Vulnerabilities > CVE-2019-3817 - Use After Free vulnerability in RPM Libcomps

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

rpm

CWE-416

nessus

NVD

Published: 2019-03-27

Updated: 2019-10-09

Summary

A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.

Vulnerable Configurations

Part	Description	Count
Application	Rpm RPM Libcomps 0.1.1-1 RPM Libcomps 0.1.2 RPM Libcomps 0.1.3 RPM Libcomps 0.1.4 RPM Libcomps 0.1.4-4 RPM Libcomps 0.1.5 RPM Libcomps 0.1.6 RPM Libcomps 0.1.7 RPM Libcomps 0.1.8 RPM Libcomps 0.1.9	10

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

Nessus

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2020-1293.NASL
description	According to the versions of the libcomps packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.(CVE-2019-3817) - libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.(CVE-2019-9893) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-03
modified	2020-03-23
plugin id	134785
published	2020-03-23
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134785
title	EulerOS 2.0 SP8 : libcomps (EulerOS-SA-2020-1293)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(134785); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/01"); script_cve_id( "CVE-2019-3817", "CVE-2019-9893" ); script_name(english:"EulerOS 2.0 SP8 : libcomps (EulerOS-SA-2020-1293)"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote EulerOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "According to the versions of the libcomps packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw has been discovered in libcomps before version 0.1.10 in the way ObjMRTrees are merged. An attacker, who is able to make an application read a crafted comps XML file, may be able to crash the application or execute malicious code.(CVE-2019-3817) - libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.(CVE-2019-9893) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues."); # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1293 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b1f2522c"); script_set_attribute(attribute:"solution", value: "Update the affected libcomps packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/23"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libcomps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libcomps-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python2-libcomps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:python3-libcomps"); script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Huawei Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp"); script_exclude_keys("Host/EulerOS/uvp_version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/EulerOS/release"); if (isnull(release) \|\| release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS"); if (release !~ "^EulerOS release 2\.0(\D\|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0"); sp = get_kb_item("Host/EulerOS/sp"); if (isnull(sp) \|\| sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8"); uvp = get_kb_item("Host/EulerOS/uvp_version"); if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp); if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu); if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu); flag = 0; pkgs = ["libcomps-0.1.8-14.h1.eulerosv2r8", "libcomps-devel-0.1.8-14.h1.eulerosv2r8", "python2-libcomps-0.1.8-14.h1.eulerosv2r8", "python3-libcomps-0.1.8-14.h1.eulerosv2r8"]; foreach (pkg in pkgs) if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libcomps"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-323.NASL
description	This update for libcomps fixes the following issue: Security issue fixed : - CVE-2019-3817: Fixed a use-after-free vulnerability in comps_objmradix.c:comps_objmrtree_unite() function where could allow to application crash or code execution (bsc#1122841).
last seen	2020-06-01
modified	2020-06-02
plugin id	122772
published	2019-03-12
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/122772
title	openSUSE Security Update : libcomps (openSUSE-2019-323)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-323. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(122772); script_version("1.3"); script_cvs_date("Date: 2020/02/05"); script_cve_id("CVE-2019-3817"); script_name(english:"openSUSE Security Update : libcomps (openSUSE-2019-323)"); script_summary(english:"Check for the openSUSE-2019-323 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for libcomps fixes the following issue: Security issue fixed : - CVE-2019-3817: Fixed a use-after-free vulnerability in comps_objmradix.c:comps_objmrtree_unite() function where could allow to application crash or code execution (bsc#1122841)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1122841" ); script_set_attribute( attribute:"solution", value:"Update the affected libcomps packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcomps-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcomps-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcomps-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcomps0_1_6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libcomps0_1_6-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python2-libcomps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python2-libcomps-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-libcomps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-libcomps-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"patch_publication_date", value:"2019/03/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"libcomps-debuginfo-0.1.8-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcomps-debugsource-0.1.8-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcomps-devel-0.1.8-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcomps0_1_6-0.1.8-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libcomps0_1_6-debuginfo-0.1.8-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python2-libcomps-0.1.8-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python2-libcomps-debuginfo-0.1.8-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python3-libcomps-0.1.8-lp150.2.3.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"python3-libcomps-debuginfo-0.1.8-lp150.2.3.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libcomps-debuginfo / libcomps-debugsource / libcomps-devel / etc"); }

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3898.NASL
description	An update for libcomps is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Libcomps is library for structure-like manipulation with content of comps XML files. Supports read/write XML file, structure(s) modification. Security Fix(es) : * libcomps: use after free when merging two objmrtrees (CVE-2019-3817) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	131152
published	2019-11-20
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/131152
title	RHEL 7 : libcomps (RHSA-2019:3898)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:3898. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(131152); script_version("1.2"); script_cvs_date("Date: 2019/12/09"); script_cve_id("CVE-2019-3817"); script_xref(name:"RHSA", value:"2019:3898"); script_name(english:"RHEL 7 : libcomps (RHSA-2019:3898)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for libcomps is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Libcomps is library for structure-like manipulation with content of comps XML files. Supports read/write XML file, structure(s) modification. Security Fix(es) : * libcomps: use after free when merging two objmrtrees (CVE-2019-3817) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:3898" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-3817" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcomps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcomps-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcomps-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcomps-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-libcomps-doc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python2-libcomps"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/20"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2019:3898"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libcomps-0.1.8-13.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libcomps-0.1.8-13.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libcomps-debuginfo-0.1.8-13.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libcomps-debuginfo-0.1.8-13.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"libcomps-devel-0.1.8-13.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"libcomps-devel-0.1.8-13.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"libcomps-doc-0.1.8-13.el7")) flag++; if (rpm_check(release:"RHEL7", reference:"python-libcomps-doc-0.1.8-13.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"python2-libcomps-0.1.8-13.el7")) flag++; if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"python2-libcomps-0.1.8-13.el7")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libcomps / libcomps-debuginfo / libcomps-devel / libcomps-doc / etc"); } }

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2019-3583.NASL
description	An update for yum is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Yum is a command-line utility that allows the user to check for updates and automatically download and install updated RPM packages. Yum automatically obtains and downloads dependencies, prompting the user for permission as necessary. The following packages have been upgraded to a later upstream version: dnf (4.2.7), dnf-plugins-core (4.0.8), libcomps (0.1.11), libdnf (0.35.1), librepo (1.10.3), libsolv (0.7.4). (BZ#1690288, BZ#1690289, BZ#1690299, BZ#1692402, BZ# 1694019, BZ#1697946) Security Fix(es) : * libcomps: use after free when merging two objmrtrees (CVE-2019-3817) * libsolv: illegal address access in pool_whatprovides in src/pool.h (CVE-2018-20534) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
last seen	2020-06-01
modified	2020-06-02
plugin id	130555
published	2019-11-06
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/130555
title	RHEL 8 : yum (RHSA-2019:3583)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2019:3583. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(130555); script_version("1.2"); script_cvs_date("Date: 2019/12/17"); script_cve_id("CVE-2018-20534", "CVE-2019-3817"); script_xref(name:"RHSA", value:"2019:3583"); script_name(english:"RHEL 8 : yum (RHSA-2019:3583)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for yum is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Yum is a command-line utility that allows the user to check for updates and automatically download and install updated RPM packages. Yum automatically obtains and downloads dependencies, prompting the user for permission as necessary. The following packages have been upgraded to a later upstream version: dnf (4.2.7), dnf-plugins-core (4.0.8), libcomps (0.1.11), libdnf (0.35.1), librepo (1.10.3), libsolv (0.7.4). (BZ#1690288, BZ#1690289, BZ#1690299, BZ#1692402, BZ# 1694019, BZ#1697946) Security Fix(es) : * libcomps: use after free when merging two objmrtrees (CVE-2019-3817) * libsolv: illegal address access in pool_whatprovides in src/pool.h (CVE-2018-20534) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes : For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section." ); # https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?774148ae" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2019:3583" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-20534" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2019-3817" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:createrepo_c"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:createrepo_c-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:createrepo_c-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:createrepo_c-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:createrepo_c-libs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:createrepo_c-libs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dnf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dnf-automatic"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dnf-data"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:dnf-plugins-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcomps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcomps-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcomps-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libcomps-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libdnf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libdnf-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libdnf-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librepo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librepo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librepo-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librhsm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librhsm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librhsm-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsolv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsolv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsolv-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsolv-demo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libsolv-tools-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:microdnf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:microdnf-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:microdnf-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:perl-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-createrepo_c"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-createrepo_c-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-dnf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-dnf-plugin-versionlock"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-dnf-plugins-core"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-hawkey"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-hawkey-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-libcomps"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-libcomps-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-libdnf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-libdnf-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-librepo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-librepo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python3-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ruby-solv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:yum"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:yum-utils"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/12/28"); script_set_attribute(attribute:"patch_publication_date", value:"2019/11/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/06"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^8([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 8.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2019:3583"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"createrepo_c-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"createrepo_c-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"createrepo_c-debuginfo-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"createrepo_c-debuginfo-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"createrepo_c-debuginfo-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"createrepo_c-debugsource-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"createrepo_c-debugsource-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"createrepo_c-debugsource-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"createrepo_c-devel-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"createrepo_c-devel-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"createrepo_c-devel-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"createrepo_c-libs-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"createrepo_c-libs-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"createrepo_c-libs-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"createrepo_c-libs-debuginfo-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"createrepo_c-libs-debuginfo-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"createrepo_c-libs-debuginfo-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"dnf-4.2.7-6.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"dnf-automatic-4.2.7-6.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"dnf-data-4.2.7-6.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"dnf-plugins-core-4.0.8-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libcomps-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libcomps-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libcomps-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libcomps-debuginfo-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libcomps-debuginfo-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libcomps-debuginfo-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libcomps-debugsource-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libcomps-debugsource-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libcomps-debugsource-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libcomps-devel-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libcomps-devel-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libcomps-devel-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libdnf-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libdnf-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libdnf-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libdnf-debuginfo-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libdnf-debuginfo-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libdnf-debuginfo-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libdnf-debugsource-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libdnf-debugsource-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libdnf-debugsource-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"librepo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"librepo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"librepo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"librepo-debuginfo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"librepo-debuginfo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"librepo-debuginfo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"librepo-debugsource-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"librepo-debugsource-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"librepo-debugsource-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"librhsm-0.0.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"librhsm-0.0.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"librhsm-0.0.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"librhsm-debuginfo-0.0.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"librhsm-debuginfo-0.0.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"librhsm-debuginfo-0.0.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"librhsm-debugsource-0.0.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"librhsm-debugsource-0.0.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"librhsm-debugsource-0.0.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libsolv-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libsolv-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libsolv-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libsolv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libsolv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libsolv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libsolv-debugsource-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libsolv-debugsource-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libsolv-debugsource-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libsolv-demo-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libsolv-demo-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libsolv-demo-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"libsolv-tools-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"libsolv-tools-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"libsolv-tools-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"microdnf-3.0.1-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"microdnf-3.0.1-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"microdnf-debuginfo-3.0.1-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"microdnf-debuginfo-3.0.1-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"microdnf-debugsource-3.0.1-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"microdnf-debugsource-3.0.1-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"perl-solv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"perl-solv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"perl-solv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-createrepo_c-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-createrepo_c-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"python3-createrepo_c-debuginfo-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-createrepo_c-debuginfo-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-createrepo_c-debuginfo-0.11.0-3.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"python3-dnf-4.2.7-6.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"python3-dnf-plugin-versionlock-4.0.8-3.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"python3-dnf-plugins-core-4.0.8-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-hawkey-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-hawkey-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"python3-hawkey-debuginfo-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-hawkey-debuginfo-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-hawkey-debuginfo-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-libcomps-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-libcomps-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"python3-libcomps-debuginfo-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-libcomps-debuginfo-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-libcomps-debuginfo-0.1.11-2.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-libdnf-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-libdnf-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"python3-libdnf-debuginfo-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-libdnf-debuginfo-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-libdnf-debuginfo-0.35.1-8.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-librepo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-librepo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"python3-librepo-debuginfo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-librepo-debuginfo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-librepo-debuginfo-1.10.3-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"python3-solv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"python3-solv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"python3-solv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"i686", reference:"ruby-solv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"s390x", reference:"ruby-solv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"ruby-solv-debuginfo-0.7.4-3.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"yum-4.2.7-6.el8")) flag++; if (rpm_check(release:"RHEL8", reference:"yum-utils-4.0.8-3.el8")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "createrepo_c / createrepo_c-debuginfo / createrepo_c-debugsource / etc"); } }

Redhat

advisories

bugzilla

id	1746349
title	with repositories with dots

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 8 is installed
oval oval:com.redhat.rhba:tst:20193384074

AND

comment libsolv-debugsource is earlier than 0:0.7.4-3.el8
oval oval:com.redhat.rhsa:tst:20193583001
comment libsolv-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583002

AND
comment libsolv is earlier than 0:0.7.4-3.el8
oval oval:com.redhat.rhsa:tst:20193583003
comment libsolv is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20192290002
AND
comment librhsm is earlier than 0:0.0.3-3.el8
oval oval:com.redhat.rhsa:tst:20193583005
comment librhsm is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583006

AND

comment librhsm-debugsource is earlier than 0:0.0.3-3.el8
oval oval:com.redhat.rhsa:tst:20193583007
comment librhsm-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583008

AND

comment libcomps-debugsource is earlier than 0:0.1.11-2.el8
oval oval:com.redhat.rhsa:tst:20193583009
comment libcomps-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583010

AND

comment python3-libcomps is earlier than 0:0.1.11-2.el8
oval oval:com.redhat.rhsa:tst:20193583011
comment python3-libcomps is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583012

AND
comment libcomps-devel is earlier than 0:0.1.11-2.el8
oval oval:com.redhat.rhsa:tst:20193583013
comment libcomps-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583014
AND
comment libcomps is earlier than 0:0.1.11-2.el8
oval oval:com.redhat.rhsa:tst:20193583015
comment libcomps is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583016

AND

comment createrepo_c-debugsource is earlier than 0:0.11.0-3.el8
oval oval:com.redhat.rhsa:tst:20193583017
comment createrepo_c-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583018

AND

comment python3-createrepo_c is earlier than 0:0.11.0-3.el8
oval oval:com.redhat.rhsa:tst:20193583019
comment python3-createrepo_c is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583020

AND

comment createrepo_c-libs is earlier than 0:0.11.0-3.el8
oval oval:com.redhat.rhsa:tst:20193583021
comment createrepo_c-libs is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583022

AND

comment createrepo_c-devel is earlier than 0:0.11.0-3.el8
oval oval:com.redhat.rhsa:tst:20193583023
comment createrepo_c-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583024

AND
comment createrepo_c is earlier than 0:0.11.0-3.el8
oval oval:com.redhat.rhsa:tst:20193583025
comment createrepo_c is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583026
AND
comment yum-utils is earlier than 0:4.0.8-3.el8
oval oval:com.redhat.rhsa:tst:20193583027
comment yum-utils is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20182284042

AND

comment python3-dnf-plugins-core is earlier than 0:4.0.8-3.el8
oval oval:com.redhat.rhsa:tst:20193583029
comment python3-dnf-plugins-core is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583030

AND

comment python3-dnf-plugin-versionlock is earlier than 0:4.0.8-3.el8
oval oval:com.redhat.rhsa:tst:20193583031
comment python3-dnf-plugin-versionlock is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583032

AND

comment dnf-plugins-core is earlier than 0:4.0.8-3.el8
oval oval:com.redhat.rhsa:tst:20193583033
comment dnf-plugins-core is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583034

AND

comment microdnf-debugsource is earlier than 0:3.0.1-3.el8
oval oval:com.redhat.rhsa:tst:20193583035
comment microdnf-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583036

AND
comment microdnf is earlier than 0:3.0.1-3.el8
oval oval:com.redhat.rhsa:tst:20193583037
comment microdnf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583038
AND
comment yum is earlier than 0:4.2.7-6.el8
oval oval:com.redhat.rhsa:tst:20193583039
comment yum is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583040
AND
comment python3-dnf is earlier than 0:4.2.7-6.el8
oval oval:com.redhat.rhsa:tst:20193583041
comment python3-dnf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583042
AND
comment dnf-data is earlier than 0:4.2.7-6.el8
oval oval:com.redhat.rhsa:tst:20193583043
comment dnf-data is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583044
AND
comment dnf-automatic is earlier than 0:4.2.7-6.el8
oval oval:com.redhat.rhsa:tst:20193583045
comment dnf-automatic is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583046
AND
comment dnf is earlier than 0:4.2.7-6.el8
oval oval:com.redhat.rhsa:tst:20193583047
comment dnf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583048

AND

comment librepo-debugsource is earlier than 0:1.10.3-3.el8
oval oval:com.redhat.rhsa:tst:20193583049
comment librepo-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583050

AND
comment python3-librepo is earlier than 0:1.10.3-3.el8
oval oval:com.redhat.rhsa:tst:20193583051
comment python3-librepo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583052
AND
comment librepo is earlier than 0:1.10.3-3.el8
oval oval:com.redhat.rhsa:tst:20193583053
comment librepo is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583054

AND

comment libdnf-debugsource is earlier than 0:0.35.1-8.el8
oval oval:com.redhat.rhsa:tst:20193583055
comment libdnf-debugsource is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583056

AND
comment python3-libdnf is earlier than 0:0.35.1-8.el8
oval oval:com.redhat.rhsa:tst:20193583057
comment python3-libdnf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583058
AND
comment python3-hawkey is earlier than 0:0.35.1-8.el8
oval oval:com.redhat.rhsa:tst:20193583059
comment python3-hawkey is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583060
AND
comment libdnf is earlier than 0:0.35.1-8.el8
oval oval:com.redhat.rhsa:tst:20193583061
comment libdnf is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20193583062

rhsa

id	RHSA-2019:3583
released	2019-11-05
severity	Moderate
title	RHSA-2019:3583: yum security, bug fix, and enhancement update (Moderate)

rhsa
id RHSA-2019:3898

rpms

createrepo_c-0:0.11.0-3.el8
createrepo_c-debuginfo-0:0.11.0-3.el8
createrepo_c-debugsource-0:0.11.0-3.el8
createrepo_c-devel-0:0.11.0-3.el8
createrepo_c-libs-0:0.11.0-3.el8
createrepo_c-libs-debuginfo-0:0.11.0-3.el8
dnf-0:4.2.7-6.el8
dnf-automatic-0:4.2.7-6.el8
dnf-data-0:4.2.7-6.el8
dnf-plugins-core-0:4.0.8-3.el8
libcomps-0:0.1.11-2.el8
libcomps-debuginfo-0:0.1.11-2.el8
libcomps-debugsource-0:0.1.11-2.el8
libcomps-devel-0:0.1.11-2.el8
libdnf-0:0.35.1-8.el8
libdnf-debuginfo-0:0.35.1-8.el8
libdnf-debugsource-0:0.35.1-8.el8
librepo-0:1.10.3-3.el8
librepo-debuginfo-0:1.10.3-3.el8
librepo-debugsource-0:1.10.3-3.el8
librhsm-0:0.0.3-3.el8
librhsm-debuginfo-0:0.0.3-3.el8
librhsm-debugsource-0:0.0.3-3.el8
libsolv-0:0.7.4-3.el8
libsolv-debuginfo-0:0.7.4-3.el8
libsolv-debugsource-0:0.7.4-3.el8
libsolv-demo-debuginfo-0:0.7.4-3.el8
libsolv-tools-debuginfo-0:0.7.4-3.el8
microdnf-0:3.0.1-3.el8
microdnf-debuginfo-0:3.0.1-3.el8
microdnf-debugsource-0:3.0.1-3.el8
perl-solv-debuginfo-0:0.7.4-3.el8
python3-createrepo_c-0:0.11.0-3.el8
python3-createrepo_c-debuginfo-0:0.11.0-3.el8
python3-dnf-0:4.2.7-6.el8
python3-dnf-plugin-versionlock-0:4.0.8-3.el8
python3-dnf-plugins-core-0:4.0.8-3.el8
python3-hawkey-0:0.35.1-8.el8
python3-hawkey-debuginfo-0:0.35.1-8.el8
python3-libcomps-0:0.1.11-2.el8
python3-libcomps-debuginfo-0:0.1.11-2.el8
python3-libdnf-0:0.35.1-8.el8
python3-libdnf-debuginfo-0:0.35.1-8.el8
python3-librepo-0:1.10.3-3.el8
python3-librepo-debuginfo-0:1.10.3-3.el8
python3-solv-debuginfo-0:0.7.4-3.el8
ruby-solv-debuginfo-0:0.7.4-3.el8
yum-0:4.2.7-6.el8
yum-utils-0:4.0.8-3.el8
libcomps-0:0.1.8-13.el7
libcomps-debuginfo-0:0.1.8-13.el7
libcomps-devel-0:0.1.8-13.el7
libcomps-doc-0:0.1.8-13.el7
python-libcomps-doc-0:0.1.8-13.el7
python2-libcomps-0:0.1.8-13.el7

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Redhat

References