EulerOS Virtualization 3.0.6.0 : edk (EulerOS-SA-2020-1791)

critical Nessus Plugin ID 138010

Synopsis

The remote EulerOS Virtualization host is missing multiple security updates.

Description

According to the versions of the edk package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

- A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.(CVE-2019-13225)

- A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.(CVE-2019-13224)

- EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications in the TianoCore community.There is a security vulnerability in EDK2. The vulnerability stems from the fact that the'DxeImageVerificationHandler()' function does not correctly check whether unsigned EFI files are allowed to be loaded. Attackers can use this vulnerability to bypass verification.(CVE-2019-14575)

- EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications in the TianoCore community.The'ArpOnFrameRcvdDpc' function in EDK2 has a resource management error vulnerability. The vulnerability stems from the improper management of system resources (such as memory, disk space, files, etc.) by network systems or products.(CVE-2019-14559)

- EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications in the TianoCore community.An input verification error vulnerability exists in EDK2. The vulnerability stems from the fact that the network system or product did not correctly verify the input data.(CVE-2019-14563)

- EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications in the TianoCore community.There is a security vulnerability in EDK2. The source of the vulnerability will receive an invalid certificate when HTTPS-over-IPv6 is started.
Attackers can use this vulnerability to implement man-in-the-middle attacks.(CVE-2019-14553)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected edk packages.

See Also

http://www.nessus.org/u?d4e891d3

Plugin Details

Severity: Critical

ID: 138010

File Name: EulerOS_SA-2020-1791.nasl

Version: 1.6

Type: local

Published: 7/1/2020

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2019-13224

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:huawei:euleros:uvp:3.0.6.0, p-cpe:/a:huawei:euleros:edk

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 6/30/2020

Reference Information

CVE: CVE-2019-13224, CVE-2019-13225, CVE-2019-14553, CVE-2019-14559, CVE-2019-14563, CVE-2019-14575