Metadata-Version: 2.1
Name: cvehound
Version: 0.2.0
Summary: A tool to check linux kernel source dump for known CVEs
Home-page: http://github.com/evdenis/cvehound
Author: Denis Efremov
Author-email: efremov@linux.com
License: GPLv3
Description: ![tests](https://github.com/evdenis/cvehound/workflows/test/badge.svg)
        # CVEhound
        
        CVEhound is a tool for checking linux sources for known CVEs.
        The tool is based on [coccinelle](https://coccinelle.gitlabpages.inria.fr/website/)
        rules and grep patterns. The tool checks sources for vulnerable
        code patterns of known CVEs and missing fixes for them.
        
        - **What:** The tool tries to find "unfixed" code of known CVEs;
        - **How:** The tool uses [coccinelle/grep](cvehound/cve) rules with patterns that helps to detect known CVE bugs or their fixes. Thus, sources are checked either for a presence of "unfixed" code pieces (e.g. [CVE-2020-12912](cvehound/cve/CVE-2020-12912.cocci)), or for an absence of a fix (e.g. [CVE-2020-27068](cvehound/cve/CVE-2020-27068.grep));
        - **Why:** If you have a git log then it's easier to check what CVEs are fixed based on a git history. However, many vendors (samsung, huawei, various iot, routers manufacturers) publish kernel sources as archives without git history. In most cases their kernels are based on LTS kernels, but versions are far from upstream. Linux version string from Makefile will only give you an information about what CVEs were fixed by kernel developers upto this version. It will not help you to understand what fixes were backported by a vendor itself. In this case it's possible to apply the tool and check "missing" CVE fixes.
        
        ## Prerequisites
        
        - Python 3 (>=3.5)
        - pip (Python package manager)
        - grep with pcre support (-P flag)
        - coccinelle (>= 1.0.4)
        
        Install prerequisites:
        ``` shell
        # Ubuntu
        $ sudo apt install python3-pip coccinelle
        # Fedora
        $ sudo dnf install python3-pip coccinelle
        ```
        
        ## Installation
        
        To install the latest stable version just run the following command:
        
        ``` shell
        $ python3 -m pip install --user cvehound
        ```
        
        For development purposes you may install cvehound in "editable" mode
        directly from the repository (clone it on your computer beforehand):
        
        ``` shell
        $ pip install -e .
        ```
        
        ## How to use
        
        The simplest way to start using CVEhound is to run the following command:
        
        ``` shell
        $ cvehound --dir ~/workspace/linux
        Found: CVE-2020-27830
        Found: CVE-2020-27152
        Found: CVE-2020-29371
        Found: CVE-2020-26088
        ```
        
        where *dir* should point to linux kernel sources. CVEhound will check the
        sources for all cve patterns that you can find in [cve dir](/cvehound/cve/).
        To check the sources for particular CVEs one can use:
        
        ``` shell
        $ cvehound --dir ~/workspace/linux --verbose --cve CVE-2020-27194 CVE-2020-29371
        Checking: CVE-2020-27194
        Found: CVE-2020-27194
        MSG: bpf: Fix scalar32_min_max_or bounds tracking
        CWE: Improper Restriction of Operations within the Bounds of a Memory Buffer
        DATE: 2020-11-03
        
        Checking: CVE-2020-29371
        Found: CVE-2020-29371
        MSG: romfs: fix uninitialized memory leak in romfs_dev_read()
        CWE: Use of Uninitialized Resource
        DATE: 2020-12-08
        ```
        
        
Keywords: cve,linux,kernel,spatch,cve-scanning,coccinelle
Platform: UNKNOWN
Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3)
Classifier: Operating System :: POSIX :: Linux
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Requires-Python: >=3.5
Description-Content-Type: text/markdown
Provides-Extra: tests
