Detections
Analytics
Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2024-574)
high Nessus Plugin ID 192442
Language:
Synopsis
The remote Amazon Linux 2023 host is missing a security update.Description
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-574 advisory.- RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE:
https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27 (ALAS2023-2024-574)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Run 'dnf update rust --releasever 2023.4.20240319' to update your system.See Also
Plugin Details
Severity: High
ID: 192442
File Name: al2023_ALAS2023-2024-574.nasl
Version: 1.0
Type: local
Agent: unix
Published: 3/21/2024
Updated: 3/21/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Vulnerability Information
CPE: p-cpe:/a:amazon:linux:cargo, p-cpe:/a:amazon:linux:cargo-debuginfo, p-cpe:/a:amazon:linux:clippy, p-cpe:/a:amazon:linux:clippy-debuginfo, p-cpe:/a:amazon:linux:rust, p-cpe:/a:amazon:linux:rust-analysis, p-cpe:/a:amazon:linux:rust-analyzer, p-cpe:/a:amazon:linux:rust-analyzer-debuginfo, p-cpe:/a:amazon:linux:rust-debugger-common, p-cpe:/a:amazon:linux:rust-debuginfo, p-cpe:/a:amazon:linux:rust-debugsource, p-cpe:/a:amazon:linux:rust-doc, p-cpe:/a:amazon:linux:rust-gdb, p-cpe:/a:amazon:linux:rust-lldb, p-cpe:/a:amazon:linux:rust-src, p-cpe:/a:amazon:linux:rust-std-static, p-cpe:/a:amazon:linux:rust-std-static-wasm32-unknown-unknown, p-cpe:/a:amazon:linux:rust-std-static-wasm32-wasi, p-cpe:/a:amazon:linux:rustfmt, p-cpe:/a:amazon:linux:rustfmt-debuginfo, cpe:/o:amazon:linux:2023
Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 3/13/2024
Vulnerability Publication Date: 3/13/2024