[cve] Improved cve-2022-0847

cve/cve-2022-0847.sh

@@ -42,37 +42,42 @@ lse_cve_id="cve-2022-0847"
 lse_cve_description="Dirty Pipe vulnerability"
 
 lse_cve_test() { #(
-  local kernel="`uname -r`"
-  v1=$(echo "$kernel" | cut -d '-' -f1 | cut -d '.' -f1)
-  v2=$(echo "$kernel" | cut -d '-' -f1 | cut -d '.' -f2)
-  v3=$(echo "$kernel" | cut -d '-' -f1 | cut -d '.' -f3)
+  local kernel
+  local kernel_distro
+  kernel=$(uname -r | cut -d- -f1)
+  kernel_distro=$(uname -r)
+  v1=$(echo "$kernel" | cut -d '.' -f1)
+  v2=$(echo "$kernel" | cut -d '.' -f2)
+  v3=$(echo "$kernel" | cut -d '.' -f3)
   v1=${v1:-0};v2=${v2:-0};v3=${v3:-0};
 
-  if [ "$v1" = 5 ] && [ $((v2)) -lt 8 ] ||
-    [ "$v1" = 5 ] && [ "$v2" = 10 ] && [ $((v3)) -ge 102 ] ||
-    [ "$v1" = 5 ] && [ "$v2" = 15 ] && [ $((v3)) -ge 25 ] ||
-    [ "$v1" = 5 ] && [ "$v2" = 16 ] && [ $((v3)) -ge 11 ] ||
-    [ "$v1" = 5 ] && [ $((v2)) -gt 16 ];
-  then
-      # Not vulnerable
-      local vulnerable=false
-  else
-      # Possibly vulnerable
-      local vulnerable=true
+  if [ "$v1" = 5 ]; then
+    if [ $((v2)) -lt 8 ] ||
+      [ "$v2" = 10 ] && [ $((v3)) -ge 102 ] ||
+      [ "$v2" = 15 ] && [ $((v3)) -ge 25 ] ||
+      [ "$v2" = 16 ] && [ $((v3)) -ge 11 ] ||
+      [ $((v2)) -gt 16 ]
+    then
+        # Not vulnerable
+        exit 1
+    fi
   fi
 
   case "$lse_distro_codename" in
     debian)
       if [ "$v1" = 5 ] && [ "$v2" = 10 ] && [ $((v3)) -ge 92 ]; then
-        vulnerable=false
+        # Not vulnerable
+        exit 1
       fi
       ;;
     ubuntu)
-      lse_is_version_bigger "$kernel" "5.13.0-35.39" && vulnerable=false
+      if lse_is_version_bigger "$kernel_distro" "5.13.0-35.39"; then
+        # Not vulnerable
+        exit 1
+      fi
       ;;
   esac
 
-  if $vulnerable; then
-    echo "$kernel"
-  fi
+  # Vulnerable
+  echo "$kernel_distro"
 } #)