Detections
Analytics

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0059)

high Nessus Plugin ID 187321

Synopsis

The remote NewStart CGSL host is affected by multiple vulnerabilities.

Description

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities:

 - A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed.
 This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. (CVE-2022-0435)

 - In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c. (CVE-2020-14416)

 - A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. (CVE-2022-0330)

 - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)

 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2022-3542)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the vulnerable CGSL kernel packages. Note that updated packages may not be available yet. Please contact ZTE for more information.

See Also

https://security.gd-linux.com/notice/NS-SA-2023-0059

https://security.gd-linux.com/info/CVE-2020-14416

https://security.gd-linux.com/info/CVE-2022-0330

https://security.gd-linux.com/info/CVE-2022-0435

https://security.gd-linux.com/info/CVE-2022-2639

https://security.gd-linux.com/info/CVE-2022-3545

https://security.gd-linux.com/info/CVE-2022-3586

https://security.gd-linux.com/info/CVE-2022-3594

https://security.gd-linux.com/info/CVE-2022-40768

https://security.gd-linux.com/info/CVE-2022-41218

https://security.gd-linux.com/info/CVE-2022-43750

Plugin Details

Severity: High

ID: 187321

File Name: newstart_cgsl_NS-SA-2023-0059_kernel.nasl

Version: 1.3

Type: local

Published: 12/27/2023

Updated: 9/25/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.9

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-0435

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:zte:cgsl_main:kernel, p-cpe:/a:zte:cgsl_main:kernel-abi-whitelists, p-cpe:/a:zte:cgsl_main:kernel-debug, p-cpe:/a:zte:cgsl_main:kernel-tools-libs-devel, p-cpe:/a:zte:cgsl_main:kernel-sign-keys, cpe:/o:zte:cgsl_main:6, p-cpe:/a:zte:cgsl_main:kernel-debug-core, p-cpe:/a:zte:cgsl_main:kernel-debug-modules, p-cpe:/a:zte:cgsl_main:kernel-debug-modules-internal, p-cpe:/a:zte:cgsl_main:kernel-ipaclones-internal, p-cpe:/a:zte:cgsl_main:kernel-modules, p-cpe:/a:zte:cgsl_main:kernel-modules-internal, p-cpe:/a:zte:cgsl_main:kernel-selftests-internal, p-cpe:/a:zte:cgsl_main:kernel-debug-devel, p-cpe:/a:zte:cgsl_main:kernel-devel, p-cpe:/a:zte:cgsl_main:kernel-headers, p-cpe:/a:zte:cgsl_main:kernel-tools, p-cpe:/a:zte:cgsl_main:kernel-tools-libs, p-cpe:/a:zte:cgsl_main:perf, p-cpe:/a:zte:cgsl_main:bpftool, p-cpe:/a:zte:cgsl_main:kernel-core, p-cpe:/a:zte:cgsl_main:kernel-cross-headers, p-cpe:/a:zte:cgsl_main:kernel-debug-modules-extra, p-cpe:/a:zte:cgsl_main:kernel-modules-extra, p-cpe:/a:zte:cgsl_main:python3-perf

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/ZTE-CGSL/release, Host/ZTE-CGSL/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/25/2023

Vulnerability Publication Date: 2/21/2020

Reference Information

CVE: CVE-2020-14416, CVE-2022-0330, CVE-2022-0435, CVE-2022-2639, CVE-2022-3545, CVE-2022-3586, CVE-2022-3594, CVE-2022-40768, CVE-2022-41218, CVE-2022-43750