Detections
Analytics

Oracle Linux 8 : GNOME (ELSA-2021-1586)

high Nessus Plugin ID 149947

Language:

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1586 advisory.

 - A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability. (CVE-2020-13543)

 - An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability. (CVE-2020-13584)

 - The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir, NULL, NULL) and files using g_file_replace_contents (kfsb->file, contents, length, NULL, FALSE, G_FILE_CREATE_REPLACE_DESTINATION, NULL, NULL, NULL).
 Consequently, it does not properly restrict directory (and file) permissions. Instead, for directories, 0777 permissions are used; for files, default file permissions are used. This is similar to CVE-2019-12450. (CVE-2019-13012)

 - A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14.0.
 Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9948)

 - A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.0.
 Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9951)

 - An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution. (CVE-2020-9983)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2021-1586.html

Plugin Details

Severity: High

ID: 149947

File Name: oraclelinux_ELSA-2021-1586.nasl

Version: 1.3

Type: local

Agent: unix

Published: 5/26/2021

Updated: 12/28/2023

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2020-9983

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:oracle:linux:8, p-cpe:/a:oracle:linux:openexr-devel, p-cpe:/a:oracle:linux:openexr-libs, p-cpe:/a:oracle:linux:accountsservice, p-cpe:/a:oracle:linux:accountsservice-devel, p-cpe:/a:oracle:linux:accountsservice-libs, p-cpe:/a:oracle:linux:atkmm, p-cpe:/a:oracle:linux:atkmm-devel, p-cpe:/a:oracle:linux:atkmm-doc, p-cpe:/a:oracle:linux:cairomm, p-cpe:/a:oracle:linux:cairomm-devel, p-cpe:/a:oracle:linux:cairomm-doc, p-cpe:/a:oracle:linux:chrome-gnome-shell, p-cpe:/a:oracle:linux:dleyna-core, p-cpe:/a:oracle:linux:dleyna-server, p-cpe:/a:oracle:linux:enchant2, p-cpe:/a:oracle:linux:enchant2-devel, p-cpe:/a:oracle:linux:gamin, p-cpe:/a:oracle:linux:gamin-devel, p-cpe:/a:oracle:linux:gdm, p-cpe:/a:oracle:linux:geoclue2, p-cpe:/a:oracle:linux:geoclue2-demos, p-cpe:/a:oracle:linux:geoclue2-devel, p-cpe:/a:oracle:linux:geoclue2-libs, p-cpe:/a:oracle:linux:geocode-glib, p-cpe:/a:oracle:linux:geocode-glib-devel, p-cpe:/a:oracle:linux:gjs, p-cpe:/a:oracle:linux:gjs-devel, p-cpe:/a:oracle:linux:glib2, p-cpe:/a:oracle:linux:glib2-devel, p-cpe:/a:oracle:linux:glib2-doc, p-cpe:/a:oracle:linux:glib2-fam, p-cpe:/a:oracle:linux:glib2-static, p-cpe:/a:oracle:linux:glib2-tests, p-cpe:/a:oracle:linux:glibmm24, p-cpe:/a:oracle:linux:glibmm24-devel, p-cpe:/a:oracle:linux:glibmm24-doc, p-cpe:/a:oracle:linux:gnome-boxes, p-cpe:/a:oracle:linux:gnome-classic-session, p-cpe:/a:oracle:linux:gnome-control-center, p-cpe:/a:oracle:linux:gnome-control-center-filesystem, p-cpe:/a:oracle:linux:gnome-online-accounts, p-cpe:/a:oracle:linux:gnome-online-accounts-devel, p-cpe:/a:oracle:linux:gnome-photos, p-cpe:/a:oracle:linux:gnome-photos-tests, p-cpe:/a:oracle:linux:gnome-settings-daemon, p-cpe:/a:oracle:linux:gnome-shell, p-cpe:/a:oracle:linux:gnome-shell-extension-apps-menu, p-cpe:/a:oracle:linux:gnome-shell-extension-auto-move-windows, p-cpe:/a:oracle:linux:gnome-shell-extension-common, p-cpe:/a:oracle:linux:gnome-shell-extension-dash-to-dock, p-cpe:/a:oracle:linux:gnome-shell-extension-desktop-icons, p-cpe:/a:oracle:linux:gnome-shell-extension-disable-screenshield, p-cpe:/a:oracle:linux:gnome-shell-extension-drive-menu, p-cpe:/a:oracle:linux:gnome-shell-extension-horizontal-workspaces, p-cpe:/a:oracle:linux:gnome-shell-extension-launch-new-instance, p-cpe:/a:oracle:linux:gnome-shell-extension-native-window-placement, p-cpe:/a:oracle:linux:gnome-shell-extension-no-hot-corner, p-cpe:/a:oracle:linux:gnome-shell-extension-panel-favorites, p-cpe:/a:oracle:linux:gnome-shell-extension-places-menu, p-cpe:/a:oracle:linux:gnome-shell-extension-screenshot-window-sizer, p-cpe:/a:oracle:linux:gnome-shell-extension-systemmonitor, p-cpe:/a:oracle:linux:gnome-shell-extension-top-icons, p-cpe:/a:oracle:linux:gnome-shell-extension-updates-dialog, p-cpe:/a:oracle:linux:gnome-shell-extension-user-theme, p-cpe:/a:oracle:linux:gnome-shell-extension-window-grouper, p-cpe:/a:oracle:linux:gnome-shell-extension-window-list, p-cpe:/a:oracle:linux:gnome-shell-extension-windowsnavigator, p-cpe:/a:oracle:linux:gnome-shell-extension-workspace-indicator, p-cpe:/a:oracle:linux:gnome-software, p-cpe:/a:oracle:linux:gnome-terminal, p-cpe:/a:oracle:linux:gnome-terminal-nautilus, p-cpe:/a:oracle:linux:gtk-doc, p-cpe:/a:oracle:linux:gtk2, p-cpe:/a:oracle:linux:gtk2-devel, p-cpe:/a:oracle:linux:gtk2-devel-docs, p-cpe:/a:oracle:linux:gtk2-immodule-xim, p-cpe:/a:oracle:linux:gtk2-immodules, p-cpe:/a:oracle:linux:gtkmm24, p-cpe:/a:oracle:linux:gtkmm24-devel, p-cpe:/a:oracle:linux:gtkmm24-docs, p-cpe:/a:oracle:linux:gtkmm30, p-cpe:/a:oracle:linux:gtkmm30-devel, p-cpe:/a:oracle:linux:gtkmm30-doc, p-cpe:/a:oracle:linux:gvfs, p-cpe:/a:oracle:linux:gvfs-afc, p-cpe:/a:oracle:linux:gvfs-afp, p-cpe:/a:oracle:linux:gvfs-archive, p-cpe:/a:oracle:linux:gvfs-client, p-cpe:/a:oracle:linux:gvfs-devel, p-cpe:/a:oracle:linux:gvfs-fuse, p-cpe:/a:oracle:linux:gvfs-goa, p-cpe:/a:oracle:linux:gvfs-gphoto2, p-cpe:/a:oracle:linux:gvfs-mtp, p-cpe:/a:oracle:linux:gvfs-smb, p-cpe:/a:oracle:linux:libdazzle, p-cpe:/a:oracle:linux:libdazzle-devel, p-cpe:/a:oracle:linux:libepubgen, p-cpe:/a:oracle:linux:libepubgen-devel, p-cpe:/a:oracle:linux:libsass, p-cpe:/a:oracle:linux:libsass-devel, p-cpe:/a:oracle:linux:libsigc%2b%2b20, p-cpe:/a:oracle:linux:libsigc%2b%2b20-devel, p-cpe:/a:oracle:linux:libsigc%2b%2b20-doc, p-cpe:/a:oracle:linux:libvisual, p-cpe:/a:oracle:linux:libvisual-devel, p-cpe:/a:oracle:linux:mutter, p-cpe:/a:oracle:linux:mutter-devel, p-cpe:/a:oracle:linux:nautilus, p-cpe:/a:oracle:linux:nautilus-devel, p-cpe:/a:oracle:linux:pangomm-doc, p-cpe:/a:oracle:linux:soundtouch, p-cpe:/a:oracle:linux:soundtouch-devel, p-cpe:/a:oracle:linux:vala, p-cpe:/a:oracle:linux:woff2, p-cpe:/a:oracle:linux:woff2-devel, p-cpe:/a:oracle:linux:nautilus-extensions, p-cpe:/a:oracle:linux:pangomm, p-cpe:/a:oracle:linux:pangomm-devel, p-cpe:/a:oracle:linux:vala-devel, p-cpe:/a:oracle:linux:webkit2gtk3, p-cpe:/a:oracle:linux:webkit2gtk3-devel, p-cpe:/a:oracle:linux:webkit2gtk3-jsc, p-cpe:/a:oracle:linux:webkit2gtk3-jsc-devel

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/25/2021

Vulnerability Publication Date: 6/28/2019

Reference Information

CVE: CVE-2019-13012, CVE-2020-13543, CVE-2020-13584, CVE-2020-9948, CVE-2020-9951, CVE-2020-9983