pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bc280e7b8c
vuln-list-alt/oval/p9/ALT-PU-2020-2687/definitions.json
pepelyaevip f2223a000f ALT Vulnerability
2024-05-23 03:02:23 +00:00

523 lines
26 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20202687",
"Version": "oval:org.altlinux.errata:def:20202687",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2020-2687: package `kernel-image-mp` update to version 5.7.16-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch p9"
],
"Products": [
"ALT Server",
"ALT Virtualization Server",
"ALT Workstation",
"ALT Workstation K",
"ALT Education",
"Simply Linux",
"Starterkit"
]
}
],
"References": [
{
"RefID": "ALT-PU-2020-2687",
"RefURL": "https://errata.altlinux.org/ALT-PU-2020-2687",
"Source": "ALTPU"
},
{
"RefID": "BDU:2020-03071",
"RefURL": "https://bdu.fstec.ru/vul/2020-03071",
"Source": "BDU"
},
{
"RefID": "BDU:2020-03435",
"RefURL": "https://bdu.fstec.ru/vul/2020-03435",
"Source": "BDU"
},
{
"RefID": "BDU:2020-05546",
"RefURL": "https://bdu.fstec.ru/vul/2020-05546",
"Source": "BDU"
},
{
"RefID": "BDU:2020-05547",
"RefURL": "https://bdu.fstec.ru/vul/2020-05547",
"Source": "BDU"
},
{
"RefID": "BDU:2020-05552",
"RefURL": "https://bdu.fstec.ru/vul/2020-05552",
"Source": "BDU"
},
{
"RefID": "BDU:2020-05900",
"RefURL": "https://bdu.fstec.ru/vul/2020-05900",
"Source": "BDU"
},
{
"RefID": "BDU:2021-00445",
"RefURL": "https://bdu.fstec.ru/vul/2021-00445",
"Source": "BDU"
},
{
"RefID": "BDU:2021-01957",
"RefURL": "https://bdu.fstec.ru/vul/2021-01957",
"Source": "BDU"
},
{
"RefID": "BDU:2021-02305",
"RefURL": "https://bdu.fstec.ru/vul/2021-02305",
"Source": "BDU"
},
{
"RefID": "BDU:2021-02589",
"RefURL": "https://bdu.fstec.ru/vul/2021-02589",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03188",
"RefURL": "https://bdu.fstec.ru/vul/2021-03188",
"Source": "BDU"
},
{
"RefID": "BDU:2021-03189",
"RefURL": "https://bdu.fstec.ru/vul/2021-03189",
"Source": "BDU"
},
{
"RefID": "BDU:2021-06410",
"RefURL": "https://bdu.fstec.ru/vul/2021-06410",
"Source": "BDU"
},
{
"RefID": "BDU:2022-05426",
"RefURL": "https://bdu.fstec.ru/vul/2022-05426",
"Source": "BDU"
},
{
"RefID": "BDU:2023-01798",
"RefURL": "https://bdu.fstec.ru/vul/2023-01798",
"Source": "BDU"
},
{
"RefID": "CVE-2020-10711",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-10711",
"Source": "CVE"
},
{
"RefID": "CVE-2020-10757",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-10757",
"Source": "CVE"
},
{
"RefID": "CVE-2020-13974",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974",
"Source": "CVE"
},
{
"RefID": "CVE-2020-14356",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-14356",
"Source": "CVE"
},
{
"RefID": "CVE-2020-15393",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15393",
"Source": "CVE"
},
{
"RefID": "CVE-2020-15780",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15780",
"Source": "CVE"
},
{
"RefID": "CVE-2020-15852",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-15852",
"Source": "CVE"
},
{
"RefID": "CVE-2020-16166",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-16166",
"Source": "CVE"
},
{
"RefID": "CVE-2020-24394",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-24394",
"Source": "CVE"
},
{
"RefID": "CVE-2020-29368",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-29368",
"Source": "CVE"
},
{
"RefID": "CVE-2020-29369",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-29369",
"Source": "CVE"
},
{
"RefID": "CVE-2020-29374",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-29374",
"Source": "CVE"
},
{
"RefID": "CVE-2020-36313",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-36313",
"Source": "CVE"
},
{
"RefID": "CVE-2021-4159",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-4159",
"Source": "CVE"
},
{
"RefID": "CVE-2023-1582",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2023-1582",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-mp to version 5.7.16-alt1. \nSecurity Fix(es):\n\n * BDU:2020-03071: Уязвимость компонента drivers/tty/vt/keyboard.c ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2020-03435: Уязвимость функции usbtest_disconnect ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-05546: Уязвимость функции __split_huge_pmd (mm/huge_memory.c) ядра операционных систем Linux, позволяющая нарушителю выполнить произвольный код\n\n * BDU:2020-05547: Уязвимость функций expand_downwards и expand_upwards (mm/mmap.c) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-05552: Уязвимость функции get_user_pages(), позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-05900: Уязвимость процедуры ebitmap_netlbl_import ядра операционных систем Linux, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-00445: Уязвимость системы контроля доступа SELinux ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2021-01957: Уязвимость компонентов arch/s390/kvm/kvm-s390.c, include/linux/kvm_host.h и virt/kvm/kvm_main.c подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционных систем Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2021-02305: Уязвимость функции в drivers/char/random.c and kernel/time/timer.c ядра операционной системы Linux, позволяющая нарушителю получить конфиденциальную информацию\n\n * BDU:2021-02589: Уязвимость функции tss_invalidate_io_bitmap ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии\n\n * BDU:2021-03188: Уязвимость компонента fs/nfsd/vfs.c ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации\n\n * BDU:2021-03189: Уязвимость подсистемы cgroupv2 ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии\n\n * BDU:2021-06410: Уязвимость компонента mm/mremap.c ядра операционной системы Linux, связанная с выходом операции за допустимые границы буфера данных, позволяющая нарушителю повысить свои привилегии в системе\n\n * BDU:2022-05426: Уязвимость подсистемы eBPF ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию\n\n * BDU:2023-01798: Уязвимость виртуальной файловой системы /proc ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2020-10711: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.\n\n * CVE-2020-10757: A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.\n\n * CVE-2020-13974: An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case.\n\n * CVE-2020-14356: A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.\n\n * CVE-2020-15393: In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.\n\n * CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.\n\n * CVE-2020-15852: An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.\n\n * CVE-2020-16166: The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c.\n\n * CVE-2020-24394: In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.\n\n * CVE-2020-29368: An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.\n\n * CVE-2020-29369: An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.\n\n * CVE-2020-29374: An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58.\n\n * CVE-2020-36313: An issue was discovered in the Linux kernel before 5.7. The KVM subsystem allows out-of-range access to memslots after a deletion, aka CID-0774a964ef56. This affects arch/s390/kvm/kvm-s390.c, include/linux/kvm_host.h, and virt/kvm/kvm_main.c.\n\n * CVE-2021-4159: A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.\n\n * CVE-2023-1582: A race problem was found in fs/proc/task_mmu.c in the memory management sub-component in the Linux kernel. This issue may allow a local attacker with user privilege to cause a denial of service.",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2020-08-26"
},
"Updated": {
"Date": "2020-08-26"
},
"BDUs": [
{
"ID": "BDU:2020-03071",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://bdu.fstec.ru/vul/2020-03071",
"Impact": "High",
"Public": "20200609"
},
{
"ID": "BDU:2020-03435",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-772",
"Href": "https://bdu.fstec.ru/vul/2020-03435",
"Impact": "Low",
"Public": "20200602"
},
{
"ID": "BDU:2020-05546",
"CVSS": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://bdu.fstec.ru/vul/2020-05546",
"Impact": "High",
"Public": "20200527"
},
{
"ID": "BDU:2020-05547",
"CVSS": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-362, CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-05547",
"Impact": "High",
"Public": "20200630"
},
{
"ID": "BDU:2020-05552",
"CVSS": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://bdu.fstec.ru/vul/2020-05552",
"Impact": "High",
"Public": "20200527"
},
{
"ID": "BDU:2020-05900",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2020-05900",
"Impact": "Low",
"Public": "20200522"
},
{
"ID": "BDU:2021-00445",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-00445",
"Impact": "Low",
"Public": "20200522"
},
{
"ID": "BDU:2021-01957",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://bdu.fstec.ru/vul/2021-01957",
"Impact": "High",
"Public": "20210406"
},
{
"ID": "BDU:2021-02305",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-200",
"Href": "https://bdu.fstec.ru/vul/2021-02305",
"Impact": "Low",
"Public": "20200720"
},
{
"ID": "BDU:2021-02589",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-276",
"Href": "https://bdu.fstec.ru/vul/2021-02589",
"Impact": "High",
"Public": "20200720"
},
{
"ID": "BDU:2021-03188",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:N",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"CWE": "CWE-732",
"Href": "https://bdu.fstec.ru/vul/2021-03188",
"Impact": "High",
"Public": "20200617"
},
{
"ID": "BDU:2021-03189",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-476",
"Href": "https://bdu.fstec.ru/vul/2021-03189",
"Impact": "High",
"Public": "20200707"
},
{
"ID": "BDU:2021-06410",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-843",
"Href": "https://bdu.fstec.ru/vul/2021-06410",
"Impact": "High",
"Public": "20200609"
},
{
"ID": "BDU:2022-05426",
"CVSS": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
"CVSS3": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"CWE": "CWE-17, CWE-125, CWE-202",
"Href": "https://bdu.fstec.ru/vul/2022-05426",
"Impact": "Low",
"Public": "20220128"
},
{
"ID": "BDU:2023-01798",
"CVSS": "AV:L/AC:H/Au:S/C:N/I:N/A:C",
"CVSS3": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-362",
"Href": "https://bdu.fstec.ru/vul/2023-01798",
"Impact": "Low",
"Public": "20220211"
}
],
"CVEs": [
{
"ID": "CVE-2020-10711",
"CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-10711",
"Impact": "Low",
"Public": "20200522"
},
{
"ID": "CVE-2020-10757",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-119",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-10757",
"Impact": "High",
"Public": "20200609"
},
{
"ID": "CVE-2020-13974",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-13974",
"Impact": "High",
"Public": "20200609"
},
{
"ID": "CVE-2020-14356",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-476",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-14356",
"Impact": "High",
"Public": "20200819"
},
{
"ID": "CVE-2020-15393",
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15393",
"Impact": "Low",
"Public": "20200629"
},
{
"ID": "CVE-2020-15780",
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-862",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15780",
"Impact": "Low",
"Public": "20200715"
},
{
"ID": "CVE-2020-15852",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-276",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-15852",
"Impact": "High",
"Public": "20200720"
},
{
"ID": "CVE-2020-16166",
"CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"CVSS3": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"CWE": "CWE-330",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-16166",
"Impact": "Low",
"Public": "20200730"
},
{
"ID": "CVE-2020-24394",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"CWE": "CWE-732",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-24394",
"Impact": "High",
"Public": "20200819"
},
{
"ID": "CVE-2020-29368",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-29368",
"Impact": "High",
"Public": "20201128"
},
{
"ID": "CVE-2020-29369",
"CVSS": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-29369",
"Impact": "High",
"Public": "20201128"
},
{
"ID": "CVE-2020-29374",
"CVSS": "AV:L/AC:M/Au:N/C:P/I:P/A:N",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-29374",
"Impact": "Low",
"Public": "20201128"
},
{
"ID": "CVE-2020-36313",
"CVSS": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-36313",
"Impact": "High",
"Public": "20210407"
},
{
"ID": "CVE-2021-4159",
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"CWE": "NVD-CWE-Other",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-4159",
"Impact": "Low",
"Public": "20220824"
},
{
"ID": "CVE-2023-1582",
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-362",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2023-1582",
"Impact": "Low",
"Public": "20230405"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:kworkstation:9",
"cpe:/o:alt:workstation:9",
"cpe:/o:alt:server:9",
"cpe:/o:alt:server-v:9",
"cpe:/o:alt:education:9",
"cpe:/o:alt:slinux:9",
"cpe:/o:alt:starterkit:p9",
"cpe:/o:alt:kworkstation:9.1",
"cpe:/o:alt:workstation:9.1",
"cpe:/o:alt:server:9.1",
"cpe:/o:alt:server-v:9.1",
"cpe:/o:alt:education:9.1",
"cpe:/o:alt:slinux:9.1",
"cpe:/o:alt:starterkit:9.1",
"cpe:/o:alt:kworkstation:9.2",
"cpe:/o:alt:workstation:9.2",
"cpe:/o:alt:server:9.2",
"cpe:/o:alt:server-v:9.2",
"cpe:/o:alt:education:9.2",
"cpe:/o:alt:slinux:9.2",
"cpe:/o:alt:starterkit:9.2"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:1001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20202687001",
"Comment": "kernel-headers-modules-mp is earlier than 0:5.7.16-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20202687002",
"Comment": "kernel-headers-mp is earlier than 0:5.7.16-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20202687003",
"Comment": "kernel-image-mp is earlier than 0:5.7.16-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink