVE-2022-3202",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-3202",
"Source": "CVE"
},
{
"RefID": "CVE-2022-32981",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-32981",
"Source": "CVE"
},
{
"RefID": "CVE-2022-33743",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-33743",
"Source": "CVE"
},
{
"RefID": "CVE-2022-33744",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-33744",
"Source": "CVE"
},
{
"RefID": "CVE-2022-34494",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-34494",
"Source": "CVE"
},
{
"RefID": "CVE-2022-34495",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-34495",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1249",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1249",
"Source": "CVE"
},
{
"RefID": "CVE-2023-3159",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-3159",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-un-def to version 5.18.6-alt1. \nSecurity Fix(es):\n\n * BDU:2022-02361: Уязвимость функции smb2_ioctl_query_info() ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-03970: Уязвимость функции rpmsg_probe (drivers/rpmsg/virtio_rpmsg_bus.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-03984: Уязвимость функции rpmsg_virtio_add_ctrl_dev (drivers/rpmsg/virtio_rpmsg_bus.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-04271: Уязвимость кроссплатформенного гипервизора Xen ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2022-04393: Уязвимость функции smtcfb_read() ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию и вызвать отказ в обслуживании\n\n * BDU:2022-05184: Уязвимость функции kvm_dirty_ring_push (virt/kvm/dirty_ring.c) подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-05402: Уязвимость функции nfcmrvl_nci_unregister_dev() операционной системы Linux , позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2022-05481: Уязвимость функции kvm_irq_delivery_to_apic_fast() подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2022-05844: Уязвимость функции diFree (fs/jfs/inode.c) журналируемой файловой системы (JFS) ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании\n\n * BDU:2022-06912: Уязвимость ядра операционной системы Linux, связанная с ошибками при освобождении ресурсов, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-01198: Уязвимость подсистемы виртуализации Kernel-based Virtual Machine (KVM) в AMD Secure Encrypted Virtualization (SEV) в модуле virt/kvm/kvm_main.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-01275: Уязвимость функции fill_files_note() (fs/binfmt_elf.c) подсистемы поддержки файловых систем ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2023-03171: Уязвимость драйвере протокола IEEE 1394 (FireWire) ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2022-0168: A denial of service (DOS) issue was found in the Linux kernels smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.\n\n * CVE-2022-0171: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).\n\n * CVE-2022-1012: A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem.\n\n * CVE-2022-1263: A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.\n\n * CVE-2022-1734: A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.\n\n * CVE-2022-1976: A flaw was found in the Linux kernels implementation of IO-URING. This flaw allows an attacker with local executable permission to create a string of requests that can cause a use-after-free flaw within the kernel. This issue leads to memory corruption and possible privilege escalation.\n\n * CVE-2022-2153: A flaw was found in the Linux kernels KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.\n\n * CVE-2022-2380: The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.\n\n * CVE-2022-3078: An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc() and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c.\n\n * CVE-2022-3202: A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information.\n\n * CVE-2022-32981: An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.\n\n * CVE-2022-33743: network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.\n\n * CVE-2022-33744: Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the related lock held, resulting in a small race window, which can be used by unprivileged guests via PV devices to cause inconsistencies of the rbtree. These inconsistencies can lead to Denial of Service (DoS) of dom0, e.g. by causing crashes or the inability to perform further mappings of other guests' memory pages.\n\n * CVE-2022-34494: rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.\n\n * CVE-2022-34495: rpmsg_probe in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.\n\n * CVE-2023-1249: A use-after-free flaw was found in the Linux kernels core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 (\"coredump: Use the vma snapshot in fill_files_note\") not applied yet, then kernel could be affected.\n\n * CVE-2023-3159: A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker with special privilege may cause a use after free problem when queue_event() fails.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2022-06-23"
},
"Updated": {
"Date": "2022-06-23"
},
"BDUs": [
{
"ID": "BDU:2022-02361",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2022-02361",
"Impact": "Low",
"Public": "20220105"
},
{
"ID": "BDU:2022-03970",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-415",
"Href": "https://bdu.fstec.ru/vul/2022-03970",
"Impact": "Low",
"Public": "20220626"
},
{
"ID": "BDU:2022-03984",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-415",
"Href": "https://bdu.fstec.ru/vul/2022-03984",
"Impact": "Low",
"Public": "20220626"
},
{
"ID": "BDU:2022-04271",
"CVSS": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-20",
"Href": "https://bdu.fstec.ru/vul/2022-04271",
"Impact": "High",
"Public": "20220701"
},
{
"ID": "BDU:2022-04393",
"CVSS": "AV:L/AC:L/Au:S/C:P/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"CWE": "CWE-125, CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-04393",
"Impact": "Low",
"Public": "20220713"
},
{
"ID": "BDU:2022-05184",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2022-05184",
"Impact": "Low",
"Public": "20220406"
},
{
"ID": "BDU:2022-05402",
"CVSS": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2022-05402",
"Impact": "High",
"Public": "20220501"
},
{
"ID": "BDU:2022-05481",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2022-05481",
"Impact": "Low",
"Public": "20220325"
},
{
"ID": "BDU:2022-05844",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2022-05844",
"Impact": "High",
"Public": "20220322"
},
{
"ID": "BDU:2022-06912",
"CVSS": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-404",
"Href": "https://bdu.fstec.ru/vul/2022-06912",
"Impact": "Low",
"Public": "20220705"
},
{
"ID": "BDU:2023-01198",
"CVSS": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-459",
"Href": "https://bdu.fstec.ru/vul/2023-01198",
"Impact": "Low",
"Public": "20220421"
},
{
"ID": "BDU:2023-01275",
"CVSS": "AV:L/AC:H/Au:S/C:N/I:P/A:C",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-01275",
"Impact": "Low",
"Public": "20220308"
},
{
"ID": "BDU:2023-03171",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2023-03171",
"Impact": "High",
"Public": "20220425"
}
],
"CVEs": [
{
"ID": "CVE-2022-0168",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0168",
"Impact": "Low",
"Public": "20220826"
},
{
"ID": "CVE-2022-0171",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-212",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-0171",
"Impact": "Low",
"Public": "20220826"
},
{
"ID": "CVE-2022-1012",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1012",
"Impact": "High",
"Public": "20220805"
},
{
"ID": "CVE-2022-1263",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1263",
"Impact": "Low",
"Public": "20220831"
},
{
"ID": "CVE-2022-1734",
"CVSS": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1734",
"Impact": "High",
"Public": "20220518"
},
{
"ID": "CVE-2022-1976",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1976",
"Impact": "High",
"Public": "20220831"
},
{
"ID": "CVE-2022-2153",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-2153",
"Impact": "Low",
"Public": "20220831"
},
{
"ID": "CVE-2022-2380",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-2380",
"Impact": "Low",
"Public": "20220713"
},
{
"ID": "CVE-2022-3078",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-3078",
"Impact": "Low",
"Public": "20220901"
},
{
"ID": "CVE-2022-3202",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-3202",
"Impact": "High",
"Public": "20220914"
},
{
"ID": "CVE-2022-32981",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-32981",
"Impact": "High",
"Public": "20220610"
},
{
"ID": "CVE-2022-33743",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-33743",
"Impact": "High",
"Public": "20220705"
},
{
"ID": "CVE-2022-33744",
"CVSS": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-33744",
"Impact": "Low",
"Public": "20220705"
},
{
"ID": "CVE-2022-34494",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-34494",
"Impact": "Low",
"Public": "20220626"
},
{
"ID": "CVE-2022-34495",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-415",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-34495",
"Impact": "Low",
"Public": "20220626"
},
{
"ID": "CVE-2023-1249",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1249",
"Impact": "Low",
"Public": "20230323"
},
{
"ID": "CVE-2023-3159",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-3159",
"Impact": "Low",
"Public": "20230612"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:container:11"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20222131001",
"Comment": "kernel-doc-un is earlier than 1:5.18.6-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20222131002",
"Comment": "kernel-headers-modules-un-def is earlier than 1:5.18.6-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20222131003",
"Comment": "kernel-headers-un-def is earlier than 1:5.18.6-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20222131004",
"Comment": "kernel-image-domU-un-def is earlier than 1:5.18.6-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20222131005",
"Comment": "kernel-image-un-def is earlier than 1:5.18.6-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20222131006",
"Comment": "kernel-image-un-def-checkinstall is earlier than 1:5.18.6-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20222131007",
"Comment": "kernel-modules-drm-ancient-un-def is earlier than 1:5.18.6-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20222131008",
"Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:5.18.6-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20222131009",
"Comment": "kernel-modules-drm-un-def is earlier than 1:5.18.6-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20222131010",
"Comment": "kernel-modules-staging-un-def is earlier than 1:5.18.6-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink