CVE-2023-4911_scan.sh

#!/bin/bash
#$t@$h

find_glibc_file() {
    find / -name "dl-tunables.c" 2>/dev/null
}

# Signatures thanks to SystemTap
check_vulnerability_signatures() {
    local glibc_file_path=$(find_glibc_file)

    if [[ -z "$glibc_file_path" ]]; then
        echo "glibc dl-tunables.c file not found."
        return 1
    fi

    local signature1="parse_tunables (char *tunestr, char *valstring)"
    local signature2="if (p[len] == '\\0')"
    local signature3="for (size_t i = 0; i < sizeof (tunable_list) / sizeof (tunable_t); i++)"

    grep -q "$signature1" "$glibc_file_path" &&
    grep -q "$signature2" "$glibc_file_path" &&
    grep -q "$signature3" "$glibc_file_path"
}

glibc_version=$(ldd --version | head -n 1 | awk '{print $NF}')

# From RH CVE report
fixed_version="2.37-r7"

# Check glibc version
if [[ "$glibc_version" < "$fixed_version" ]]; then
    echo "glibc version is earlier than patched. Investigating:"
    if check_vulnerability_signatures; then
        echo "!!!Potential vulnerability signatures found in glibc version: $glibc_version"
    else
        echo "No vulnerability signatures found but glibc not updated: $glibc_version"
    fi
else
    echo "glibc version is $glibc_version, which is solid"
fi