How to find Patch Number or Command Execution Vulnerability(CVE) has been installed in RHEL/OEL/Centos





CVE, short for Common Vulnerabilities and Exposures, is a list of publicly disclosed computer security flaws. The security flaw that's been assigned a CVE ID number.

We use the rpm command to find the CVE. Each rpm package stores information about patches including date, small description, and CVE number. 
Use the -q query option to display change information for the package.

 
rpm –changelog option

Use the command as follows:

rpm -q --changelog {package-name}
rpm -q --changelog {package-name} | more
rpm -q --changelog {package-name} | grep CVE-NUMBER

If we want to find out if CVE-2015-3183 has been applied to httpd package or not, enter:

# rpm -q --changelog httpd|grep CVE-2015-3183


Find for a kernel

# rpm -q --changelog kernel| more

OR
# rpm -q --changelog httpd | more

Sample output:


# rpm -q --changelog httpd |grep -i CVE
- updated patch for CVE-2016-8743
- Resolves: #1412975 - CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 httpd: various
- add security fix for CVE-2016-5387
- core: fix chunk header parsing defect (CVE-2015-3183)
  and ap_force_authn hook (CVE-2015-3185)
- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
- mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)
- mod_cgid: add security fix for CVE-2014-0231 (#1120608)
- mod_proxy: add security fix for CVE-2014-0117 (#1120608)
- mod_deflate: add security fix for CVE-2014-0118 (#1120608)
- mod_status: add security fix for CVE-2014-0226 (#1120608)
- mod_cache: add secutiry fix for CVE-2013-4352 (#1120608)
- mod_dav: add security fix for CVE-2013-6438 (#1077907)
- mod_log_config: add security fix for CVE-2014-0098 (#1077907)



Find CVE for an rpm file

The above command will query the installed package only. To query the rpm file use the below.

# rpm -qp --changelog httpd-1.3.0-1.noarch.rpm | more






If you like please follow and comment