34 lines
890 B
Python
34 lines
890 B
Python
#!/usr/bin/env python3
|
|
|
|
# Define the entry
|
|
|
|
def sysctl() -> list:
|
|
sysctl = list()
|
|
|
|
# https://access.redhat.com/security/sysctl/sysctl-2023-0179
|
|
sysctl.append({
|
|
"from": "cve",
|
|
"id": "cve-2023-0179",
|
|
"description": "A buffer overflow vulnerability was be found in Linux system. An hacker can allow privilege escalation through Netfilter subsystem",
|
|
"flag": "kernel.unprivileged_userns_clone",
|
|
"value": 0,
|
|
"level": "medium",
|
|
"affectedSystem": ({
|
|
'linux': "Debian",
|
|
'release': 'buster',
|
|
'kernel': '4.19.249-2'
|
|
})
|
|
})
|
|
|
|
# Best practice from CIS
|
|
sysctl.append({
|
|
"from": "cis",
|
|
"id": "",
|
|
"description": "Disable IPv4 forwarding",
|
|
"flag": "net.ipv4.conf.all.forwarding",
|
|
"value": 0,
|
|
"level": "medium",
|
|
})
|
|
|
|
return sysctl
|