Test ID:	1.3.6.1.4.1.25623.1.1.2.2023.2335
Category:	Huawei EulerOS Local Security Checks
Title:	Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2335)
Summary:	The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2023-2335 advisory.
Description:	Summary: The remote host is missing an update for the Huawei EulerOS 'kernel' package(s) announced via the EulerOS-SA-2023-2335 advisory. Vulnerability Insight: A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.(CVE-2023-2176) Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.(CVE-2023-1281) An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace 'data->block[0]' variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.(CVE-2023-2194) do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).(CVE-2023-28466) A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.(CVE-2023-1838) CVE-2023-0160 kernel: possibility of deadlock in libbpf function sock_hash_delete_elem.(CVE-2023-0160) Affected Software/OS: 'kernel' package(s) on Huawei EulerOS V2.0SP9. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-0160 RHBZ#2159764 https://bugzilla.redhat.com/show_bug.cgi?id=2159764 https://access.redhat.com/security/cve/CVE-2023-0160 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed17aa92dc56 https://lore.kernel.org/all/CABcoxUayum5oOqFMMqAeWuS8+EzojquSOSyDA3J_2omY=2EeAg@mail.gmail.com/ Common Vulnerability Exposure (CVE) ID: CVE-2023-1281 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee059170b1f7e94e55fa6cadee544e176a6e59c2 https://kernel.dance/#ee059170b1f7e94e55fa6cadee544e176a6e59c2 https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html http://www.openwall.com/lists/oss-security/2023/04/11/3 Common Vulnerability Exposure (CVE) ID: CVE-2023-1838 https://lore.kernel.org/netdev/20220516084213.26854-1-jasowang@redhat.com/T/ Common Vulnerability Exposure (CVE) ID: CVE-2023-2176 https://www.spinics.net/lists/linux-rdma/msg114749.html Common Vulnerability Exposure (CVE) ID: CVE-2023-2194 https://bugzilla.redhat.com/show_bug.cgi?id=2188396 https://github.com/torvalds/linux/commit/92fbb6d1296f Common Vulnerability Exposure (CVE) ID: CVE-2023-28466 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.