pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b1153fc0bf
vuln-list-alt/oval/p9/ALT-PU-2019-1260/definitions.json
pepelyaevip 56bb29c44b ALT Vulnerability
2024-06-28 13:17:52 +00:00

342 lines
16 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20191260",
"Version": "oval:org.altlinux.errata:def:20191260",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2019-1260: package `systemd` update to version 241-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2019-1260",
"RefURL": "https://errata.altlinux.org/ALT-PU-2019-1260",
"Source": "ALTPU"
},
{
"RefID": "BDU:2019-00412",
"RefURL": "https://bdu.fstec.ru/vul/2019-00412",
"Source": "BDU"
},
{
"RefID": "BDU:2019-00413",
"RefURL": "https://bdu.fstec.ru/vul/2019-00413",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01751",
"RefURL": "https://bdu.fstec.ru/vul/2019-01751",
"Source": "BDU"
},
{
"RefID": "BDU:2019-01752",
"RefURL": "https://bdu.fstec.ru/vul/2019-01752",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03212",
"RefURL": "https://bdu.fstec.ru/vul/2019-03212",
"Source": "BDU"
},
{
"RefID": "CVE-2018-16864",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-16864",
"Source": "CVE"
},
{
"RefID": "CVE-2018-16865",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-16865",
"Source": "CVE"
},
{
"RefID": "CVE-2019-15718",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-15718",
"Source": "CVE"
},
{
"RefID": "CVE-2022-2526",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2022-2526",
"Source": "CVE"
}
],
"Description": "This update upgrades systemd to version 241-alt1. \nSecurity Fix(es):\n\n * BDU:2019-00412: Уязвимость в бинарной системе хранения служебной информации systemd-journald операционной системы Debian, позволяющая нарушителю вызвать отказ в обслуживании или повысить привилегии в системе\n\n * BDU:2019-00413: Уязвимость в бинарной системе хранения служебной информации systemd-journald операционной системы Debian, позволяющая нарушителю вызвать отказ в обслуживании или повысить привилегии в системе\n\n * BDU:2019-01751: Уязвимость бинарной системы хранения служебной информации systemd-journald, вызванная выходом операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании или выполнить код с привилегиями journald\n\n * BDU:2019-01752: Уязвимость бинарной системы хранения служебной информации systemd-journald, вызванная выходом операции за границы буфера в памяти, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании\n\n * BDU:2019-03212: Уязвимость функции bus_open_system_watch_bind_with_description (shared/bus-util.c) демона Systemd, позволяющая нарушителю повысить свои привилегии и изменить DNS настройки\n\n * CVE-2018-16864: An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.\n\n * CVE-2018-16865: An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.\n\n * CVE-2019-15718: In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that should be restricted to privileged users, in order to change the system's DNS resolver settings.\n\n * CVE-2022-2526: A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "Critical",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2019-02-18"
},
"Updated": {
"Date": "2019-02-18"
},
"BDUs": [
{
"ID": "BDU:2019-00412",
"CVSS": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-770",
"Href": "https://bdu.fstec.ru/vul/2019-00412",
"Impact": "High",
"Public": "20190111"
},
{
"ID": "BDU:2019-00413",
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-770",
"Href": "https://bdu.fstec.ru/vul/2019-00413",
"Impact": "High",
"Public": "20190111"
},
{
"ID": "BDU:2019-01751",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-01751",
"Impact": "High",
"Public": "20181127"
},
{
"ID": "BDU:2019-01752",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2019-01752",
"Impact": "High",
"Public": "20181127"
},
{
"ID": "BDU:2019-03212",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:C/A:N",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"CWE": "CWE-284",
"Href": "https://bdu.fstec.ru/vul/2019-03212",
"Impact": "Low",
"Public": "20190827"
}
],
"CVEs": [
{
"ID": "CVE-2018-16864",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-770",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-16864",
"Impact": "High",
"Public": "20190111"
},
{
"ID": "CVE-2018-16865",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-770",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-16865",
"Impact": "High",
"Public": "20190111"
},
{
"ID": "CVE-2019-15718",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"CWE": "NVD-CWE-noinfo",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-15718",
"Impact": "Low",
"Public": "20190904"
},
{
"ID": "CVE-2022-2526",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2022-2526",
"Impact": "Critical",
"Public": "20220909"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9",
"cpe:/o:alt:kworkstation:9.1",
"cpe:/o:alt:workstation:9.1",
"cpe:/o:alt:server:9.1",
"cpe:/o:alt:server-v:9.1",
"cpe:/o:alt:education:9.1",
"cpe:/o:alt:slinux:9.1",
"cpe:/o:alt:starterkit:9.1",
"cpe:/o:alt:kworkstation:9.2",
"cpe:/o:alt:workstation:9.2",
"cpe:/o:alt:server:9.2",
"cpe:/o:alt:server-v:9.2",
"cpe:/o:alt:education:9.2",
"cpe:/o:alt:slinux:9.2",
"cpe:/o:alt:starterkit:9.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20191260001",
"Comment": "bash-completion-systemd is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260002",
"Comment": "bash-completion-udev is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260003",
"Comment": "libnss-myhostname is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260004",
"Comment": "libnss-mymachines is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260005",
"Comment": "libnss-resolve is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260006",
"Comment": "libnss-systemd is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260007",
"Comment": "libsystemd is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260008",
"Comment": "libsystemd-devel is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260009",
"Comment": "libsystemd-devel-static is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260010",
"Comment": "libudev-devel is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260011",
"Comment": "libudev-devel-static is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260012",
"Comment": "libudev1 is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260013",
"Comment": "pam_systemd is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260014",
"Comment": "systemd is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260015",
"Comment": "systemd-analyze is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260016",
"Comment": "systemd-container is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260017",
"Comment": "systemd-coredump is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260018",
"Comment": "systemd-journal-remote is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260019",
"Comment": "systemd-networkd is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260020",
"Comment": "systemd-portable is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260021",
"Comment": "systemd-services is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260022",
"Comment": "systemd-stateless is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260023",
"Comment": "systemd-sysvinit is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260024",
"Comment": "systemd-timesyncd is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260025",
"Comment": "systemd-utils is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260026",
"Comment": "udev is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260027",
"Comment": "udev-extras is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260028",
"Comment": "udev-hwdb is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260029",
"Comment": "udev-rules is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260030",
"Comment": "zsh-completion-systemd is earlier than 1:241-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20191260031",
"Comment": "zsh-completion-udev is earlier than 1:241-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink