Slackware Linux 15.0 / current apr Multiple Vulnerabilities (SSA:2023-032-01)

critical Nessus Plugin ID 170930

Synopsis

The remote Slackware Linux host is missing a security update to apr.

Description

The version of apr installed on the remote host is prior to 1.7.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-032-01 advisory.

- When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.
(CVE-2017-12613)

- An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue. (CVE-2021-35940)

- Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0. (CVE-2022-24963)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the affected apr package.

Plugin Details

Severity: Critical

ID: 170930

File Name: Slackware_SSA_2023-032-01.nasl

Version: 1.1

Type: local

Published: 2/1/2023

Updated: 2/8/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Low

Base Score: 3.6

Temporal Score: 2.7

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P

CVSS Score Source: CVE-2021-35940

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2022-24963

Vulnerability Information

CPE: p-cpe:/a:slackware:slackware_linux:apr, cpe:/o:slackware:slackware_linux, cpe:/o:slackware:slackware_linux:15.0

Required KB Items: Host/local_checks_enabled, Host/Slackware/release, Host/Slackware/packages

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 10/23/2017

Reference Information

CVE: CVE-2017-12613, CVE-2021-35940, CVE-2022-24963