cve-2020-11932.sh

#!/bin/bash
#https://github.com/Staubgeborener/CVE-2020-11932

#subiquity-curtin-install.conf:
echo "Checking subiquity-curtin-install.conf:"
grep "key: " /var/log/installer/subiquity-curtin-install.conf | sed 's/^.....\(.*\).$/\1/'
key1=$(grep -oP '(?<=key: ).*(?=, preserve)' /var/log/installer/subiquity-curtin-install.conf)

#curtin-install-cfg.yaml
echo -e "\nChecking curtin-install-cfg.yaml:"
grep "key: " /var/log/installer/curtin-install-cfg.yaml | sed 's/^....//'
key2=$(grep "key: " /var/log/installer/curtin-install-cfg.yaml | sed 's/^.........//')

#curtin-install.log
echo -e "\nChecking curtin-install.log:"
grep "'key" /var/log/installer/curtin-install.log
key3=$(grep "'key" /var/log/installer/curtin-install.log)

#installer-journal.txt
echo -e "\nChecking installer-journal.txt:"
grep -oP "(?<='key':).*(?=, 'preserve')" /var/log/installer/installer-journal.txt
key4=$(grep -oP "(?<='key':).*(?=, 'preserve')" /var/log/installer/installer-journal.txt | tr "'" " " | awk '{print $1;}')

#autoinstall-user-data
echo -e "\nChecking autoinstall-user-data:"
grep "key: " /var/log/installer/autoinstall-user-data | sed 's/^......\(.*\).$/\1/'
key5=$(grep -oP '(?<=key: ).*(?=, preserve)' /var/log/installer/autoinstall-user-data)

if [ -z "$key1" ] && [ -z "$key2" ] && [ -z "$key3" ] && [ -z "$key4" ] && [ -z "$key5" ]; then
	echo -e "\n\nCVE-2020-11932 potentially not at risk on this $(lsb_release -si) $(lsb_release -r)"
else
	echo -e "\n\nCVE-2020-11932 vulnerability on this $(lsb_release -si) $(lsb_release -r) !\n\n Found:\nkey1: $key1\nkey2: $key2\nkey3: $key3\nkey4: $key4\nkey5: $key5"
fi