pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b1153fc0bf
vuln-list-alt/oval/c9f2/ALT-PU-2021-2691/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

248 lines
12 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20212691",
"Version": "oval:org.altlinux.errata:def:20212691",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2021-2691: package `kernel-image-std-def` update to version 5.10.61-alt0.c9f",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c9f2"
],
"Products": [
"ALT SPWorkstation",
"ALT SPServer"
]
}
],
"References": [
{
"RefID": "ALT-PU-2021-2691",
"RefURL": "https://errata.altlinux.org/ALT-PU-2021-2691",
"Source": "ALTPU"
},
{
"RefID": "BDU:2021-04028",
"RefURL": "https://bdu.fstec.ru/vul/2021-04028",
"Source": "BDU"
},
{
"RefID": "BDU:2021-04846",
"RefURL": "https://bdu.fstec.ru/vul/2021-04846",
"Source": "BDU"
},
{
"RefID": "BDU:2022-00682",
"RefURL": "https://bdu.fstec.ru/vul/2022-00682",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05781",
"RefURL": "https://bdu.fstec.ru/vul/2022-05781",
"Source": "BDU"
},
{
"RefID": "CVE-2021-3573",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-3573",
"Source": "CVE"
},
{
"RefID": "CVE-2021-3653",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-3653",
"Source": "CVE"
},
{
"RefID": "CVE-2021-3656",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-3656",
"Source": "CVE"
},
{
"RefID": "CVE-2021-37576",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-37576",
"Source": "CVE"
},
{
"RefID": "CVE-2021-42008",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-42008",
"Source": "CVE"
},
{
"RefID": "CVE-2022-1043",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-1043",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-std-def to version 5.10.61-alt0.c9f. \nSecurity Fix(es):\n\n * BDU:2021-04028: Уязвимость функции rtas_args.nargs драйвера arch/powerpc/kvm/book3s_rtas.c ядра операционной системы Linux, позволяющая нарушителю вызвать повреждение памяти операционной системы хоста\n\n * BDU:2021-04846: Уязвимость функции hci_sock_bound_ioctl () подсистемы HCI ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код в контексте ядра\n\n * BDU:2022-00682: Уязвимость подсистемы виртуализации KVM ядра операционной системы Linux, связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2022-05781: Уязвимость функции decode_data компонента drivers/net/hamradio/6pack.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * CVE-2021-3573: A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.\n\n * CVE-2021-3653: A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"int_ctl\" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.\n\n * CVE-2021-3656: A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"virt_ext\" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.\n\n * CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.\n\n * CVE-2021-42008: The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.\n\n * CVE-2022-1043: A flaw was found in the Linux kernels io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2021-09-02"
},
"Updated": {
"Date": "2021-09-02"
},
"BDUs": [
{
"ID": "BDU:2021-04028",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2021-04028",
"Impact": "High",
"Public": "20210723"
},
{
"ID": "BDU:2021-04846",
"CVSS": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-362, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2021-04846",
"Impact": "Low",
"Public": "20210531"
},
{
"ID": "BDU:2022-00682",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-264, CWE-862",
"Href": "https://bdu.fstec.ru/vul/2022-00682",
"Impact": "High",
"Public": "20210816"
},
{
"ID": "BDU:2022-05781",
"CVSS": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://bdu.fstec.ru/vul/2022-05781",
"Impact": "High",
"Public": "20210816"
}
],
"CVEs": [
{
"ID": "CVE-2021-3573",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-3573",
"Impact": "Low",
"Public": "20210813"
},
{
"ID": "CVE-2021-3653",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-862",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-3653",
"Impact": "High",
"Public": "20210929"
},
{
"ID": "CVE-2021-3656",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-862",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-3656",
"Impact": "High",
"Public": "20220304"
},
{
"ID": "CVE-2021-37576",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-37576",
"Impact": "High",
"Public": "20210726"
},
{
"ID": "CVE-2021-42008",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-787",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-42008",
"Impact": "High",
"Public": "20211005"
},
{
"ID": "CVE-2022-1043",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-1043",
"Impact": "High",
"Public": "20220829"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:8.4",
"cpe:/o:alt:spserver:8.4"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:3001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20212691001",
"Comment": "kernel-doc-std is earlier than 2:5.10.61-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212691002",
"Comment": "kernel-headers-modules-std-def is earlier than 2:5.10.61-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212691003",
"Comment": "kernel-headers-std-def is earlier than 2:5.10.61-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212691004",
"Comment": "kernel-image-domU-std-def is earlier than 2:5.10.61-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212691005",
"Comment": "kernel-image-std-def is earlier than 2:5.10.61-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212691006",
"Comment": "kernel-modules-drm-ancient-std-def is earlier than 2:5.10.61-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212691007",
"Comment": "kernel-modules-drm-nouveau-std-def is earlier than 2:5.10.61-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212691008",
"Comment": "kernel-modules-drm-std-def is earlier than 2:5.10.61-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212691009",
"Comment": "kernel-modules-ide-std-def is earlier than 2:5.10.61-alt0.c9f"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20212691010",
"Comment": "kernel-modules-staging-std-def is earlier than 2:5.10.61-alt0.c9f"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink