CBL Mariner 2.0 Security Update: kernel (CVE-2024-26929)

high Nessus Plugin ID 206365

Synopsis

The remote CBL Mariner host is missing one or more security updates.

Description

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-26929 advisory.

- In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of fcport The server was crashing after LOGO because fcport was getting freed twice. -----------[ cut here ]----------- kernel BUG at mm/slub.c:371! invalid opcode: 0000 1 SMP PTI CPU: 35 PID: 4610 Comm: bash Kdump: loaded Tainted: G OE --------- - - 4.18.0-425.3.1.el8.x86_64 #1 Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021 RIP: 0010:set_freepointer.part.57+0x0/0x10 RSP:
0018:ffffb07107027d90 EFLAGS: 00010246 RAX: ffff9cb7e3150000 RBX: ffff9cb7e332b9c0 RCX: ffff9cb7e3150400 RDX: 0000000000001f37 RSI: 0000000000000000 RDI: ffff9cb7c0005500 RBP: fffff693448c5400 R08:
0000000080000000 R09: 0000000000000009 R10: 0000000000000000 R11: 0000000000132af0 R12: ffff9cb7c0005500 R13: ffff9cb7e3150000 R14: ffffffffc06990e0 R15: ffff9cb7ea85ea58 FS: 00007ff6b79c2740(0000) GS:ffff9cb8f7ec0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2:
000055b426b7d700 CR3: 0000000169c18002 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: kfree+0x238/0x250 qla2x00_els_dcmd_sp_free+0x20/0x230 [qla2xxx] ? qla24xx_els_dcmd_iocb+0x607/0x690 [qla2xxx] qla2x00_issue_logo+0x28c/0x2a0 [qla2xxx] ? qla2x00_issue_logo+0x28c/0x2a0 [qla2xxx] ? kernfs_fop_write+0x11e/0x1a0 Remove one of the free calls and add check for valid fcport. Also use function qla2x00_free_fcport() instead of kfree(). (CVE-2024-26929)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://nvd.nist.gov/vuln/detail/CVE-2024-26929

Plugin Details

Severity: High

ID: 206365

File Name: mariner_CVE-2024-26929.nasl

Version: 1.1

Type: local

Published: 8/30/2024

Updated: 8/30/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-26929

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:microsoft:cbl-mariner:python3-perf, p-cpe:/a:microsoft:cbl-mariner:kernel-devel, p-cpe:/a:microsoft:cbl-mariner:kernel-tools, p-cpe:/a:microsoft:cbl-mariner:kernel-drivers-accessibility, p-cpe:/a:microsoft:cbl-mariner:kernel-drivers-gpu, x-cpe:/o:microsoft:cbl-mariner, p-cpe:/a:microsoft:cbl-mariner:kernel, p-cpe:/a:microsoft:cbl-mariner:kernel-debuginfo, p-cpe:/a:microsoft:cbl-mariner:kernel-dtb, p-cpe:/a:microsoft:cbl-mariner:bpftool, p-cpe:/a:microsoft:cbl-mariner:kernel-docs, p-cpe:/a:microsoft:cbl-mariner:kernel-drivers-sound

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/CBLMariner/release, Host/CBLMariner/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 8/13/2024

Vulnerability Publication Date: 5/1/2024

Reference Information

CVE: CVE-2024-26929