Detections
Analytics
Fedora 41 : google-guest-agent (2024-74c4c65ff6)
critical Nessus Plugin ID 211005
Synopsis
The remote Fedora host is missing one or more security updates.Description
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-74c4c65ff6 advisory.Automatic update for google-guest-agent-20240314.00-4.fc41.
##### **Changelog**
```
* Wed Apr 10 2024 Major Hayden <[email protected]> - 20240314.00-4
- Skip events test
* Wed Apr 10 2024 Major Hayden <[email protected]> - 20240314.00-3
- Fix typo in License filename
* Wed Apr 10 2024 Major Hayden <[email protected]> - 20240314.00-2
- Sync packit config with other GCP pkgs
* Wed Apr 10 2024 Major Hayden <[email protected]> - 20240314.00-1
- Update to 20240314.00 rhbz#2274184
* Wed Apr 10 2024 Fedora Release Engineering <[email protected]> - 20230726.00-8
- Unretirement Releng Request: https://pagure.io/releng/issue/12057
* Sun Feb 11 2024 Maxwell G <[email protected]> - 20230726.00-7
- Rebuild for golang 1.22.0
* Wed Jan 24 2024 Fedora Release Engineering <[email protected]> - 20230726.00-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sat Jan 20 2024 Fedora Release Engineering <[email protected]> - 20230726.00-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Sep 6 2023 Major Hayden <[email protected]> - 20230726.00-4
- PRs to rawhide only
* Fri Jul 28 2023 Major Hayden <[email protected]> - 20230726.00-3
- Fix typo on ppc64le
* Fri Jul 28 2023 Major Hayden <[email protected]> - 20230726.00-2
- Disable ppc64/s390x arches
* Fri Jul 28 2023 Packit <[email protected]> - 20230726.00-1
- [packit] 20230726.00 upstream release
* Tue Jul 25 2023 Major Hayden <[email protected]> - 20230725.00-2
- Disable koji auto build with packit
* Tue Jul 25 2023 Packit <[email protected]> - 20230725.00-1
- [packit] 20230725.00 upstream release
* Thu Jul 20 2023 Fedora Release Engineering <[email protected]> - 20230711.00-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jul 12 2023 Major Hayden <[email protected]> - 20230711.00-1
- Update to 20230711.00 rhbz#2222161
* Wed Jul 12 2023 Major Hayden <[email protected]> - 20230707.00-2
- Add packit config
* Tue Jul 11 2023 Major Hayden <[email protected]> - 20230707.00-1
- Update to 20230707.00 rhbz#2221432
* Mon Jul 3 2023 Major Hayden <[email protected]> - 20230628.00-1
- Update to 20230628.00 rhbz#2218708
* Wed Jun 28 2023 Major Hayden <[email protected]> - 20230626.00-1
- Update to 20230626.00 rhbz#2218220
* Mon Jun 12 2023 Major Hayden <[email protected]> - 20230601.00-1
- Update to 20230601.00 rhbz#2211674
* Thu May 18 2023 Major Hayden <[email protected]> - 20230517.00-1
- Update to 20230517.00 rhbz#2208103
* Mon May 15 2023 Major Hayden <[email protected]> - 20230510.00-1
- Update to 20230510.00 rhbz#2198979
* Mon May 1 2023 Major Hayden <[email protected]> - 20230426.00-1
- Update to 20230426.00 rhbz#2190065
* Thu Apr 6 2023 Major Hayden <[email protected]> - 20230403.00-1
- Update to 20230403.00 rhbz#2183053
* Tue Mar 28 2023 Major Hayden <[email protected]> - 20230221.00-2
- Bump revision for rebuild rhbz#2178465
* Tue Feb 28 2023 Major Hayden <[email protected]> - 20230221.00-1
- Update to 20230221.00 rhbz#2172749
* Wed Feb 22 2023 Major Hayden <[email protected]> - 20230207.00-2
- Set SPDX license
* Mon Feb 13 2023 Major Hayden <[email protected]> - 20230207.00-1
- Update to 20230207.00 rhbz#2160637
* Thu Jan 19 2023 Fedora Release Engineering <[email protected]> - 20221109.00-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Nov 14 2022 Major Hayden <[email protected]> - 20221109.00-1
- Update to 20221109.00 rhbz#2140412
* Wed Oct 26 2022 Major Hayden <[email protected]> - 20221025.00-1
- Update to 20221025.00 rhbz#2136314
* Wed Oct 12 2022 Major Hayden <[email protected]> - 20220927.00-1
- Update to 20220927.00 rhbz#2130931
* Thu Aug 25 2022 Major Hayden <[email protected]> - 20220824.00-1
- Update to 20220824.00 rhbz#2120895
* Thu Aug 18 2022 Major Hayden <[email protected]> - 20220816.01-1
- Update to 20220816.01 rhbz#2119456
* Thu Jul 21 2022 Fedora Release Engineering <[email protected]> - 20201217.02-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Tue Jul 19 2022 Maxwell G <[email protected]> - 20201217.02-5
- Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang
* Sat Jun 18 2022 Robert-Andr Mauchin <[email protected]> - 20201217.02-4
- Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191, CVE-2022-29526, CVE-2022-30629
```
Tenable has extracted the preceding description block directly from the Fedora security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected google-guest-agent package.See Also
https://bodhi.fedoraproject.org/updates/FEDORA-2024-74c4c65ff6
Plugin Details
Severity: Critical
ID: 211005
File Name: fedora_2024-74c4c65ff6.nasl
Version: 1.1
Type: local
Agent: unix
Family: Fedora Local Security Checks
Published: 11/14/2024
Updated: 11/14/2024
Supported Sensors: continuous_assessment, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS Score Source: CVE-2022-1996
CVSS v3
Risk Factor: Critical
Base Score: 9.1
Temporal Score: 8.2
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:fedoraproject:fedora:google-guest-agent, cpe:/o:fedoraproject:fedora:41
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/10/2024
Vulnerability Publication Date: 3/18/2022
Reference Information
CVE: CVE-2022-1996, CVE-2022-24675, CVE-2022-27191, CVE-2022-28327, CVE-2022-29526, CVE-2022-30629, CVE-2022-41723
FEDORA: 2024-74c4c65ff6