Detections
Analytics
NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2023-0017)
high Nessus Plugin ID 174091
Synopsis
The remote NewStart CGSL host is affected by multiple vulnerabilities.Description
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities:- net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)
- A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity. (CVE-2020-14386)
- An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (CVE-2021-22543)
- A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.
This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space (CVE-2021-22555)
- net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. (CVE-2021-32399)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade the vulnerable CGSL kernel packages. Note that updated packages may not be available yet. Please contact ZTE for more information.See Also
http://security.gd-linux.com/notice/NS-SA-2023-0017
http://security.gd-linux.com/info/CVE-2020-14386
http://security.gd-linux.com/info/CVE-2021-3715
http://security.gd-linux.com/info/CVE-2021-22543
http://security.gd-linux.com/info/CVE-2021-22555
http://security.gd-linux.com/info/CVE-2021-32399
http://security.gd-linux.com/info/CVE-2021-37576
http://security.gd-linux.com/info/CVE-2022-0330
http://security.gd-linux.com/info/CVE-2022-0492
http://security.gd-linux.com/info/CVE-2022-1011
http://security.gd-linux.com/info/CVE-2022-1016
http://security.gd-linux.com/info/CVE-2022-2639
http://security.gd-linux.com/info/CVE-2022-3586
http://security.gd-linux.com/info/CVE-2022-3594
http://security.gd-linux.com/info/CVE-2022-32250
http://security.gd-linux.com/info/CVE-2022-40768
http://security.gd-linux.com/info/CVE-2022-41218
Plugin Details
Severity: High
ID: 174091
File Name: newstart_cgsl_NS-SA-2023-0017_kernel.nasl
Version: 1.5
Type: local
Published: 4/11/2023
Updated: 9/25/2025
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.7
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 6.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2022-32250
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS v4
Risk Factor: High
Base Score: 8.7
Threat Score: 8.7
Threat Vector: CVSS:4.0/E:A
Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L
CVSS Score Source: CVE-2021-22543
Vulnerability Information
CPE: p-cpe:/a:zte:cgsl_main:kernel-tools-debuginfo, p-cpe:/a:zte:cgsl_main:kernel-tools-libs, p-cpe:/a:zte:cgsl_core:kernel-headers, p-cpe:/a:zte:cgsl_core:kernel-abi-whitelists, p-cpe:/a:zte:cgsl_core:kernel-devel, p-cpe:/a:zte:cgsl_main:kernel-abi-whitelists, p-cpe:/a:zte:cgsl_main:kernel, p-cpe:/a:zte:cgsl_main:bpftool, p-cpe:/a:zte:cgsl_main:kernel-debug, p-cpe:/a:zte:cgsl_main:kernel-headers, cpe:/o:zte:cgsl_main:5, p-cpe:/a:zte:cgsl_core:kernel-debuginfo-common-x86_64, p-cpe:/a:zte:cgsl_core:kernel-debuginfo, p-cpe:/a:zte:cgsl_core:kernel-tools-libs-devel, p-cpe:/a:zte:cgsl_core:kernel-tools, p-cpe:/a:zte:cgsl_core:bpftool, p-cpe:/a:zte:cgsl_core:kernel, p-cpe:/a:zte:cgsl_core:kernel-tools-debuginfo, p-cpe:/a:zte:cgsl_core:kernel-debug-debuginfo, p-cpe:/a:zte:cgsl_main:kernel-debuginfo-common-x86_64, p-cpe:/a:zte:cgsl_main:kernel-debug-devel, p-cpe:/a:zte:cgsl_core:kernel-debug-modules, p-cpe:/a:zte:cgsl_main:kernel-tools-libs-devel, p-cpe:/a:zte:cgsl_main:kernel-debuginfo, cpe:/o:zte:cgsl_core:5, p-cpe:/a:zte:cgsl_main:kernel-debug-debuginfo, p-cpe:/a:zte:cgsl_main:python-perf, p-cpe:/a:zte:cgsl_main:perf-debuginfo, p-cpe:/a:zte:cgsl_core:python-perf, p-cpe:/a:zte:cgsl_core:perf, p-cpe:/a:zte:cgsl_core:perf-debuginfo, p-cpe:/a:zte:cgsl_main:perf, p-cpe:/a:zte:cgsl_core:python-perf-debuginfo, p-cpe:/a:zte:cgsl_core:kernel-core, p-cpe:/a:zte:cgsl_core:kernel-modules, p-cpe:/a:zte:cgsl_core:kernel-debug-devel, p-cpe:/a:zte:cgsl_core:kernel-debug-core, p-cpe:/a:zte:cgsl_main:kernel-devel, p-cpe:/a:zte:cgsl_core:kernel-tools-libs, p-cpe:/a:zte:cgsl_main:python-perf-debuginfo, p-cpe:/a:zte:cgsl_main:kernel-tools
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/ZTE-CGSL/release, Host/ZTE-CGSL/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 4/11/2023
Vulnerability Publication Date: 9/4/2020
Exploitable With
CANVAS (CANVAS)
Core Impact
Metasploit (Netfilter x_tables Heap OOB Write Privilege Escalation)
Reference Information
CVE: CVE-2020-14386, CVE-2021-22543, CVE-2021-22555, CVE-2021-32399, CVE-2021-3715, CVE-2021-37576, CVE-2022-0330, CVE-2022-0492, CVE-2022-1011, CVE-2022-1016, CVE-2022-2639, CVE-2022-32250, CVE-2022-3586, CVE-2022-3594, CVE-2022-40768, CVE-2022-41218, CVE-2022-41850, CVE-2022-43750