Fedora 41 : google-guest-agent (2024-74c4c65ff6)

critical Nessus Plugin ID 211005

Synopsis

The remote Fedora host is missing one or more security updates.

Description

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-74c4c65ff6 advisory.

Automatic update for google-guest-agent-20240314.00-4.fc41.

##### **Changelog**

```
* Wed Apr 10 2024 Major Hayden <[email protected]> - 20240314.00-4
- Skip events test
* Wed Apr 10 2024 Major Hayden <[email protected]> - 20240314.00-3
- Fix typo in License filename
* Wed Apr 10 2024 Major Hayden <[email protected]> - 20240314.00-2
- Sync packit config with other GCP pkgs
* Wed Apr 10 2024 Major Hayden <[email protected]> - 20240314.00-1
- Update to 20240314.00 rhbz#2274184
* Wed Apr 10 2024 Fedora Release Engineering <[email protected]> - 20230726.00-8
- Unretirement Releng Request: https://pagure.io/releng/issue/12057
* Sun Feb 11 2024 Maxwell G <[email protected]> - 20230726.00-7
- Rebuild for golang 1.22.0
* Wed Jan 24 2024 Fedora Release Engineering <[email protected]> - 20230726.00-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jan 20 2024 Fedora Release Engineering <[email protected]> - 20230726.00-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Sep 6 2023 Major Hayden <[email protected]> - 20230726.00-4
- PRs to rawhide only
* Fri Jul 28 2023 Major Hayden <[email protected]> - 20230726.00-3
- Fix typo on ppc64le
* Fri Jul 28 2023 Major Hayden <[email protected]> - 20230726.00-2
- Disable ppc64/s390x arches
* Fri Jul 28 2023 Packit <[email protected]> - 20230726.00-1
- [packit] 20230726.00 upstream release
* Tue Jul 25 2023 Major Hayden <[email protected]> - 20230725.00-2
- Disable koji auto build with packit
* Tue Jul 25 2023 Packit <[email protected]> - 20230725.00-1
- [packit] 20230725.00 upstream release
* Thu Jul 20 2023 Fedora Release Engineering <[email protected]> - 20230711.00-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jul 12 2023 Major Hayden <[email protected]> - 20230711.00-1
- Update to 20230711.00 rhbz#2222161
* Wed Jul 12 2023 Major Hayden <[email protected]> - 20230707.00-2
- Add packit config
* Tue Jul 11 2023 Major Hayden <[email protected]> - 20230707.00-1
- Update to 20230707.00 rhbz#2221432
* Mon Jul 3 2023 Major Hayden <[email protected]> - 20230628.00-1
- Update to 20230628.00 rhbz#2218708
* Wed Jun 28 2023 Major Hayden <[email protected]> - 20230626.00-1
- Update to 20230626.00 rhbz#2218220
* Mon Jun 12 2023 Major Hayden <[email protected]> - 20230601.00-1
- Update to 20230601.00 rhbz#2211674
* Thu May 18 2023 Major Hayden <[email protected]> - 20230517.00-1
- Update to 20230517.00 rhbz#2208103
* Mon May 15 2023 Major Hayden <[email protected]> - 20230510.00-1
- Update to 20230510.00 rhbz#2198979
* Mon May 1 2023 Major Hayden <[email protected]> - 20230426.00-1
- Update to 20230426.00 rhbz#2190065
* Thu Apr 6 2023 Major Hayden <[email protected]> - 20230403.00-1
- Update to 20230403.00 rhbz#2183053
* Tue Mar 28 2023 Major Hayden <[email protected]> - 20230221.00-2
- Bump revision for rebuild rhbz#2178465
* Tue Feb 28 2023 Major Hayden <[email protected]> - 20230221.00-1
- Update to 20230221.00 rhbz#2172749
* Wed Feb 22 2023 Major Hayden <[email protected]> - 20230207.00-2
- Set SPDX license
* Mon Feb 13 2023 Major Hayden <[email protected]> - 20230207.00-1
- Update to 20230207.00 rhbz#2160637
* Thu Jan 19 2023 Fedora Release Engineering <[email protected]> - 20221109.00-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Nov 14 2022 Major Hayden <[email protected]> - 20221109.00-1
- Update to 20221109.00 rhbz#2140412
* Wed Oct 26 2022 Major Hayden <[email protected]> - 20221025.00-1
- Update to 20221025.00 rhbz#2136314
* Wed Oct 12 2022 Major Hayden <[email protected]> - 20220927.00-1
- Update to 20220927.00 rhbz#2130931
* Thu Aug 25 2022 Major Hayden <[email protected]> - 20220824.00-1
- Update to 20220824.00 rhbz#2120895
* Thu Aug 18 2022 Major Hayden <[email protected]> - 20220816.01-1
- Update to 20220816.01 rhbz#2119456
* Thu Jul 21 2022 Fedora Release Engineering <[email protected]> - 20201217.02-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Maxwell G <[email protected]> - 20201217.02-5
- Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang
* Sat Jun 18 2022 Robert-Andr Mauchin <[email protected]> - 20201217.02-4
- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629

```

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected google-guest-agent package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2024-74c4c65ff6

Plugin Details

Severity: Critical

ID: 211005

File Name: fedora_2024-74c4c65ff6.nasl

Version: 1.1

Type: local

Agent: unix

Published: 11/14/2024

Updated: 11/14/2024

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2022-1996

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:google-guest-agent, cpe:/o:fedoraproject:fedora:41

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/10/2024

Vulnerability Publication Date: 3/18/2022

Reference Information

CVE: CVE-2022-1996, CVE-2022-24675, CVE-2022-27191, CVE-2022-28327, CVE-2022-29526, CVE-2022-30629, CVE-2022-41723