DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2021-41864", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-41864", "description": "prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.", "published": "2021-10-02T00:15:00", "modified": "2022-03-25T18:27:00", "epss": [{"cve": "CVE-2021-41864", "epss": 0.00045, "percentile": 0.12212, "modified": "2023-05-23"}], "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 4.6}, "severity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41864", "reporter": "cve@mitre.org", "references": ["https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a", "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/", "https://security.netapp.com/advisory/ntap-20211029-0004/", "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html", "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12", "https://www.debian.org/security/2022/dsa-5096", "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html"], "cvelist": ["CVE-2021-41864"], "immutableFields": [], "lastseen": "2023-05-23T15:45:28", "viewCount": 229, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:1988"]}, {"type": "amazon", "idList": ["ALAS2-2021-1719"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:53F8A02950D1071788BF2E23EFF823EF", "CFOUNDRY:C7BE92CF45CB8F4FCBCEA8F043427BCF", "CFOUNDRY:EFCCA8E89849350B3F5BDC16FFE250F8"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2843-1:AB8E9", "DEBIAN:DLA-2941-1:96084", "DEBIAN:DSA-5096-1:B47F5"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-41864"]}, {"type": "f5", "idList": ["F5:K11255393"]}, {"type": "fedora", "idList": ["FEDORA:0035030A605C", "FEDORA:81E9830A6E1C", "FEDORA:95EFE30A071C"]}, {"type": "ibm", "idList": ["B315A585CDBD4D516E60AAEBBA49CDD9274D016108F5F855F13CF2FE3AA0F562", "ED670677BEE7F824FAA4922AD08CFBF43478203FCCB636E589E6854737336228"]}, {"type": "mageia", "idList": ["MGASA-2021-0489", "MGASA-2021-0490"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1719.NASL", "AL2_ALASKERNEL-5_10-2022-007.NASL", "AL2_ALASKERNEL-5_4-2022-009.NASL", "AL2_ALASKERNEL-5_4-2022-027.NASL", "AL2_ALASKERNEL-5_4-2022-029.NASL", "AL2_ALASKERNEL-5_4-2022-031.NASL", "ALMA_LINUX_ALSA-2022-1988.NASL", "DEBIAN_DLA-2843.NASL", "DEBIAN_DSA-5096.NASL", "EULEROS_SA-2021-2805.NASL", "EULEROS_SA-2021-2912.NASL", "EULEROS_SA-2021-2919.NASL", "EULEROS_SA-2022-1046.NASL", "EULEROS_SA-2022-1208.NASL", "EULEROS_SA-2022-1227.NASL", "EULEROS_SA-2022-1376.NASL", "EULEROS_SA-2022-1402.NASL", "FEDORA_2021-79CBBEFEBE.NASL", "OPENSUSE-2021-1460.NASL", "OPENSUSE-2021-1477.NASL", "OPENSUSE-2021-3641.NASL", "OPENSUSE-2021-3655.NASL", "OPENSUSE-2021-3675.NASL", "OPENSUSE-2021-3876.NASL", "ORACLELINUX_ELSA-2021-9621.NASL", "ORACLELINUX_ELSA-2021-9623.NASL", "ORACLELINUX_ELSA-2022-1988.NASL", "PHOTONOS_PHSA-2021-4_0-0126_LINUX.NASL", "REDHAT-RHSA-2022-1975.NASL", "REDHAT-RHSA-2022-1988.NASL", "SUSE_SU-2021-3640-1.NASL", "SUSE_SU-2021-3641-1.NASL", "SUSE_SU-2021-3642-1.NASL", "SUSE_SU-2021-3655-1.NASL", "SUSE_SU-2021-3658-1.NASL", "SUSE_SU-2021-3675-1.NASL", "SUSE_SU-2021-3684-1.NASL", "SUSE_SU-2021-3692-1.NASL", "SUSE_SU-2021-3710-1.NASL", "SUSE_SU-2021-3712-1.NASL", "SUSE_SU-2021-3718-1.NASL", "SUSE_SU-2021-3723-1.NASL", "SUSE_SU-2021-3735-1.NASL", "SUSE_SU-2021-3737-1.NASL", "SUSE_SU-2021-3738-1.NASL", "SUSE_SU-2021-3742-1.NASL", "SUSE_SU-2021-3743-1.NASL", "SUSE_SU-2021-3748-1.NASL", "SUSE_SU-2021-3754-1.NASL", "SUSE_SU-2021-3876-1.NASL", "SUSE_SU-2021-3969-1.NASL", "SUSE_SU-2021-3972-1.NASL", "UBUNTU_USN-5139-1.NASL", "UBUNTU_USN-5140-1.NASL", "UBUNTU_USN-5208-1.NASL", "UBUNTU_USN-5209-1.NASL", "UBUNTU_USN-5210-1.NASL", "UBUNTU_USN-5218-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-9621", "ELSA-2021-9623", "ELSA-2022-1988"]}, {"type": "osv", "idList": ["OSV:DLA-2843-1", "OSV:DLA-2941-1", "OSV:DSA-5096-1"]}, {"type": "photon", "idList": ["PHSA-2021-0126", "PHSA-2021-3.0-0325", "PHSA-2021-4.0-0126"]}, {"type": "redhat", "idList": ["RHSA-2022:1975", "RHSA-2022:1988", "RHSA-2022:4814", "RHSA-2022:4956", "RHSA-2022:5201", "RHSA-2022:5392", "RHSA-2022:5483"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-41864"]}, {"type": "rocky", "idList": ["RLSA-2022:1975", "RLSA-2022:1988"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:1460-1", "OPENSUSE-SU-2021:1477-1", "OPENSUSE-SU-2021:3641-1", "OPENSUSE-SU-2021:3655-1", "OPENSUSE-SU-2021:3675-1", "OPENSUSE-SU-2021:3876-1"]}, {"type": "ubuntu", "idList": ["USN-5139-1", "USN-5140-1", "USN-5208-1", "USN-5209-1", "USN-5210-1", "USN-5210-2", "USN-5218-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-41864"]}, {"type": "veracode", "idList": ["VERACODE:33700"]}]}, "score": {"value": 5.7, "vector": "NONE"}, "twitter": {"counter": 4, "tweets": [{"link": "https://twitter.com/RemotelyAlerts/status/1471678711804018689", "text": "Severity: | prealloc_elems_and_freelist in kernel/bp... | CVE-2021-41864 | Link for more: https://t.co/w8IeJ9WV0B", "author": "RemotelyAlerts", "author_photo": "https://pbs.twimg.com/profile_images/1450962593066061826/Ki1BdkMd_400x400.png"}, {"link": "https://twitter.com/www_sesin_at/status/1582457791079452683", "text": "New post from https://t.co/9KYxtdZjkl (K11255393: Linux kernel vulnerability CVE-2021-41864) has been published on https://t.co/66aZXwrGpV", "author": "www_sesin_at", "author_photo": "https://pbs.twimg.com/profile_images/958100963822329858/fb_N8h5n_400x400.jpg"}, {"link": "https://twitter.com/WolfgangSesin/status/1582457787732398104", "text": "New post from https://t.co/uXvPWJy6tj (K11255393: Linux kernel vulnerability CVE-2021-41864) has been published on https://t.co/ZgRJglYrzV", "author": "WolfgangSesin", "author_photo": "https://pbs.twimg.com/profile_images/957011635369054208/Om3jbj7z_400x400.jpg"}]}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS2-2021-1719"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:53F8A02950D1071788BF2E23EFF823EF", "CFOUNDRY:C7BE92CF45CB8F4FCBCEA8F043427BCF"]}, {"type": "debian", "idList": ["DEBIAN:DSA-5096-1:B47F5"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-41864"]}, {"type": "fedora", "idList": ["FEDORA:0035030A605C", "FEDORA:81E9830A6E1C", "FEDORA:95EFE30A071C"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1719.NASL", "FEDORA_2021-79CBBEFEBE.NASL", "OPENSUSE-2021-1460.NASL", "OPENSUSE-2021-3641.NASL", "SUSE_SU-2021-3640-1.NASL", "SUSE_SU-2021-3641-1.NASL", "SUSE_SU-2021-3642-1.NASL", "SUSE_SU-2021-3972-1.NASL", "UBUNTU_USN-5140-1.NASL"]}, {"type": "photon", "idList": ["PHSA-2021-4.0-0126"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-41864"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2021:1460-1", "OPENSUSE-SU-2021:3641-1", "OPENSUSE-SU-2021:3655-1"]}, {"type": "ubuntu", "idList": ["USN-5139-1", "USN-5140-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-41864"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2021-41864", "epss": 0.00045, "percentile": 0.12107, "modified": "2023-05-03"}], "vulnersScore": 5.7}, "_state": {"dependencies": 1685064693, "score": 1684856904, "twitter": 0, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "4870ce962f8c7524a79eed1107f28a37"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:fedoraproject:fedora:34", "cpe:/o:fedoraproject:fedora:35", "cpe:/o:netapp:h300e_firmware:-", "cpe:/o:netapp:h300s_firmware:-", "cpe:/a:netapp:hci_management_node:-", "cpe:/o:netapp:h500s_firmware:-", "cpe:/a:netapp:cloud_backup:-", "cpe:/o:netapp:h410c_firmware:-", "cpe:/o:netapp:h700s_firmware:-", "cpe:/o:fedoraproject:fedora:33", "cpe:/o:netapp:h500e_firmware:-", "cpe:/o:netapp:h700e_firmware:-", "cpe:/o:netapp:solidfire_baseboard_management_controller_firmware:-", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:debian:debian_linux:10.0", "cpe:/a:netapp:solidfire:-", "cpe:/o:netapp:h410s_firmware:-"], "cpe23": ["cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"], "cwe": ["CWE-190"], "affectedSoftware": [{"cpeName": "linux:linux_kernel", "version": "5.14.12", "operator": "lt", "name": "linux linux kernel"}, {"cpeName": "fedoraproject:fedora", "version": "33", "operator": "eq", "name": "fedoraproject fedora"}, {"cpeName": "fedoraproject:fedora", "version": "34", "operator": "eq", "name": "fedoraproject fedora"}, {"cpeName": "fedoraproject:fedora", "version": "35", "operator": "eq", "name": "fedoraproject fedora"}, {"cpeName": "netapp:cloud_backup", "version": "-", "operator": "eq", "name": "netapp cloud backup"}, {"cpeName": "netapp:solidfire", "version": "-", "operator": "eq", "name": "netapp solidfire"}, {"cpeName": "netapp:hci_management_node", "version": "-", "operator": "eq", "name": "netapp hci management node"}, {"cpeName": "netapp:h410c_firmware", "version": "-", "operator": "eq", "name": "netapp h410c firmware"}, {"cpeName": "netapp:h300s_firmware", "version": "-", "operator": "eq", "name": "netapp h300s firmware"}, {"cpeName": "netapp:h500s_firmware", "version": "-", "operator": "eq", "name": "netapp h500s firmware"}, {"cpeName": "netapp:h700s_firmware", "version": "-", "operator": "eq", "name": "netapp h700s firmware"}, {"cpeName": "netapp:h300e_firmware", "version": "-", "operator": "eq", "name": "netapp h300e firmware"}, {"cpeName": "netapp:h500e_firmware", "version": "-", "operator": "eq", "name": "netapp h500e firmware"}, {"cpeName": "netapp:h700e_firmware", "version": "-", "operator": "eq", "name": "netapp h700e firmware"}, {"cpeName": "netapp:h410s_firmware", "version": "-", "operator": "eq", "name": "netapp h410s firmware"}, {"cpeName": "netapp:solidfire_baseboard_management_controller_firmware", "version": "-", "operator": "eq", "name": "netapp solidfire baseboard management controller firmware"}, {"cpeName": "debian:debian_linux", "version": "9.0", "operator": "eq", "name": "debian debian linux"}, {"cpeName": "debian:debian_linux", "version": "10.0", "operator": "eq", "name": "debian debian linux"}], "affectedConfiguration": [{"name": "netapp h410c", "cpeName": "netapp:h410c", "version": "-", "operator": "eq"}, {"name": "netapp h300s", "cpeName": "netapp:h300s", "version": "-", "operator": "eq"}, {"name": "netapp h500s", "cpeName": "netapp:h500s", "version": "-", "operator": "eq"}, {"name": "netapp h700s", "cpeName": "netapp:h700s", "version": "-", "operator": "eq"}, {"name": "netapp h300e", "cpeName": "netapp:h300e", "version": "-", "operator": "eq"}, {"name": "netapp h500e", "cpeName": "netapp:h500e", "version": "-", "operator": "eq"}, {"name": "netapp h700e", "cpeName": "netapp:h700e", "version": "-", "operator": "eq"}, {"name": "netapp h410s", "cpeName": "netapp:h410s", "version": "-", "operator": "eq"}, {"name": "netapp solidfire baseboard management controller", "cpeName": "netapp:solidfire_baseboard_management_controller", "version": "-", "operator": "eq"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.14.12:*:*:*:*:*:*:*", "versionEndExcluding": "5.14.12", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}, {"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a", "refsource": "MISC", "tags": ["Mailing List", "Patch", "Vendor Advisory"]}, {"url": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a", "name": "https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a", "refsource": "MISC", "tags": ["Patch", "Third Party Advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYKURLXBB2555ASWMPDNMBUPD6AG2JKQ/", "name": "FEDORA-2021-79cbbefebe", "refsource": "FEDORA", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7BLLVKYAIETEORUPTFO3TR3C33ZPFXQM/", "name": "FEDORA-2021-ffda3d6fa1", "refsource": "FEDORA", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAT3RERO6QBKSPJBNNRWY3D4NCGTFOS7/", "name": "FEDORA-2021-9dd76a1ed0", "refsource": "FEDORA", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://security.netapp.com/advisory/ntap-20211029-0004/", "name": "https://security.netapp.com/advisory/ntap-20211029-0004/", "refsource": "CONFIRM", "tags": ["Third Party Advisory"]}, {"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html", "name": "[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update", "refsource": "MLIST", "tags": ["Mailing List", "Third Party Advisory"]}, {"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12", "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12", "refsource": "CONFIRM", "tags": ["Mailing List", "Patch", "Vendor Advisory"]}, {"url": "https://www.debian.org/security/2022/dsa-5096", "name": "DSA-5096", "refsource": "DEBIAN", "tags": ["Third Party Advisory"]}, {"url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html", "name": "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update", "refsource": "MLIST", "tags": ["Mailing List", "Third Party Advisory"]}], "product_info": [{"vendor": "Netapp", "product": "H410c_firmware"}, {"vendor": "Debian", "product": "Debian_linux"}, {"vendor": "Netapp", "product": "Cloud_backup"}, {"vendor": "Netapp", "product": "H500s_firmware"}, {"vendor": "Linux", "product": "Linux_kernel"}, {"vendor": "Netapp", "product": "H700e_firmware"}, {"vendor": "Netapp", "product": "Solidfire"}, {"vendor": "Netapp", "product": "Hci_management_node"}, {"vendor": "Netapp", "product": "H300s_firmware"}, {"vendor": "Netapp", "product": "H300e_firmware"}, {"vendor": "Netapp", "product": "H410s_firmware"}, {"vendor": "Netapp", "product": "H500e_firmware"}, {"vendor": "Netapp", "product": "Solidfire_baseboard_management_controller_firmware"}, {"vendor": "Fedoraproject", "product": "Fedora"}, {"vendor": "Netapp", "product": "H700s_firmware"}], "solutions": [], "workarounds": [], "impacts": [], "exploits": [], "problemTypes": [], "assigned": "1976-01-01T00:00:00"}

{"oraclelinux": [{"lastseen": "2021-12-20T20:27:51", "description": "[5.4.17-2136.302.6.1]\n- rds/ib: Use both iova and key in free_mr socket call (aru kolappan) [Orabug:\n 33667276]\n[5.4.17-2136.302.6]\n- Revert fs: align IOCB_* flags with RWF_* flags (Prasad Singamsetty)\n [Orabug: 33627551]\n[5.4.17-2136.302.5]\n- Revert drm: Initialize struct drm_crtc_state.no_vblank from device settings (Somasundaram Krishnasamy) [Orabug: 33611832]\n- Revert drm/atomic-helper: reset vblank on crtc reset (Somasundaram Krishnasamy) [Orabug: 33611832]\n- net/mlx5: E-Switch, Support flow source for local vport (Hamdan Igbaria) [Orabug: 29444833]\n- net/mlx5e: E-Switch, Specify flow_source for rule with no in_port (Jianbo Liu) [Orabug: 29444833]\n- net/mlx5e: E-Switch, Add misc bit when misc fields changed for mirroring (Jianbo Liu) [Orabug: 29444833]\n- uek-rpm: configs: disable CONFIG_READ_ONLY_THP_FOR_FS (Todd Vierling) [Orabug: 33538583]\n- uek-rpm: Remove CONFIG_CC_HAS_WARN_MAYBE_UNINITIALIZED=y and CONFIG_CC_DISABLE_WARN_MAYBE_UNINITIALIZED=y for uek6/u3 (Sherry Yang) [Orabug: 33580598]\n- Stop the ad-hoc games with -Wno-maybe-initialized (Linus Torvalds) [Orabug: 33580598]\n- x86/clear_page: add alternative for clear_page_clzero() (Ankur Arora) [Orabug: 33580824]\n- x86/asm: add clzero based page clearing (Ankur Arora) [Orabug: 33580824]\n- x86/cpu/amd: enable X86_FEATURE_NT_GOOD on all AMD Zen models (Ankur Arora) [Orabug: 33580824]\n- uek-rpm: Add smartpqi driver module in ueknano kernel (Somasundaram Krishnasamy) [Orabug: 33596873]\n[5.4.17-2136.302.4]\n- KVM: nSVM: Copy vmcb12 nRIP field to vmcb02 (Maciej S. Szmigiero) [Orabug: 33590307]\n- KVM: nSVM: Log nRIP of L1 and L2 guest VMCB in nested VMRUN tracepoint (Maciej S. Szmigiero) [Orabug: 33590307]\n- KVM: nSVM: move nested vmrun tracepoint to enter_svm_guest_mode (Maxim Levitsky) [Orabug: 33590307]\n- x86/platform/uv: Add uv_hub_info_s to UEK KABI (John Donnelly) [Orabug: 33397019]\n- x86/platform/uv: Modify order of fields in uv_hub_info_s to avoid panic (Steve Wahl) [Orabug: 33397019]\n- arm64/bpf: remove 128MB limit for BPF JIT programs (Russell King) [Orabug: 33518795]\n- kernfs: dont create a negative dentry if inactive node exists (Ian Kent) [Orabug: 33548753]\n- kernfs: also call kernfs_set_rev() for positive dentry (Hou Tao) [Orabug: 33548753]\n- kernfs: dont call d_splice_alias() under kernfs node lock (Ian Kent) [Orabug: 33548753]\n- kernfs: use i_lock to protect concurrent inode updates (Ian Kent) [Orabug: 33548753]\n- kernfs: switch kernfs to use an rwsem (Ian Kent) [Orabug: 33548753]\n- kernfs: use VFS negative dentry caching (Ian Kent) [Orabug: 33548753]\n- kernfs: add a revision to identify directory node changes (Ian Kent) [Orabug: 33548753]\n- selftests: breakpoints: Fix a typo of function name (Masami Hiramatsu) [Orabug: 33577735]\n- Revert net/rds: Allocate pages on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Allocate rds_ib_{incoming,frag}_slab on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Use the same vector for send & receive (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Get rid of tasklets (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Put more CPU cores to work (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Make workers use the designated CPU (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Use the preferred_cpu in rds_queue_{,delayed}_work (Gerd Rausch) [Orabug: 33590962]\n- Revert net/mlx5: Add new verb ib_get_vector_irqn (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Add preferred_cpu option to rds_rdma.ko (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Follow the observed CQ CPU affinity (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Throttle check for CQ CPU affinity (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Bring tasklets back for better latency (Gerd Rausch) [Orabug: 33590962]\n- Revert IB/mlx4: Implement backend callback for ib_get_vector_irqn (Gerd Rausch) [Orabug: 33590962]\n[5.4.17-2136.302.2]\n- x86, sched: Treat Intel SNC topology as default, COD as exception (Alison Schofield) [Orabug: 32921559]\n- x86/kernel: Convert to new CPU match macros (Thomas Gleixner) [Orabug: 32921559]\n- net/mlx5: Disable mr_cache for SFs (Mikhael Goikhman) [Orabug: 33523558]\n- xfs: punch out data fork delalloc blocks on COW writeback failure (Brian Foster) [Orabug: 33571340]\n- scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() (Dexuan Cui) [Orabug: 33548142]\n- uek-rpm: Enable CONFIG_CPU_FREQ_GOV_SCHEDUTIL for x86_64 kernels (Dave Kleikamp) [Orabug: 33564971]\n[5.4.17-2136.302.1]\n- arm64: Kconfig: enable MADV_DOEXEC functionality (Anthony Yznaga) [Orabug: 33428617]\n- bpf: Fix integer overflow in prealloc_elems_and_freelist() (Tatsuhiko Yasumatsu) [Orabug: 33431722] {CVE-2021-41864}\n- xen/netfront: stop tx queues during live migration (Dongli Zhang) [Orabug: 33536399]\n- Revert xfs: Lower CIL flush limit for large logs (Catherine Hoang) [Orabug: 33536463]\n- Revert xfs: Throttle commits on delayed background CIL push (Catherine Hoang) [Orabug: 33536463]\n- nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN (Dai Ngo) [Orabug: 33536966]\n- nfsd: handle repeated BIND_CONN_TO_SESSION (J. Bruce Fields) [Orabug: 33536966]\n- rds: ib: Fix bug when comp_vector is IB_CQ_FORCE_ZERO_CV (Hakon Bugge) [Orabug: 33538397]\n[5.4.17-2136.302.0]\n- LTS tag: v5.4.152 (Jack Vogel) \n- libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. (Kate Hsuan) \n- silence nfscache allocation warnings with kvzalloc (Rik van Riel) \n- perf/x86: Reset destroy callback on event init failure (Anand K Mistry) \n- kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[] (Fares Mehanna) \n- KVM: do not shrink halt_poll_ns below grow_start (Sergey Senozhatsky) \n- tools/vm/page-types: remove dependency on opt_file for idle page tracking (Changbin Du) \n- scsi: ses: Retry failed Send/Receive Diagnostic commands (Wen Xiong) \n- selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn (Shuah Khan) \n- selftests: be sure to make khdr before other targets (Li Zhijian) \n- usb: dwc2: check return value after calling platform_get_resource() (Yang Yingliang) \n- usb: testusb: Fix for showing the connection speed (Faizel K B) \n- scsi: sd: Free scsi_disk device via put_device() (Ming Lei) \n- ext2: fix sleeping in atomic bugs on error (Dan Carpenter) \n- sparc64: fix pci_iounmap() when CONFIG_PCI is not set (Linus Torvalds) \n- xen-netback: correct success/error reporting for the SKB-with-fraglist case (Jan Beulich) \n- net: mdio: introduce a shutdown method to mdio device drivers (Vladimir Oltean) \n- LTS tag: v5.4.151 (Jack Vogel) \n- HID: usbhid: free raw_report buffers in usbhid_stop (Anirudh Rayabharam) \n- netfilter: ipset: Fix oversized kvmalloc() calls (Jozsef Kadlecsik) \n- HID: betop: fix slab-out-of-bounds Write in betop_probe (F.A.Sulaiman) \n- usb: hso: remove the bailout parameter (Dongliang Mu) \n- libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind (sumiyawang) \n- PCI: Fix pci_host_bridge struct device release/free handling (Rob Herring) \n- net: stmmac: dont attach interface until resume finishes (Leon Yu) \n- net: udp: annotate data race around udp_sk(sk)->corkflag (Eric Dumazet) \n- HID: u2fzero: ignore incomplete packets without data (Andrej Shadura) \n- ext4: fix potential infinite loop in ext4_dx_readdir() (yangerkun) \n- ext4: fix reserved space counter leakage (Jeffle Xu) \n- ext4: fix loff_t overflow in ext4_max_bitmap_size() (Ritesh Harjani) \n- ipack: ipoctal: fix module reference leak (Johan Hovold) \n- ipack: ipoctal: fix missing allocation-failure check (Johan Hovold) \n- ipack: ipoctal: fix tty-registration error handling (Johan Hovold) \n- ipack: ipoctal: fix tty registration race (Johan Hovold) \n- ipack: ipoctal: fix stack information leak (Johan Hovold) \n- debugfs: debugfs_create_file_size(): use IS_ERR to check for error (Nirmoy Das) \n- elf: dont use MAP_FIXED_NOREPLACE for elf interpreter mappings (Chen Jingwen) \n- perf/x86/intel: Update event constraints for ICX (Kan Liang) \n- af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (Eric Dumazet) \n- net: sched: flower: protect fl_walk() with rcu (Vlad Buslov) \n- net: hns3: do not allow call hns3_nic_net_open repeatedly (Jian Shen) \n- scsi: csiostor: Add module softdep on cxgb4 (Rahul Lakkireddy) \n- Revert block, bfq: honor already-setup queue merges (Jens Axboe) \n- selftests, bpf: test_lwt_ip_encap: Really disable rp_filter (Jiri Benc) \n- e100: fix buffer overrun in e100_get_regs (Jacob Keller) \n- e100: fix length calculation in e100_get_regs_len (Jacob Keller) \n- net: ipv4: Fix rtnexthop len when RTA_FLOW is present (Xiao Liang) \n- hwmon: (tmp421) fix rounding for negative values (Paul Fertser) \n- hwmon: (tmp421) report /PVLD condition as fault (Paul Fertser) \n- sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb (Xin Long) \n- mac80211-hwsim: fix late beacon hrtimer handling (Johannes Berg) \n- mac80211: mesh: fix potentially unaligned access (Johannes Berg) \n- mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (Lorenzo Bianconi) \n- mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug (Chih-Kang Chang) \n- hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (Vadim Pasternak) \n- ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 (Andrea Claudi) \n- drm/amd/display: Pass PCI deviceid into DC (Charlene Liu) \n- x86/kvmclock: Move this_cpu_pvti into kvmclock.h (Zelin Deng) \n- mac80211: fix use-after-free in CCMP/GCMP RX (Johannes Berg) \n- scsi: ufs: Fix illegal offset in UPIU event trace (Jonathan Hsu) \n- hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) \n- hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) \n- hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) \n- fs-verity: fix signed integer overflow with i_size near S64_MAX (Eric Biggers) \n- usb: cdns3: fix race condition before setting doorbell (Pawel Laszczak) \n- cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (James Morse) \n- cpufreq: schedutil: Use kobject release() method to free sugov_tunables (Kevin Hao) \n- tty: Fix out-of-bound vmalloc access in imageblit (Igor Matheus Andrade Torrente) \n- LTS tag: v5.4.150 (Jack Vogel) \n- qnx4: work around gcc false positive warning bug (Linus Torvalds) \n- xen/balloon: fix balloon kthread freezing (Juergen Gross) \n- arm64: dts: marvell: armada-37xx: Extend PCIe MEM space (Pali Rohar) \n- thermal/drivers/int340x: Do not set a wrong tcc offset on resume (Antoine Tenart) \n- EDAC/synopsys: Fix wrong value type assignment for edac_mode (Sai Krishna Potthuri) \n- spi: Fix tegra20 build with CONFIG_PM=n (Linus Torvalds) \n- net: 6pack: Fix tx timeout and slot time (Guenter Roeck) \n- alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile (Guenter Roeck) \n- arm64: Mark __stack_chk_guard as __ro_after_init (Dan Li) \n- parisc: Use absolute_pointer() to define PAGE0 (Helge Deller) \n- qnx4: avoid stringop-overread errors (Linus Torvalds) \n- sparc: avoid stringop-overread errors (Linus Torvalds) \n- net: i825xx: Use absolute_pointer for memcpy from fixed memory location (Guenter Roeck) \n- compiler.h: Introduce absolute_pointer macro (Guenter Roeck) \n- blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (Li Jinlin) \n- sparc32: page align size in arch_dma_alloc (Andreas Larsson) \n- nvme-multipath: fix ANA state updates when a namespace is not present (Anton Eidelman) \n- xen/balloon: use a kernel thread instead a workqueue (Juergen Gross) \n- bpf: Add oversize check before call kvcalloc() (Bixuan Cui) \n- ipv6: delay fib6_sernum increase in fib6_add (zhang kai) \n- m68k: Double cast io functions to unsigned long (Guenter Roeck) \n- net: stmmac: allow CSR clock of 300MHz (Jesper Nilsson) \n- net: macb: fix use after free on rmmod (Tong Zhang) \n- blktrace: Fix uaf in blk_trace access after removing by sysfs (Zhihao Cheng) \n- md: fix a lock order reversal in md_alloc (Christoph Hellwig) \n- irqchip/gic-v3-its: Fix potential VPE leak on error (Kaige Fu) \n- irqchip/goldfish-pic: Select GENERIC_IRQ_CHIP to fix build (Randy Dunlap) \n- scsi: lpfc: Use correct scnprintf() limit (Dan Carpenter) \n- scsi: qla2xxx: Restore initiator in dual mode (Dmitry Bogdanov) \n- cifs: fix a sign extension bug (Dan Carpenter) \n- thermal/core: Potential buffer overflow in thermal_build_list_of_policies() (Dan Carpenter) \n- fpga: machxo2-spi: Fix missing error code in machxo2_write_complete() (Jiapeng Chong) \n- fpga: machxo2-spi: Return an error on failure (Tom Rix) \n- tty: synclink_gt: rename a conflicting function name (Randy Dunlap) \n- tty: synclink_gt, drop unneeded forward declarations (Jiri Slaby) \n- scsi: iscsi: Adjust iface sysfs attr detection (Baokun Li) \n- net/mlx4_en: Dont allow aRFS for encapsulated packets (Aya Levin) \n- qed: rdma - dont wait for resources under hw error recovery flow (Shai Malin) \n- gpio: uniphier: Fix void functions to remove return value (Kunihiko Hayashi) \n- net/smc: add missing error check in smc_clc_prfx_set() (Karsten Graul) \n- bnxt_en: Fix TX timeout when TX ring size is set to the smallest (Michael Chan) \n- enetc: Fix illegal access when reading affinity_hint (Claudiu Manoil) \n- platform/x86/intel: punit_ipc: Drop wrong use of ACPI_PTR() (Andy Shevchenko) \n- afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation (David Howells) \n- net: hso: fix muxed tty registration (Johan Hovold) \n- serial: mvebu-uart: fix drivers tx_empty callback (Pali Rohar) \n- xhci: Set HCD flag to defer primary roothub registration (Kishon Vijay Abraham I) \n- btrfs: prevent __btrfs_dump_space_info() to underflow its free space (Qu Wenruo) \n- erofs: fix up erofs_lookup tracepoint (Gao Xiang) \n- mcb: fix error handling in mcb_alloc_bus() (Dan Carpenter) \n- USB: serial: option: add device id for Foxconn T99W265 (Slark Xiao) \n- USB: serial: option: remove duplicate USB device ID (Krzysztof Kozlowski) \n- USB: serial: option: add Telit LN920 compositions (Carlo Lobrano) \n- USB: serial: mos7840: remove duplicated 0xac24 device ID (Krzysztof Kozlowski) \n- usb: core: hcd: Add support for deferring roothub registration (Kishon Vijay Abraham I) \n- Re-enable UAS for LaCie Rugged USB3-FW with fk quirk (Julian Sikorski) \n- staging: greybus: uart: fix tty use after free (Johan Hovold) \n- binder: make sure fd closes complete (Todd Kjos) \n- USB: cdc-acm: fix minor-number release (Johan Hovold) \n- USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter (Uwe Brandt) \n- usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c (Ondrej Zary) \n- xen/x86: fix PV trap handling on secondary processors (Jan Beulich) \n- cifs: fix incorrect check for null pointer in header_assemble (Steve French) \n- usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() (Dan Carpenter) \n- usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA (Minas Harutyunyan) \n- usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (Minas Harutyunyan) \n- usb: gadget: r8a66597: fix a loop in set_feature() (Dan Carpenter) \n- LTS tag: v5.4.149 (Jack Vogel) \n- drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (Guenter Roeck) \n- rtc: rx8010: select REGMAP_I2C (Yu-Tung Chang) \n- blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() (Li Jinlin) \n- pwm: stm32-lp: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) \n- pwm: rockchip: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) \n- pwm: img: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) \n- nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group (Nanyong Sun) \n- nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group (Nanyong Sun) \n- nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group (Nanyong Sun) \n- nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group (Nanyong Sun) \n- nilfs2: fix NULL pointer in nilfs_##name##_attr_release (Nanyong Sun) \n- nilfs2: fix memory leak in nilfs_sysfs_create_device_group (Nanyong Sun) \n- btrfs: fix lockdep warning while mounting sprout fs (Anand Jain) \n- ceph: lockdep annotations for try_nonblocking_invalidate (Jeff Layton) \n- ceph: request Fw caps before updating the mtime in ceph_write_iter (Jeff Layton) \n- dmaengine: xilinx_dma: Set DMA mask for coherent APIs (Radhey Shyam Pandey) \n- dmaengine: ioat: depends on !UML (Johannes Berg) \n- dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (Zou Wei) \n- parisc: Move pci_dev_is_behind_card_dino to where it is used (Guenter Roeck) \n- drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() (Thomas Gleixner) \n- thermal/core: Fix thermal_cooling_device_register() prototype (Arnd Bergmann) \n- Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH (Lukas Bulwahn) \n- net: stmmac: reset Tx desc base address before restarting Tx (Jongsung Kim) \n- phy: avoid unnecessary link-up delay in polling mode (Petr Oros) \n- pwm: lpc32xx: Dont modify HW state in .probe() after the PWM chip was registered (Uwe Kleine-Konig) \n- profiling: fix shift-out-of-bounds bugs (Pavel Skripkin) \n- nilfs2: use refcount_dec_and_lock() to fix potential UAF (Zhen Lei) \n- prctl: allow to setup brk for et_dyn executables (Cyrill Gorcunov) \n- 9p/trans_virtio: Remove sysfs file on probe failure (Xie Yongji) \n- thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() (Dan Carpenter) \n- dmaengine: acpi: Avoid comparison GSI with Linux vIRQ (Andy Shevchenko) \n- um: virtio_uml: fix memory leak on init failures (Johannes Berg) \n- staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb() (Nathan Chancellor) \n- sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (Marcelo Ricardo Leitner) \n- sctp: validate chunk size in __rcv_asconf_lookup (Marcelo Ricardo Leitner) \n- ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE (Alex Sverdlin) \n- ARM: 9079/1: ftrace: Add MODULE_PLTS support (Alex Sverdlin) \n- ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link() (Alex Sverdlin) \n- ARM: 9077/1: PLT: Move struct plt_entries definition to header (Alex Sverdlin) \n- apparmor: remove duplicate macro list_entry_is_head() (Andy Shevchenko) \n- ARM: Qualify enabling of swiotlb_init() (Florian Fainelli) \n- s390/pci_mmio: fully validate the VMA before calling follow_pte() (David Hildenbrand) \n- console: consume APC, DM, DCS (nick black) \n- PCI/ACPI: Add Ampere Altra SOC MCFG quirk (Tuan Phan) \n- PCI: aardvark: Fix reporting CRS value (Pali Rohar) \n- PCI: pci-bridge-emul: Add PCIe Root Capabilities Register (Pali Rohar) \n- PCI: aardvark: Indicate error in val when config read fails (Pali Rohar) \n- PCI: pci-bridge-emul: Fix big-endian support (Grzegorz Jaszczyk) \n- LTS tag: v5.4.148 (Jack Vogel) \n- s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant (Ilya Leoshkevich) \n- s390/bpf: Fix optimizing out zero-extensions (Ilya Leoshkevich) \n- net: renesas: sh_eth: Fix freeing wrong tx descriptor (Yoshihiro Shimoda) \n- ip_gre: validate csum_start only on pull (Willem de Bruijn) \n- qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom (Dinghao Liu) \n- fq_codel: reject silly quantum parameters (Eric Dumazet) \n- netfilter: socket: icmp6: fix use-after-scope (Benjamin Hesmans) \n- net: dsa: b53: Fix calculating number of switch ports (Rafal Milecki) \n- perf unwind: Do not overwrite FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64} (Li Huafei) \n- ARC: export clear_user_page() for modules (Randy Dunlap) \n- mtd: rawnand: cafe: Fix a resource leak in the error handling path of cafe_nand_probe() (Christophe JAILLET) \n- PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n (Andy Shevchenko) \n- KVM: arm64: Handle PSCI resets before userspace touches vCPU state (Oliver Upton) \n- mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set (Matthias Schiffer) \n- PCI: Fix pci_dev_str_match_path() alloc while atomic bug (Dan Carpenter) \n- mfd: axp20x: Update AXP288 volatile ranges (Hans de Goede) \n- NTB: perf: Fix an error code in perf_setup_inbuf() (Yang Li) \n- NTB: Fix an error code in ntb_msit_probe() (Yang Li) \n- ethtool: Fix an error code in cxgb2.c (Yang Li) \n- PCI: ibmphp: Fix double unmap of io_mem (Vishal Aslot) \n- net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 (Daniele Palmas) \n- Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6 (Ryoga Saito) \n- PCI: Add ACS quirks for Cavium multi-function devices (George Cherian) \n- tracing/probes: Reject events which have the same name of existing one (Masami Hiramatsu) \n- mfd: Dont use irq_create_mapping() to resolve a mapping (Marc Zyngier) \n- fuse: fix use after free in fuse_read_interrupt() (Miklos Szeredi) \n- PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms (Wasim Khan) \n- mfd: db8500-prcmu: Adjust map to reality (Linus Walleij) \n- dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation (Miquel Raynal) \n- mm/memory_hotplug: use unsigned long for PFN in zone_for_pfn_range() (David Hildenbrand) \n- net: hns3: fix the timing issue of VF clearing interrupt sources (Jiaran Zhang) \n- net: hns3: disable mac in flr process (Yufeng Mo) \n- net: hns3: change affinity_mask to numa node range (Yufeng Mo) \n- net: hns3: pad the short tunnel frame before sending to hardware (Yufeng Mo) \n- KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers (Nicholas Piggin) \n- ibmvnic: check failover_pending in login response (Sukadev Bhattiprolu) \n- dt-bindings: arm: Fix Toradex compatible typo (David Heidelberg) \n- qed: Handle management FW error (Shai Malin) \n- tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() (zhenggy) \n- net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup (Vladimir Oltean) \n- net/af_unix: fix a data-race in unix_dgram_poll (Eric Dumazet) \n- vhost_net: fix OoB on sendmsg() failure. (Paolo Abeni) \n- events: Reuse value read using READ_ONCE instead of re-reading it (Baptiste Lepers) \n- net/mlx5: Fix potential sleeping in atomic context (Maor Gottlieb) \n- net/mlx5: FWTrace, cancel work on alloc pd error flow (Saeed Mahameed) \n- perf machine: Initialize srcline string member in add_location struct (Michael Petlan) \n- tipc: increase timeout in tipc_sk_enqueue() (Hoang Le) \n- r6040: Restore MDIO clock frequency after MAC reset (Florian Fainelli) \n- net/l2tp: Fix reference count leak in l2tp_udp_recv_core (Xiyu Yang) \n- ptp: dp83640: dont define PAGE0 (Randy Dunlap) \n- net-caif: avoid user-triggerable WARN_ON(1) (Eric Dumazet) \n- tipc: fix an use-after-free issue in tipc_recvmsg (Xin Long) \n- x86/mm: Fix kern_addr_valid() to cope with existing but not present entries (Mike Rapoport) \n- s390/sclp: fix Secure-IPL facility detection (Alexander Egorenkov) \n- drm/etnaviv: add missing MMU context put when reaping MMU mapping (Lucas Stach) \n- drm/etnaviv: reference MMU context when setting up hardware state (Lucas Stach) \n- drm/etnaviv: fix MMU context leak on GPU reset (Lucas Stach) \n- drm/etnaviv: exec and MMU state is lost when resetting the GPU (Lucas Stach) \n- drm/etnaviv: keep MMU context across runtime suspend/resume (Lucas Stach) \n- drm/etnaviv: stop abusing mmu_context as FE running marker (Lucas Stach) \n- drm/etnaviv: put submit prev MMU context when it exists (Lucas Stach) \n- drm/etnaviv: return context from etnaviv_iommu_context_get (Lucas Stach) \n- drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10 (Ernst Sjostrand) \n- PCI: Add AMD GPU multi-function power dependencies (Evan Quan) \n- PM: base: power: dont try to use non-existing RTC for storing data (Juergen Gross) \n- arm64/sve: Use correct size when reinitialising SVE state (Mark Brown) \n- xen: reset legacy rtc flag for PV domU (Juergen Gross) \n- btrfs: fix upper limit for max_inline for page size 64K (Anand Jain) \n- drm/panfrost: Clamp lock region to Bifrost minimum (Alyssa Rosenzweig) \n- drm/panfrost: Use u64 for size in lock_region (Alyssa Rosenzweig) \n- drm/panfrost: Simplify lock_region calculation (Alyssa Rosenzweig) \n- drm/amdgpu: Fix BUG_ON assert (Andrey Grodzovsky) \n- drm/msi/mdp4: populate priv->kms in mdp4_kms_init (David Heidelberg) \n- net: dsa: lantiq_gswip: fix maximum frame length (Jan Hoffmann) \n- lib/test_stackinit: Fix static initializer test (Kees Cook) \n- platform/chrome: cros_ec_proto: Send command again when timeout occurs (Patryk Duda) \n- memcg: enable accounting for pids in nested pid namespaces (Vasily Averin) \n- mm,vmscan: fix divide by zero in get_scan_count (Rik van Riel) \n- mm/hugetlb: initialize hugetlb_usage in mm_init (Liu Zixian) \n- s390/pv: fix the forcing of the swiotlb (Halil Pasic) \n- cpufreq: powernv: Fix init_chip_info initialization in numa=off (Pratik R. Sampat) \n- scsi: qla2xxx: Sync queue idx with queue_pair_map idx (Saurav Kashyap) \n- scsi: qla2xxx: Changes to support kdump kernel (Saurav Kashyap) \n- scsi: BusLogic: Fix missing pr_cont() use (Maciej W. Rozycki) \n- ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() (chenying) \n- parisc: fix crash with signals and alloca (Mikulas Patocka) \n- net: w5100: check return value after calling platform_get_resource() (Yang Yingliang) \n- fix array-index-out-of-bounds in taprio_change (Haimin Zhang) \n- net: fix NULL pointer reference in cipso_v4_doi_free \n- ath9k: fix sleeping in atomic context (Miaoqing Pan) \n- ath9k: fix OOB read ar9300_eeprom_restore_internal (Zekun Shen) \n- parport: remove non-zero check on count (Colin Ian King) \n- net/mlx5: DR, Enable QP retransmission (Yevgeny Kliteynik) \n- iwlwifi: mvm: fix access to BSS elements (Johannes Berg) \n- iwlwifi: mvm: avoid static queue number aliasing (Johannes Berg) \n- iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed (Zhang Qilong) \n- drm/amdkfd: Account for SH/SE count when setting up cu masks. (Sean Keely) \n- ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B (Xiaotan Luo) \n- ASoC: rockchip: i2s: Fix regmap_ops hang (Sugar Zhang) \n- usbip:vhci_hcd USB port can get stuck in the disabled state (Shuah Khan) \n- usbip: give back URBs for unsent unlink requests during cleanup (Anirudh Rayabharam) \n- usb: musb: musb_dsps: request_irq() after initializing musb (Nadezda Lutovinova) \n- Revert USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (Mathias Nyman) \n- cifs: fix wrong release in sess_alloc_buffer() failed path (Ding Hui) \n- mmc: core: Return correct emmc response in case of ioctl error (Nishad Kamdar) \n- selftests/bpf: Enlarge select() timeout for test_maps (Li Zhijian) \n- mmc: rtsx_pci: Fix long reads when clock is prescaled (Thomas Hebb) \n- mmc: sdhci-of-arasan: Check return value of non-void funtions (Manish Narani) \n- of: Dont allow __of_attached_node_sysfs() without CONFIG_SYSFS (Marc Zyngier) \n- ASoC: Intel: Skylake: Fix passing loadable flag for module (Gustaw Lewandowski) \n- ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER (Cezary Rojewski) \n- btrfs: tree-log: check btrfs_lookup_data_extent return value (Marcos Paulo de Souza) \n- m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch (Arnd Bergmann) \n- drm/exynos: Always initialize mapping in exynos_drm_register_dma() (Nathan Chancellor) \n- lockd: lockd server-side shouldnt set fl_ops (J. Bruce Fields) \n- usb: chipidea: host: fix port index underflow and UBSAN complains (Li Jun) \n- gfs2: Dont call dlm after protocol is unmounted (Bob Peterson) \n- staging: rts5208: Fix get_ms_information() heap buffer size (Kees Cook) \n- rpc: fix gss_svc_init cleanup on failure (J. Bruce Fields) \n- tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD (Luke Hsiao) \n- serial: sh-sci: fix break handling for sysrq (Ulrich Hecht) \n- opp: Dont print an error if required-opps is missing (Rajendra Nayak) \n- Bluetooth: Fix handling of LE Enhanced Connection Complete (Luiz Augusto von Dentz) \n- nvme-tcp: dont check blk_mq_tag_to_rq when receiving pdu data (Sagi Grimberg) \n- arm64: dts: ls1046a: fix eeprom entries (Raag Jadav) \n- arm64: tegra: Fix compatible string for Tegra132 CPUs (Thierry Reding) \n- ARM: tegra: tamonten: Fix UART pad setting (Andreas Obergschwandtner) \n- mac80211: Fix monitor MTU limit so that A-MSDUs get through (Johan Almbladh) \n- drm/display: fix possible null-pointer dereference in dcn10_set_clock() (Tuo Li) \n- gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() (Tuo Li) \n- net/mlx5: Fix variable type to match 64bit (Eran Ben Elisha) \n- Bluetooth: avoid circular locks in sco_sock_connect (Desmond Cheong Zhi Xi) \n- Bluetooth: schedule SCO timeouts with delayed_work (Desmond Cheong Zhi Xi) \n- selftests/bpf: Fix xdp_tx.c prog section name (Jussi Maki) \n- drm/msm: mdp4: drop vblank get/put from prepare/complete_commit (David Heidelberg) \n- net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() (Nathan Chancellor) \n- arm64: dts: qcom: sdm660: use reg value for memory node (Vinod Koul) \n- ARM: dts: imx53-ppd: Fix ACHC entry (Sebastian Reichel) \n- media: tegra-cec: Handle errors of clk_prepare_enable() (Evgeny Novikov) \n- media: TDA1997x: fix tda1997x_query_dv_timings() return value (Krzysztof Halasa) \n- media: v4l2-dv-timings.c: fix wrong condition in two for-loops (Hans Verkuil) \n- media: imx258: Limit the max analogue gain to 480 (Umang Jain) \n- media: imx258: Rectify mismatch of VTS value (Laurent Pinchart) \n- ASoC: Intel: bytcr_rt5640: Move Platform Clock routes to the maps for the matching in-/output (Hans de Goede) \n- arm64: tegra: Fix Tegra194 PCIe EP compatible string (Vidya Sagar) \n- bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler() (Yufeng Mo) \n- workqueue: Fix possible memory leaks in wq_numa_init() (Zhen Lei) \n- Bluetooth: skip invalid hci_sync_conn_complete_evt (Desmond Cheong Zhi Xi) \n- ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() (Andy Shevchenko) \n- samples: bpf: Fix tracex7 error raised on the missing argument (Juhee Kang) \n- staging: ks7010: Fix the initialization of the sleep_status structure (Christophe JAILLET) \n- serial: 8250_pci: make setup_port() parameters explicitly unsigned (Greg Kroah-Hartman) \n- hvsi: dont panic on tty_register_driver failure (Jiri Slaby) \n- xtensa: ISS: dont panic in rs_init (Jiri Slaby) \n- serial: 8250: Define RX trigger levels for OxSemi 950 devices (Maciej W. Rozycki) \n- s390: make PCI mio support a machine flag (Niklas Schnelle) \n- s390/jump_label: print real address in a case of a jump label bug (Heiko Carstens) \n- flow_dissector: Fix out-of-bounds warnings (Gustavo A. R. Silva) \n- ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() (Gustavo A. R. Silva) \n- video: fbdev: riva: Error out if pixclock equals zero (Zheyu Ma) \n- video: fbdev: kyro: Error out if pixclock equals zero (Zheyu Ma) \n- video: fbdev: asiliantfb: Error out if pixclock equals zero (Zheyu Ma) \n- bpf/tests: Do not PASS tests without actually testing the result (Johan Almbladh) \n- bpf/tests: Fix copy-and-paste error in double word test (Johan Almbladh) \n- drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex (Anson Jacob) \n- drm/amd/display: Fix timer_per_pixel unit error (Oliver Logush) \n- tty: serial: jsm: hold port lock when reporting modem line changes (Zheyu Ma) \n- staging: board: Fix uninitialized spinlock when attaching genpd (Geert Uytterhoeven) \n- usb: gadget: composite: Allow bMaxPower=0 if self-powered (Jack Pham) \n- USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable() (Evgeny Novikov) \n- usb: gadget: u_ether: fix a potential null pointer dereference (Maciej zenczykowski) \n- usb: host: fotg210: fix the actual_length of an iso packet (Kelly Devilliv) \n- usb: host: fotg210: fix the endpoints transactional opportunities calculation (Kelly Devilliv) \n- igc: Check if num of q_vectors is smaller than max before array access (Sasha Neftin) \n- drm: avoid blocking in drm_clients_infos rcu section (Desmond Cheong Zhi Xi) \n- Smack: Fix wrong semantics in smk_access_entry() (Tianjia Zhang) \n- netlink: Deal with ESRCH error in nlmsg_notify() (Yajun Deng) \n- video: fbdev: kyro: fix a DoS bug by restricting user input (Zheyu Ma) \n- ARM: dts: qcom: apq8064: correct clock names (David Heidelberg) \n- iavf: fix locking of critical sections (Stefan Assmann) \n- iavf: do not override the adapter state in the watchdog task (Stefan Assmann) \n- iio: dac: ad5624r: Fix incorrect handling of an optional regulator. (Jonathan Cameron) \n- tipc: keep the skb in rcv queue until the whole data is read (Xin Long) \n- PCI: Use pci_update_current_state() in pci_enable_device_flags() (Rafael J. Wysocki) \n- crypto: mxs-dcp - Use sg_mapping_iter to copy data (Sean Anderson) \n- media: dib8000: rewrite the init prbs logic (Mauro Carvalho Chehab) \n- ASoC: atmel: ATMEL drivers dont need HAS_DMA (Randy Dunlap) \n- drm/amdgpu: Fix amdgpu_ras_eeprom_init() (Luben Tuikov) \n- userfaultfd: prevent concurrent API initialization (Nadav Amit) \n- kbuild: Fix no symbols warning when CONFIG_TRIM_UNUSD_KSYMS=y (Masahiro Yamada) \n- MIPS: Malta: fix alignment of the devicetree buffer (Oleksij Rempel) \n- f2fs: fix to unmap pages from userspace process in punch_hole() (Chao Yu) \n- f2fs: fix unexpected ENOENT comes from f2fs_map_blocks() (Chao Yu) \n- f2fs: fix to account missing .skipped_gc_rwsem (Chao Yu) \n- KVM: PPC: Fix clearing never mapped TCEs in realmode (Alexey Kardashevskiy) \n- clk: at91: clk-generated: Limit the requested rate to our range (Codrin Ciubotariu) \n- clk: at91: clk-generated: pass the id of changeable parent at registration (Claudiu Beznea) \n- clk: at91: sam9x60: Dont use audio PLL (Codrin Ciubotariu) \n- fscache: Fix cookie key hashing (David Howells) \n- platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (Hans de Goede) \n- KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live (Nicholas Piggin) \n- HID: i2c-hid: Fix Elan touchpad regression (Jim Broadus) \n- scsi: target: avoid per-loop XCOPY buffer allocations (David Disseldorp) \n- powerpc/config: Renable MTD_PHYSMAP_OF (Joel Stanley) \n- scsi: qedf: Fix error codes in qedf_alloc_global_queues() (Dan Carpenter) \n- scsi: qedi: Fix error codes in qedi_alloc_global_queues() (Dan Carpenter) \n- scsi: smartpqi: Fix an error code in pqi_get_raid_map() (Dan Carpenter) \n- pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() (Zhen Lei) \n- scsi: fdomain: Fix error return code in fdomain_probe() (Wei Li) \n- SUNRPC: Fix potential memory corruption (Trond Myklebust) \n- dma-debug: fix debugfs initialization order (Anthony Iliopoulos) \n- openrisc: dont printk() unconditionally (Randy Dunlap) \n- f2fs: reduce the scope of setting fsck tag when de->name_len is zero (Yangtao Li) \n- f2fs: show f2fs instance in printk_ratelimited (Chao Yu) \n- RDMA/efa: Remove double QP type assignment (Leon Romanovsky) \n- powerpc/stacktrace: Include linux/delay.h (Michal Suchanek) \n- vfio: Use config not menuconfig for VFIO_NOIOMMU (Jason Gunthorpe) \n- pinctrl: samsung: Fix pinctrl bank pin count (Jaehyoung Choi) \n- docs: Fix infiniband uverbs minor number (Leon Romanovsky) \n- RDMA/iwcm: Release resources if iw_cm module initialization fails (Leon Romanovsky) \n- IB/hfi1: Adjust pkey entry in index 0 (Mike Marciniszyn) \n- scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND (Christoph Hellwig) \n- f2fs: quota: fix potential deadlock (Chao Yu) \n- HID: input: do not report stylus battery state as full (Dmitry Torokhov) \n- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (Pali Rohar) \n- PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (Pali Rohar) \n- PCI: aardvark: Fix checking for PIO status (Evan Wang) \n- PCI: xilinx-nwl: Enable the clock through CCF (Hyun Kwon) \n- PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure (Krzysztof Wilczynski) \n- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (Marek Behun) \n- PCI/portdrv: Enable Bandwidth Notification only if port supports it (Stuart Hayes) \n- ARM: 9105/1: atags_to_fdt: dont warn about stack size (David Heidelberg) \n- libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs (Hans de Goede) \n- dmaengine: imx-sdma: remove duplicated sdma_load_context (Robin Gong) \n- Revert dmaengine: imx-sdma: refine to load context only once (Robin Gong) \n- media: rc-loopback: return number of emitters rather than error (Sean Young) \n- media: uvc: dont do DMA on stack (Mauro Carvalho Chehab) \n- VMCI: fix NULL pointer dereference when unmapping queue pair (Wang Hai) \n- dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (Arne Welzel) \n- power: supply: max17042: handle fails of reading status register (Krzysztof Kozlowski) \n- block: bfq: fix bfq_set_next_ioprio_data() (Damien Le Moal) \n- crypto: public_key: fix overflow during implicit conversion (zhenwei pi) \n- arm64: head: avoid over-mapping in map_memory (Mark Rutland) \n- soc: aspeed: p2a-ctrl: Fix boundary check for mmap (Iwona Winiarska) \n- soc: aspeed: lpc-ctrl: Fix boundary check for mmap (Iwona Winiarska) \n- soc: qcom: aoss: Fix the out of bound usage of cooling_devs (Manivannan Sadhasivam) \n- pinctrl: ingenic: Fix incorrect pull up/down info (Paul Cercueil) \n- pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast (Marc Zyngier) \n- tools/thermal/tmon: Add cross compiling support (Rolf Eike Beer) \n- 9p/xen: Fix end of loop tests for list_for_each_entry (Harshvardhan Jha) \n- xen: fix setting of max_pfn in shared_info (Juergen Gross) \n- powerpc/perf/hv-gpci: Fix counter value parsing (Kajol Jain) \n- PCI/MSI: Skip masking MSI-X on Xen PV (Marek Marczykowski-Gorecki) \n- blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (Niklas Cassel) \n- blk-zoned: allow zone management send operations without CAP_SYS_ADMIN (Niklas Cassel) \n- btrfs: reset replace target device to allocation state on close (Desmond Cheong Zhi Xi) \n- btrfs: wake up async_delalloc_pages waiters after submit (Josef Bacik) \n- rtc: tps65910: Correct driver module alias (Dmitry Osipenko) \n- LTS tag: v5.4.147 (Jack Vogel) \n- Revert time: Handle negative seconds correctly in timespec64_to_ns() (Greg Kroah-Hartman) \n- Revert posix-cpu-timers: Force next expiration recalc after itimer reset (Greg Kroah-Hartman) \n- Revert block: nbd: add sanity check for first_minor (Greg Kroah-Hartman) \n- Revert Bluetooth: Move shutdown callback before flushing tx and rx queue (Sasha Levin) \n- LTS tag: v5.4.146 (Jack Vogel) \n- clk: kirkwood: Fix a clocking boot regression (Linus Walleij) \n- backlight: pwm_bl: Improve bootloader/kernel device handover (Daniel Thompson) \n- fbmem: dont allow too huge resolutions (Tetsuo Handa) \n- IMA: remove the dependency on CRYPTO_MD5 (THOBY Simon) \n- IMA: remove -Wmissing-prototypes warning (Austin Kim) \n- fuse: flush extending writes (Miklos Szeredi) \n- fuse: truncate pagecache on atomic_o_trunc (Miklos Szeredi) \n- KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter (Sean Christopherson) \n- KVM: x86: Update vCPUs hv_clock before back to guest when tsc_offset is adjusted (Zelin Deng) \n- KVM: s390: index kvm->arch.idle_mask by vcpu_idx (Halil Pasic) \n- x86/resctrl: Fix a maybe-uninitialized build warning treated as error (Babu Moger) \n- perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op (Kim Phillips) \n- tty: Fix data race between tiocsti() and flush_to_ldisc() (Nguyen Dinh Phi) \n- bpf: Fix pointer arithmetic mask tightening under state pruning (Daniel Borkmann) \n- bpf: verifier: Allocate idmap scratch in verifier env (Lorenz Bauer) \n- bpf: Fix leakage due to insufficient speculative store bypass mitigation (Daniel Borkmann) \n- bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (Daniel Borkmann) \n- ipv4: fix endianness issue in inet_rtm_getroute_build_skb() (Eric Dumazet) \n- octeontx2-af: Fix loop in free and unmap counter (Subbaraya Sundeep) \n- net: qualcomm: fix QCA7000 checksum handling (Stefan Wahren) \n- net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed (Xiyu Yang) \n- ipv4: make exception cache less predictible (Eric Dumazet) \n- ipv6: make exception cache less predictible (Eric Dumazet) \n- brcmfmac: pcie: fix oops on failure to resume and reprobe (Ahmad Fatoum) \n- bcma: Fix memory leak for internally-handled cores (Zenghui Yu) \n- ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (Dan Carpenter) \n- ASoC: wcd9335: Disable irq on slave ports in the remove function (Christophe JAILLET) \n- ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (Christophe JAILLET) \n- ASoC: wcd9335: Fix a double irq free in the remove function (Christophe JAILLET) \n- tty: serial: fsl_lpuart: fix the wrong mapbase value (Andy Duan) \n- usb: bdc: Fix an error handling path in bdc_probe() when no suitable DMA config is available (Christophe JAILLET) \n- usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (Evgeny Novikov) \n- i2c: mt65xx: fix IRQ check (Sergey Shtylyov) \n- CIFS: Fix a potencially linear read overflow (Len Baker) \n- bpf: Fix possible out of bound write in narrow load handling (Andrey Ignatov) \n- mmc: moxart: Fix issue with uninitialized dma_slave_config (Tony Lindgren) \n- mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (Tony Lindgren) \n- ASoC: Intel: Skylake: Fix module resource and format selection (Cezary Rojewski) \n- ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (Cezary Rojewski) \n- rsi: fix an error code in rsi_probe() (Dan Carpenter) \n- rsi: fix error code in rsi_load_9116_firmware() (Dan Carpenter) \n- i2c: s3c2410: fix IRQ check (Sergey Shtylyov) \n- i2c: iop3xx: fix deferred probing (Sergey Shtylyov) \n- Bluetooth: add timeout sanity check to hci_inquiry (Pavel Skripkin) \n- mm/swap: consider max pages in iomap_swapfile_add_extent (Xu Yu) \n- usb: gadget: mv_u3d: request_irq() after initializing UDC (Nadezda Lutovinova) \n- nfsd4: Fix forced-expiry locking (J. Bruce Fields) \n- lockd: Fix invalid lockowner cast after vfs_test_lock (Benjamin Coddington) \n- mac80211: Fix insufficient headroom issue for AMSDU (Chih-Kang Chang) \n- usb: phy: tahvo: add IRQ check (Sergey Shtylyov) \n- usb: host: ohci-tmio: add IRQ check (Sergey Shtylyov) \n- usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (Geert Uytterhoeven) \n- usb: phy: twl6030: add IRQ checks (Sergey Shtylyov) \n- usb: phy: fsl-usb: add IRQ check (Sergey Shtylyov) \n- usb: gadget: udc: at91: add IRQ check (Sergey Shtylyov) \n- drm/msm/dsi: Fix some reference counted resource leaks (Christophe JAILLET) \n- Bluetooth: fix repeated calls to sco_sock_kill (Desmond Cheong Zhi Xi) \n- counter: 104-quad-8: Return error when invalid mode during ceiling_write (William Breathitt Gray) \n- arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7 (Krzysztof Kozlowski)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-20T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41864"], "modified": "2021-12-20T00:00:00", "id": "ELSA-2021-9623", "href": "http://linux.oracle.com/errata/ELSA-2021-9623.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-20T20:28:15", "description": "[5.4.17-2136.302.6.1]\n- rds/ib: Use both iova and key in free_mr socket call (aru kolappan) [Orabug:33667276]\n[5.4.17-2136.302.6]\n- Revert fs: align IOCB_* flags with RWF_* flags (Prasad Singamsetty)\n [Orabug: 33627551]\n[5.4.17-2136.302.5]\n- Revert drm: Initialize struct drm_crtc_state.no_vblank from device settings (Somasundaram Krishnasamy) [Orabug: 33611832]\n- Revert drm/atomic-helper: reset vblank on crtc reset (Somasundaram Krishnasamy) [Orabug: 33611832]\n- net/mlx5: E-Switch, Support flow source for local vport (Hamdan Igbaria) [Orabug: 29444833]\n- net/mlx5e: E-Switch, Specify flow_source for rule with no in_port (Jianbo Liu) [Orabug: 29444833]\n- net/mlx5e: E-Switch, Add misc bit when misc fields changed for mirroring (Jianbo Liu) [Orabug: 29444833]\n- uek-rpm: configs: disable CONFIG_READ_ONLY_THP_FOR_FS (Todd Vierling) [Orabug: 33538583]\n- uek-rpm: Remove CONFIG_CC_HAS_WARN_MAYBE_UNINITIALIZED=y and CONFIG_CC_DISABLE_WARN_MAYBE_UNINITIALIZED=y for uek6/u3 (Sherry Yang) [Orabug: 33580598]\n- Stop the ad-hoc games with -Wno-maybe-initialized (Linus Torvalds) [Orabug: 33580598]\n- x86/clear_page: add alternative for clear_page_clzero() (Ankur Arora) [Orabug: 33580824]\n- x86/asm: add clzero based page clearing (Ankur Arora) [Orabug: 33580824]\n- x86/cpu/amd: enable X86_FEATURE_NT_GOOD on all AMD Zen models (Ankur Arora) [Orabug: 33580824]\n- uek-rpm: Add smartpqi driver module in ueknano kernel (Somasundaram Krishnasamy) [Orabug: 33596873]\n[5.4.17-2136.302.4]\n- KVM: nSVM: Copy vmcb12 nRIP field to vmcb02 (Maciej S. Szmigiero) [Orabug: 33590307]\n- KVM: nSVM: Log nRIP of L1 and L2 guest VMCB in nested VMRUN tracepoint (Maciej S. Szmigiero) [Orabug: 33590307]\n- KVM: nSVM: move nested vmrun tracepoint to enter_svm_guest_mode (Maxim Levitsky) [Orabug: 33590307]\n- x86/platform/uv: Add uv_hub_info_s to UEK KABI (John Donnelly) [Orabug: 33397019]\n- x86/platform/uv: Modify order of fields in uv_hub_info_s to avoid panic (Steve Wahl) [Orabug: 33397019]\n- arm64/bpf: remove 128MB limit for BPF JIT programs (Russell King) [Orabug: 33518795]\n- kernfs: dont create a negative dentry if inactive node exists (Ian Kent) [Orabug: 33548753]\n- kernfs: also call kernfs_set_rev() for positive dentry (Hou Tao) [Orabug: 33548753]\n- kernfs: dont call d_splice_alias() under kernfs node lock (Ian Kent) [Orabug: 33548753]\n- kernfs: use i_lock to protect concurrent inode updates (Ian Kent) [Orabug: 33548753]\n- kernfs: switch kernfs to use an rwsem (Ian Kent) [Orabug: 33548753]\n- kernfs: use VFS negative dentry caching (Ian Kent) [Orabug: 33548753]\n- kernfs: add a revision to identify directory node changes (Ian Kent) [Orabug: 33548753]\n- selftests: breakpoints: Fix a typo of function name (Masami Hiramatsu) [Orabug: 33577735]\n- Revert net/rds: Allocate pages on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Allocate rds_ib_{incoming,frag}_slab on HCA NUMA nodeid (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Use the same vector for send & receive (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Get rid of tasklets (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Put more CPU cores to work (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Make workers use the designated CPU (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Use the preferred_cpu in rds_queue_{,delayed}_work (Gerd Rausch) [Orabug: 33590962]\n- Revert net/mlx5: Add new verb ib_get_vector_irqn (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Add preferred_cpu option to rds_rdma.ko (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Follow the observed CQ CPU affinity (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Throttle check for CQ CPU affinity (Gerd Rausch) [Orabug: 33590962]\n- Revert net/rds: Bring tasklets back for better latency (Gerd Rausch) [Orabug: 33590962]\n- Revert IB/mlx4: Implement backend callback for ib_get_vector_irqn (Gerd Rausch) [Orabug: 33590962]\n[5.4.17-2136.302.2]\n- x86, sched: Treat Intel SNC topology as default, COD as exception (Alison Schofield) [Orabug: 32921559]\n- x86/kernel: Convert to new CPU match macros (Thomas Gleixner) [Orabug: 32921559]\n- net/mlx5: Disable mr_cache for SFs (Mikhael Goikhman) [Orabug: 33523558]\n- xfs: punch out data fork delalloc blocks on COW writeback failure (Brian Foster) [Orabug: 33571340]\n- scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() (Dexuan Cui) [Orabug: 33548142]\n- uek-rpm: Enable CONFIG_CPU_FREQ_GOV_SCHEDUTIL for x86_64 kernels (Dave Kleikamp) [Orabug: 33564971]\n[5.4.17-2136.302.1]\n- arm64: Kconfig: enable MADV_DOEXEC functionality (Anthony Yznaga) [Orabug: 33428617]\n- bpf: Fix integer overflow in prealloc_elems_and_freelist() (Tatsuhiko Yasumatsu) [Orabug: 33431722] {CVE-2021-41864}\n- xen/netfront: stop tx queues during live migration (Dongli Zhang) [Orabug: 33536399]\n- Revert xfs: Lower CIL flush limit for large logs (Catherine Hoang) [Orabug: 33536463]\n- Revert xfs: Throttle commits on delayed background CIL push (Catherine Hoang) [Orabug: 33536463]\n- nfsd: back channel stuck in SEQ4_STATUS_CB_PATH_DOWN (Dai Ngo) [Orabug: 33536966]\n- nfsd: handle repeated BIND_CONN_TO_SESSION (J. Bruce Fields) [Orabug: 33536966]\n- rds: ib: Fix bug when comp_vector is IB_CQ_FORCE_ZERO_CV (Hakon Bugge) [Orabug: 33538397]\n[5.4.17-2136.302.0]\n- LTS tag: v5.4.152 (Jack Vogel) \n- libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD. (Kate Hsuan) \n- silence nfscache allocation warnings with kvzalloc (Rik van Riel) \n- perf/x86: Reset destroy callback on event init failure (Anand K Mistry) \n- kvm: x86: Add AMD PMU MSRs to msrs_to_save_all[] (Fares Mehanna) \n- KVM: do not shrink halt_poll_ns below grow_start (Sergey Senozhatsky) \n- tools/vm/page-types: remove dependency on opt_file for idle page tracking (Changbin Du) \n- scsi: ses: Retry failed Send/Receive Diagnostic commands (Wen Xiong) \n- selftests:kvm: fix get_warnings_count() ignoring fscanf() return warn (Shuah Khan) \n- selftests: be sure to make khdr before other targets (Li Zhijian) \n- usb: dwc2: check return value after calling platform_get_resource() (Yang Yingliang) \n- usb: testusb: Fix for showing the connection speed (Faizel K B) \n- scsi: sd: Free scsi_disk device via put_device() (Ming Lei) \n- ext2: fix sleeping in atomic bugs on error (Dan Carpenter) \n- sparc64: fix pci_iounmap() when CONFIG_PCI is not set (Linus Torvalds) \n- xen-netback: correct success/error reporting for the SKB-with-fraglist case (Jan Beulich) \n- net: mdio: introduce a shutdown method to mdio device drivers (Vladimir Oltean) \n- LTS tag: v5.4.151 (Jack Vogel) \n- HID: usbhid: free raw_report buffers in usbhid_stop (Anirudh Rayabharam) \n- netfilter: ipset: Fix oversized kvmalloc() calls (Jozsef Kadlecsik) \n- HID: betop: fix slab-out-of-bounds Write in betop_probe (F.A.Sulaiman) \n- usb: hso: remove the bailout parameter (Dongliang Mu) \n- libnvdimm/pmem: Fix crash triggered when I/O in-flight during unbind (sumiyawang) \n- PCI: Fix pci_host_bridge struct device release/free handling (Rob Herring) \n- net: stmmac: dont attach interface until resume finishes (Leon Yu) \n- net: udp: annotate data race around udp_sk(sk)->corkflag (Eric Dumazet) \n- HID: u2fzero: ignore incomplete packets without data (Andrej Shadura) \n- ext4: fix potential infinite loop in ext4_dx_readdir() (yangerkun) \n- ext4: fix reserved space counter leakage (Jeffle Xu) \n- ext4: fix loff_t overflow in ext4_max_bitmap_size() (Ritesh Harjani) \n- ipack: ipoctal: fix module reference leak (Johan Hovold) \n- ipack: ipoctal: fix missing allocation-failure check (Johan Hovold) \n- ipack: ipoctal: fix tty-registration error handling (Johan Hovold) \n- ipack: ipoctal: fix tty registration race (Johan Hovold) \n- ipack: ipoctal: fix stack information leak (Johan Hovold) \n- debugfs: debugfs_create_file_size(): use IS_ERR to check for error (Nirmoy Das) \n- elf: dont use MAP_FIXED_NOREPLACE for elf interpreter mappings (Chen Jingwen) \n- perf/x86/intel: Update event constraints for ICX (Kan Liang) \n- af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (Eric Dumazet) \n- net: sched: flower: protect fl_walk() with rcu (Vlad Buslov) \n- net: hns3: do not allow call hns3_nic_net_open repeatedly (Jian Shen) \n- scsi: csiostor: Add module softdep on cxgb4 (Rahul Lakkireddy) \n- Revert block, bfq: honor already-setup queue merges (Jens Axboe) \n- selftests, bpf: test_lwt_ip_encap: Really disable rp_filter (Jiri Benc) \n- e100: fix buffer overrun in e100_get_regs (Jacob Keller) \n- e100: fix length calculation in e100_get_regs_len (Jacob Keller) \n- net: ipv4: Fix rtnexthop len when RTA_FLOW is present (Xiao Liang) \n- hwmon: (tmp421) fix rounding for negative values (Paul Fertser) \n- hwmon: (tmp421) report /PVLD condition as fault (Paul Fertser) \n- sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb (Xin Long) \n- mac80211-hwsim: fix late beacon hrtimer handling (Johannes Berg) \n- mac80211: mesh: fix potentially unaligned access (Johannes Berg) \n- mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap (Lorenzo Bianconi) \n- mac80211: Fix ieee80211_amsdu_aggregate frag_tail bug (Chih-Kang Chang) \n- hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (Vadim Pasternak) \n- ipvs: check that ip_vs_conn_tab_bits is between 8 and 20 (Andrea Claudi) \n- drm/amd/display: Pass PCI deviceid into DC (Charlene Liu) \n- x86/kvmclock: Move this_cpu_pvti into kvmclock.h (Zelin Deng) \n- mac80211: fix use-after-free in CCMP/GCMP RX (Johannes Berg) \n- scsi: ufs: Fix illegal offset in UPIU event trace (Jonathan Hsu) \n- hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) \n- hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) \n- hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Nadezda Lutovinova) \n- fs-verity: fix signed integer overflow with i_size near S64_MAX (Eric Biggers) \n- usb: cdns3: fix race condition before setting doorbell (Pawel Laszczak) \n- cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (James Morse) \n- cpufreq: schedutil: Use kobject release() method to free sugov_tunables (Kevin Hao) \n- tty: Fix out-of-bound vmalloc access in imageblit (Igor Matheus Andrade Torrente) \n- LTS tag: v5.4.150 (Jack Vogel) \n- qnx4: work around gcc false positive warning bug (Linus Torvalds) \n- xen/balloon: fix balloon kthread freezing (Juergen Gross) \n- arm64: dts: marvell: armada-37xx: Extend PCIe MEM space (Pali Rohar) \n- thermal/drivers/int340x: Do not set a wrong tcc offset on resume (Antoine Tenart) \n- EDAC/synopsys: Fix wrong value type assignment for edac_mode (Sai Krishna Potthuri) \n- spi: Fix tegra20 build with CONFIG_PM=n (Linus Torvalds) \n- net: 6pack: Fix tx timeout and slot time (Guenter Roeck) \n- alpha: Declare virt_to_phys and virt_to_bus parameter as pointer to volatile (Guenter Roeck) \n- arm64: Mark __stack_chk_guard as __ro_after_init (Dan Li) \n- parisc: Use absolute_pointer() to define PAGE0 (Helge Deller) \n- qnx4: avoid stringop-overread errors (Linus Torvalds) \n- sparc: avoid stringop-overread errors (Linus Torvalds) \n- net: i825xx: Use absolute_pointer for memcpy from fixed memory location (Guenter Roeck) \n- compiler.h: Introduce absolute_pointer macro (Guenter Roeck) \n- blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (Li Jinlin) \n- sparc32: page align size in arch_dma_alloc (Andreas Larsson) \n- nvme-multipath: fix ANA state updates when a namespace is not present (Anton Eidelman) \n- xen/balloon: use a kernel thread instead a workqueue (Juergen Gross) \n- bpf: Add oversize check before call kvcalloc() (Bixuan Cui) \n- ipv6: delay fib6_sernum increase in fib6_add (zhang kai) \n- m68k: Double cast io functions to unsigned long (Guenter Roeck) \n- net: stmmac: allow CSR clock of 300MHz (Jesper Nilsson) \n- net: macb: fix use after free on rmmod (Tong Zhang) \n- blktrace: Fix uaf in blk_trace access after removing by sysfs (Zhihao Cheng) \n- md: fix a lock order reversal in md_alloc (Christoph Hellwig) \n- irqchip/gic-v3-its: Fix potential VPE leak on error (Kaige Fu) \n- irqchip/goldfish-pic: Select GENERIC_IRQ_CHIP to fix build (Randy Dunlap) \n- scsi: lpfc: Use correct scnprintf() limit (Dan Carpenter) \n- scsi: qla2xxx: Restore initiator in dual mode (Dmitry Bogdanov) \n- cifs: fix a sign extension bug (Dan Carpenter) \n- thermal/core: Potential buffer overflow in thermal_build_list_of_policies() (Dan Carpenter) \n- fpga: machxo2-spi: Fix missing error code in machxo2_write_complete() (Jiapeng Chong) \n- fpga: machxo2-spi: Return an error on failure (Tom Rix) \n- tty: synclink_gt: rename a conflicting function name (Randy Dunlap) \n- tty: synclink_gt, drop unneeded forward declarations (Jiri Slaby) \n- scsi: iscsi: Adjust iface sysfs attr detection (Baokun Li) \n- net/mlx4_en: Dont allow aRFS for encapsulated packets (Aya Levin) \n- qed: rdma - dont wait for resources under hw error recovery flow (Shai Malin) \n- gpio: uniphier: Fix void functions to remove return value (Kunihiko Hayashi) \n- net/smc: add missing error check in smc_clc_prfx_set() (Karsten Graul) \n- bnxt_en: Fix TX timeout when TX ring size is set to the smallest (Michael Chan) \n- enetc: Fix illegal access when reading affinity_hint (Claudiu Manoil) \n- platform/x86/intel: punit_ipc: Drop wrong use of ACPI_PTR() (Andy Shevchenko) \n- afs: Fix incorrect triggering of sillyrename on 3rd-party invalidation (David Howells) \n- net: hso: fix muxed tty registration (Johan Hovold) \n- serial: mvebu-uart: fix drivers tx_empty callback (Pali Rohar) \n- xhci: Set HCD flag to defer primary roothub registration (Kishon Vijay Abraham I) \n- btrfs: prevent __btrfs_dump_space_info() to underflow its free space (Qu Wenruo) \n- erofs: fix up erofs_lookup tracepoint (Gao Xiang) \n- mcb: fix error handling in mcb_alloc_bus() (Dan Carpenter) \n- USB: serial: option: add device id for Foxconn T99W265 (Slark Xiao) \n- USB: serial: option: remove duplicate USB device ID (Krzysztof Kozlowski) \n- USB: serial: option: add Telit LN920 compositions (Carlo Lobrano) \n- USB: serial: mos7840: remove duplicated 0xac24 device ID (Krzysztof Kozlowski) \n- usb: core: hcd: Add support for deferring roothub registration (Kishon Vijay Abraham I) \n- Re-enable UAS for LaCie Rugged USB3-FW with fk quirk (Julian Sikorski) \n- staging: greybus: uart: fix tty use after free (Johan Hovold) \n- binder: make sure fd closes complete (Todd Kjos) \n- USB: cdc-acm: fix minor-number release (Johan Hovold) \n- USB: serial: cp210x: add ID for GW Instek GDM-834x Digital Multimeter (Uwe Brandt) \n- usb-storage: Add quirk for ScanLogic SL11R-IDE older than 2.6c (Ondrej Zary) \n- xen/x86: fix PV trap handling on secondary processors (Jan Beulich) \n- cifs: fix incorrect check for null pointer in header_assemble (Steve French) \n- usb: musb: tusb6010: uninitialized data in tusb_fifo_write_unaligned() (Dan Carpenter) \n- usb: dwc2: gadget: Fix ISOC transfer complete handling for DDMA (Minas Harutyunyan) \n- usb: dwc2: gadget: Fix ISOC flow for BDMA and Slave (Minas Harutyunyan) \n- usb: gadget: r8a66597: fix a loop in set_feature() (Dan Carpenter) \n- LTS tag: v5.4.149 (Jack Vogel) \n- drm/nouveau/nvkm: Replace -ENOSYS with -ENODEV (Guenter Roeck) \n- rtc: rx8010: select REGMAP_I2C (Yu-Tung Chang) \n- blk-throttle: fix UAF by deleteing timer in blk_throtl_exit() (Li Jinlin) \n- pwm: stm32-lp: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) \n- pwm: rockchip: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) \n- pwm: img: Dont modify HW state in .remove() callback (Uwe Kleine-Konig) \n- nilfs2: fix memory leak in nilfs_sysfs_delete_snapshot_group (Nanyong Sun) \n- nilfs2: fix memory leak in nilfs_sysfs_create_snapshot_group (Nanyong Sun) \n- nilfs2: fix memory leak in nilfs_sysfs_delete_##name##_group (Nanyong Sun) \n- nilfs2: fix memory leak in nilfs_sysfs_create_##name##_group (Nanyong Sun) \n- nilfs2: fix NULL pointer in nilfs_##name##_attr_release (Nanyong Sun) \n- nilfs2: fix memory leak in nilfs_sysfs_create_device_group (Nanyong Sun) \n- btrfs: fix lockdep warning while mounting sprout fs (Anand Jain) \n- ceph: lockdep annotations for try_nonblocking_invalidate (Jeff Layton) \n- ceph: request Fw caps before updating the mtime in ceph_write_iter (Jeff Layton) \n- dmaengine: xilinx_dma: Set DMA mask for coherent APIs (Radhey Shyam Pandey) \n- dmaengine: ioat: depends on !UML (Johannes Berg) \n- dmaengine: sprd: Add missing MODULE_DEVICE_TABLE (Zou Wei) \n- parisc: Move pci_dev_is_behind_card_dino to where it is used (Guenter Roeck) \n- drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION() (Thomas Gleixner) \n- thermal/core: Fix thermal_cooling_device_register() prototype (Arnd Bergmann) \n- Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH (Lukas Bulwahn) \n- net: stmmac: reset Tx desc base address before restarting Tx (Jongsung Kim) \n- phy: avoid unnecessary link-up delay in polling mode (Petr Oros) \n- pwm: lpc32xx: Dont modify HW state in .probe() after the PWM chip was registered (Uwe Kleine-Konig) \n- profiling: fix shift-out-of-bounds bugs (Pavel Skripkin) \n- nilfs2: use refcount_dec_and_lock() to fix potential UAF (Zhen Lei) \n- prctl: allow to setup brk for et_dyn executables (Cyrill Gorcunov) \n- 9p/trans_virtio: Remove sysfs file on probe failure (Xie Yongji) \n- thermal/drivers/exynos: Fix an error code in exynos_tmu_probe() (Dan Carpenter) \n- dmaengine: acpi: Avoid comparison GSI with Linux vIRQ (Andy Shevchenko) \n- um: virtio_uml: fix memory leak on init failures (Johannes Berg) \n- staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb() (Nathan Chancellor) \n- sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (Marcelo Ricardo Leitner) \n- sctp: validate chunk size in __rcv_asconf_lookup (Marcelo Ricardo Leitner) \n- ARM: 9098/1: ftrace: MODULE_PLT: Fix build problem without DYNAMIC_FTRACE (Alex Sverdlin) \n- ARM: 9079/1: ftrace: Add MODULE_PLTS support (Alex Sverdlin) \n- ARM: 9078/1: Add warn suppress parameter to arm_gen_branch_link() (Alex Sverdlin) \n- ARM: 9077/1: PLT: Move struct plt_entries definition to header (Alex Sverdlin) \n- apparmor: remove duplicate macro list_entry_is_head() (Andy Shevchenko) \n- ARM: Qualify enabling of swiotlb_init() (Florian Fainelli) \n- s390/pci_mmio: fully validate the VMA before calling follow_pte() (David Hildenbrand) \n- console: consume APC, DM, DCS (nick black) \n- PCI/ACPI: Add Ampere Altra SOC MCFG quirk (Tuan Phan) \n- PCI: aardvark: Fix reporting CRS value (Pali Rohar) \n- PCI: pci-bridge-emul: Add PCIe Root Capabilities Register (Pali Rohar) \n- PCI: aardvark: Indicate error in val when config read fails (Pali Rohar) \n- PCI: pci-bridge-emul: Fix big-endian support (Grzegorz Jaszczyk) \n- LTS tag: v5.4.148 (Jack Vogel) \n- s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant (Ilya Leoshkevich) \n- s390/bpf: Fix optimizing out zero-extensions (Ilya Leoshkevich) \n- net: renesas: sh_eth: Fix freeing wrong tx descriptor (Yoshihiro Shimoda) \n- ip_gre: validate csum_start only on pull (Willem de Bruijn) \n- qlcnic: Remove redundant unlock in qlcnic_pinit_from_rom (Dinghao Liu) \n- fq_codel: reject silly quantum parameters (Eric Dumazet) \n- netfilter: socket: icmp6: fix use-after-scope (Benjamin Hesmans) \n- net: dsa: b53: Fix calculating number of switch ports (Rafal Milecki) \n- perf unwind: Do not overwrite FEATURE_CHECK_LDFLAGS-libunwind-{x86,aarch64} (Li Huafei) \n- ARC: export clear_user_page() for modules (Randy Dunlap) \n- mtd: rawnand: cafe: Fix a resource leak in the error handling path of cafe_nand_probe() (Christophe JAILLET) \n- PCI: Sync __pci_register_driver() stub for CONFIG_PCI=n (Andy Shevchenko) \n- KVM: arm64: Handle PSCI resets before userspace touches vCPU state (Oliver Upton) \n- mfd: tqmx86: Clear GPIO IRQ resource when no IRQ is set (Matthias Schiffer) \n- PCI: Fix pci_dev_str_match_path() alloc while atomic bug (Dan Carpenter) \n- mfd: axp20x: Update AXP288 volatile ranges (Hans de Goede) \n- NTB: perf: Fix an error code in perf_setup_inbuf() (Yang Li) \n- NTB: Fix an error code in ntb_msit_probe() (Yang Li) \n- ethtool: Fix an error code in cxgb2.c (Yang Li) \n- PCI: ibmphp: Fix double unmap of io_mem (Vishal Aslot) \n- net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 (Daniele Palmas) \n- Set fc_nlinfo in nh_create_ipv4, nh_create_ipv6 (Ryoga Saito) \n- PCI: Add ACS quirks for Cavium multi-function devices (George Cherian) \n- tracing/probes: Reject events which have the same name of existing one (Masami Hiramatsu) \n- mfd: Dont use irq_create_mapping() to resolve a mapping (Marc Zyngier) \n- fuse: fix use after free in fuse_read_interrupt() (Miklos Szeredi) \n- PCI: Add ACS quirks for NXP LX2xx0 and LX2xx2 platforms (Wasim Khan) \n- mfd: db8500-prcmu: Adjust map to reality (Linus Walleij) \n- dt-bindings: mtd: gpmc: Fix the ECC bytes vs. OOB bytes equation (Miquel Raynal) \n- mm/memory_hotplug: use unsigned long for PFN in zone_for_pfn_range() (David Hildenbrand) \n- net: hns3: fix the timing issue of VF clearing interrupt sources (Jiaran Zhang) \n- net: hns3: disable mac in flr process (Yufeng Mo) \n- net: hns3: change affinity_mask to numa node range (Yufeng Mo) \n- net: hns3: pad the short tunnel frame before sending to hardware (Yufeng Mo) \n- KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers (Nicholas Piggin) \n- ibmvnic: check failover_pending in login response (Sukadev Bhattiprolu) \n- dt-bindings: arm: Fix Toradex compatible typo (David Heidelberg) \n- qed: Handle management FW error (Shai Malin) \n- tcp: fix tp->undo_retrans accounting in tcp_sacktag_one() (zhenggy) \n- net: dsa: destroy the phylink instance on any error in dsa_slave_phy_setup (Vladimir Oltean) \n- net/af_unix: fix a data-race in unix_dgram_poll (Eric Dumazet) \n- vhost_net: fix OoB on sendmsg() failure. (Paolo Abeni) \n- events: Reuse value read using READ_ONCE instead of re-reading it (Baptiste Lepers) \n- net/mlx5: Fix potential sleeping in atomic context (Maor Gottlieb) \n- net/mlx5: FWTrace, cancel work on alloc pd error flow (Saeed Mahameed) \n- perf machine: Initialize srcline string member in add_location struct (Michael Petlan) \n- tipc: increase timeout in tipc_sk_enqueue() (Hoang Le) \n- r6040: Restore MDIO clock frequency after MAC reset (Florian Fainelli) \n- net/l2tp: Fix reference count leak in l2tp_udp_recv_core (Xiyu Yang) \n- ptp: dp83640: dont define PAGE0 (Randy Dunlap) \n- net-caif: avoid user-triggerable WARN_ON(1) (Eric Dumazet) \n- tipc: fix an use-after-free issue in tipc_recvmsg (Xin Long) \n- x86/mm: Fix kern_addr_valid() to cope with existing but not present entries (Mike Rapoport) \n- s390/sclp: fix Secure-IPL facility detection (Alexander Egorenkov) \n- drm/etnaviv: add missing MMU context put when reaping MMU mapping (Lucas Stach) \n- drm/etnaviv: reference MMU context when setting up hardware state (Lucas Stach) \n- drm/etnaviv: fix MMU context leak on GPU reset (Lucas Stach) \n- drm/etnaviv: exec and MMU state is lost when resetting the GPU (Lucas Stach) \n- drm/etnaviv: keep MMU context across runtime suspend/resume (Lucas Stach) \n- drm/etnaviv: stop abusing mmu_context as FE running marker (Lucas Stach) \n- drm/etnaviv: put submit prev MMU context when it exists (Lucas Stach) \n- drm/etnaviv: return context from etnaviv_iommu_context_get (Lucas Stach) \n- drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10 (Ernst Sjostrand) \n- PCI: Add AMD GPU multi-function power dependencies (Evan Quan) \n- PM: base: power: dont try to use non-existing RTC for storing data (Juergen Gross) \n- arm64/sve: Use correct size when reinitialising SVE state (Mark Brown) \n- xen: reset legacy rtc flag for PV domU (Juergen Gross) \n- btrfs: fix upper limit for max_inline for page size 64K (Anand Jain) \n- drm/panfrost: Clamp lock region to Bifrost minimum (Alyssa Rosenzweig) \n- drm/panfrost: Use u64 for size in lock_region (Alyssa Rosenzweig) \n- drm/panfrost: Simplify lock_region calculation (Alyssa Rosenzweig) \n- drm/amdgpu: Fix BUG_ON assert (Andrey Grodzovsky) \n- drm/msi/mdp4: populate priv->kms in mdp4_kms_init (David Heidelberg) \n- net: dsa: lantiq_gswip: fix maximum frame length (Jan Hoffmann) \n- lib/test_stackinit: Fix static initializer test (Kees Cook) \n- platform/chrome: cros_ec_proto: Send command again when timeout occurs (Patryk Duda) \n- memcg: enable accounting for pids in nested pid namespaces (Vasily Averin) \n- mm,vmscan: fix divide by zero in get_scan_count (Rik van Riel) \n- mm/hugetlb: initialize hugetlb_usage in mm_init (Liu Zixian) \n- s390/pv: fix the forcing of the swiotlb (Halil Pasic) \n- cpufreq: powernv: Fix init_chip_info initialization in numa=off (Pratik R. Sampat) \n- scsi: qla2xxx: Sync queue idx with queue_pair_map idx (Saurav Kashyap) \n- scsi: qla2xxx: Changes to support kdump kernel (Saurav Kashyap) \n- scsi: BusLogic: Fix missing pr_cont() use (Maciej W. Rozycki) \n- ovl: fix BUG_ON() in may_delete() when called from ovl_cleanup() (chenying) \n- parisc: fix crash with signals and alloca (Mikulas Patocka) \n- net: w5100: check return value after calling platform_get_resource() (Yang Yingliang) \n- fix array-index-out-of-bounds in taprio_change (Haimin Zhang) \n- net: fix NULL pointer reference in cipso_v4_doi_free \n- ath9k: fix sleeping in atomic context (Miaoqing Pan) \n- ath9k: fix OOB read ar9300_eeprom_restore_internal (Zekun Shen) \n- parport: remove non-zero check on count (Colin Ian King) \n- net/mlx5: DR, Enable QP retransmission (Yevgeny Kliteynik) \n- iwlwifi: mvm: fix access to BSS elements (Johannes Berg) \n- iwlwifi: mvm: avoid static queue number aliasing (Johannes Berg) \n- iwlwifi: mvm: fix a memory leak in iwl_mvm_mac_ctxt_beacon_changed (Zhang Qilong) \n- drm/amdkfd: Account for SH/SE count when setting up cu masks. (Sean Keely) \n- ASoC: rockchip: i2s: Fixup config for DAIFMT_DSP_A/B (Xiaotan Luo) \n- ASoC: rockchip: i2s: Fix regmap_ops hang (Sugar Zhang) \n- usbip:vhci_hcd USB port can get stuck in the disabled state (Shuah Khan) \n- usbip: give back URBs for unsent unlink requests during cleanup (Anirudh Rayabharam) \n- usb: musb: musb_dsps: request_irq() after initializing musb (Nadezda Lutovinova) \n- Revert USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set (Mathias Nyman) \n- cifs: fix wrong release in sess_alloc_buffer() failed path (Ding Hui) \n- mmc: core: Return correct emmc response in case of ioctl error (Nishad Kamdar) \n- selftests/bpf: Enlarge select() timeout for test_maps (Li Zhijian) \n- mmc: rtsx_pci: Fix long reads when clock is prescaled (Thomas Hebb) \n- mmc: sdhci-of-arasan: Check return value of non-void funtions (Manish Narani) \n- of: Dont allow __of_attached_node_sysfs() without CONFIG_SYSFS (Marc Zyngier) \n- ASoC: Intel: Skylake: Fix passing loadable flag for module (Gustaw Lewandowski) \n- ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER (Cezary Rojewski) \n- btrfs: tree-log: check btrfs_lookup_data_extent return value (Marcos Paulo de Souza) \n- m68knommu: only set CONFIG_ISA_DMA_API for ColdFire sub-arch (Arnd Bergmann) \n- drm/exynos: Always initialize mapping in exynos_drm_register_dma() (Nathan Chancellor) \n- lockd: lockd server-side shouldnt set fl_ops (J. Bruce Fields) \n- usb: chipidea: host: fix port index underflow and UBSAN complains (Li Jun) \n- gfs2: Dont call dlm after protocol is unmounted (Bob Peterson) \n- staging: rts5208: Fix get_ms_information() heap buffer size (Kees Cook) \n- rpc: fix gss_svc_init cleanup on failure (J. Bruce Fields) \n- tcp: enable data-less, empty-cookie SYN with TFO_SERVER_COOKIE_NOT_REQD (Luke Hsiao) \n- serial: sh-sci: fix break handling for sysrq (Ulrich Hecht) \n- opp: Dont print an error if required-opps is missing (Rajendra Nayak) \n- Bluetooth: Fix handling of LE Enhanced Connection Complete (Luiz Augusto von Dentz) \n- nvme-tcp: dont check blk_mq_tag_to_rq when receiving pdu data (Sagi Grimberg) \n- arm64: dts: ls1046a: fix eeprom entries (Raag Jadav) \n- arm64: tegra: Fix compatible string for Tegra132 CPUs (Thierry Reding) \n- ARM: tegra: tamonten: Fix UART pad setting (Andreas Obergschwandtner) \n- mac80211: Fix monitor MTU limit so that A-MSDUs get through (Johan Almbladh) \n- drm/display: fix possible null-pointer dereference in dcn10_set_clock() (Tuo Li) \n- gpu: drm: amd: amdgpu: amdgpu_i2c: fix possible uninitialized-variable access in amdgpu_i2c_router_select_ddc_port() (Tuo Li) \n- net/mlx5: Fix variable type to match 64bit (Eran Ben Elisha) \n- Bluetooth: avoid circular locks in sco_sock_connect (Desmond Cheong Zhi Xi) \n- Bluetooth: schedule SCO timeouts with delayed_work (Desmond Cheong Zhi Xi) \n- selftests/bpf: Fix xdp_tx.c prog section name (Jussi Maki) \n- drm/msm: mdp4: drop vblank get/put from prepare/complete_commit (David Heidelberg) \n- net: ethernet: stmmac: Do not use unreachable() in ipq806x_gmac_probe() (Nathan Chancellor) \n- arm64: dts: qcom: sdm660: use reg value for memory node (Vinod Koul) \n- ARM: dts: imx53-ppd: Fix ACHC entry (Sebastian Reichel) \n- media: tegra-cec: Handle errors of clk_prepare_enable() (Evgeny Novikov) \n- media: TDA1997x: fix tda1997x_query_dv_timings() return value (Krzysztof Halasa) \n- media: v4l2-dv-timings.c: fix wrong condition in two for-loops (Hans Verkuil) \n- media: imx258: Limit the max analogue gain to 480 (Umang Jain) \n- media: imx258: Rectify mismatch of VTS value (Laurent Pinchart) \n- ASoC: Intel: bytcr_rt5640: Move Platform Clock routes to the maps for the matching in-/output (Hans de Goede) \n- arm64: tegra: Fix Tegra194 PCIe EP compatible string (Vidya Sagar) \n- bonding: 3ad: fix the concurrency between __bond_release_one() and bond_3ad_state_machine_handler() (Yufeng Mo) \n- workqueue: Fix possible memory leaks in wq_numa_init() (Zhen Lei) \n- Bluetooth: skip invalid hci_sync_conn_complete_evt (Desmond Cheong Zhi Xi) \n- ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() (Andy Shevchenko) \n- samples: bpf: Fix tracex7 error raised on the missing argument (Juhee Kang) \n- staging: ks7010: Fix the initialization of the sleep_status structure (Christophe JAILLET) \n- serial: 8250_pci: make setup_port() parameters explicitly unsigned (Greg Kroah-Hartman) \n- hvsi: dont panic on tty_register_driver failure (Jiri Slaby) \n- xtensa: ISS: dont panic in rs_init (Jiri Slaby) \n- serial: 8250: Define RX trigger levels for OxSemi 950 devices (Maciej W. Rozycki) \n- s390: make PCI mio support a machine flag (Niklas Schnelle) \n- s390/jump_label: print real address in a case of a jump label bug (Heiko Carstens) \n- flow_dissector: Fix out-of-bounds warnings (Gustavo A. R. Silva) \n- ipv4: ip_output.c: Fix out-of-bounds warning in ip_copy_addrs() (Gustavo A. R. Silva) \n- video: fbdev: riva: Error out if pixclock equals zero (Zheyu Ma) \n- video: fbdev: kyro: Error out if pixclock equals zero (Zheyu Ma) \n- video: fbdev: asiliantfb: Error out if pixclock equals zero (Zheyu Ma) \n- bpf/tests: Do not PASS tests without actually testing the result (Johan Almbladh) \n- bpf/tests: Fix copy-and-paste error in double word test (Johan Almbladh) \n- drm/amd/amdgpu: Update debugfs link_settings output link_rate field in hex (Anson Jacob) \n- drm/amd/display: Fix timer_per_pixel unit error (Oliver Logush) \n- tty: serial: jsm: hold port lock when reporting modem line changes (Zheyu Ma) \n- staging: board: Fix uninitialized spinlock when attaching genpd (Geert Uytterhoeven) \n- usb: gadget: composite: Allow bMaxPower=0 if self-powered (Jack Pham) \n- USB: EHCI: ehci-mv: improve error handling in mv_ehci_enable() (Evgeny Novikov) \n- usb: gadget: u_ether: fix a potential null pointer dereference (Maciej zenczykowski) \n- usb: host: fotg210: fix the actual_length of an iso packet (Kelly Devilliv) \n- usb: host: fotg210: fix the endpoints transactional opportunities calculation (Kelly Devilliv) \n- igc: Check if num of q_vectors is smaller than max before array access (Sasha Neftin) \n- drm: avoid blocking in drm_clients_infos rcu section (Desmond Cheong Zhi Xi) \n- Smack: Fix wrong semantics in smk_access_entry() (Tianjia Zhang) \n- netlink: Deal with ESRCH error in nlmsg_notify() (Yajun Deng) \n- video: fbdev: kyro: fix a DoS bug by restricting user input (Zheyu Ma) \n- ARM: dts: qcom: apq8064: correct clock names (David Heidelberg) \n- iavf: fix locking of critical sections (Stefan Assmann) \n- iavf: do not override the adapter state in the watchdog task (Stefan Assmann) \n- iio: dac: ad5624r: Fix incorrect handling of an optional regulator. (Jonathan Cameron) \n- tipc: keep the skb in rcv queue until the whole data is read (Xin Long) \n- PCI: Use pci_update_current_state() in pci_enable_device_flags() (Rafael J. Wysocki) \n- crypto: mxs-dcp - Use sg_mapping_iter to copy data (Sean Anderson) \n- media: dib8000: rewrite the init prbs logic (Mauro Carvalho Chehab) \n- ASoC: atmel: ATMEL drivers dont need HAS_DMA (Randy Dunlap) \n- drm/amdgpu: Fix amdgpu_ras_eeprom_init() (Luben Tuikov) \n- userfaultfd: prevent concurrent API initialization (Nadav Amit) \n- kbuild: Fix no symbols warning when CONFIG_TRIM_UNUSD_KSYMS=y (Masahiro Yamada) \n- MIPS: Malta: fix alignment of the devicetree buffer (Oleksij Rempel) \n- f2fs: fix to unmap pages from userspace process in punch_hole() (Chao Yu) \n- f2fs: fix unexpected ENOENT comes from f2fs_map_blocks() (Chao Yu) \n- f2fs: fix to account missing .skipped_gc_rwsem (Chao Yu) \n- KVM: PPC: Fix clearing never mapped TCEs in realmode (Alexey Kardashevskiy) \n- clk: at91: clk-generated: Limit the requested rate to our range (Codrin Ciubotariu) \n- clk: at91: clk-generated: pass the id of changeable parent at registration (Claudiu Beznea) \n- clk: at91: sam9x60: Dont use audio PLL (Codrin Ciubotariu) \n- fscache: Fix cookie key hashing (David Howells) \n- platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (Hans de Goede) \n- KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live (Nicholas Piggin) \n- HID: i2c-hid: Fix Elan touchpad regression (Jim Broadus) \n- scsi: target: avoid per-loop XCOPY buffer allocations (David Disseldorp) \n- powerpc/config: Renable MTD_PHYSMAP_OF (Joel Stanley) \n- scsi: qedf: Fix error codes in qedf_alloc_global_queues() (Dan Carpenter) \n- scsi: qedi: Fix error codes in qedi_alloc_global_queues() (Dan Carpenter) \n- scsi: smartpqi: Fix an error code in pqi_get_raid_map() (Dan Carpenter) \n- pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() (Zhen Lei) \n- scsi: fdomain: Fix error return code in fdomain_probe() (Wei Li) \n- SUNRPC: Fix potential memory corruption (Trond Myklebust) \n- dma-debug: fix debugfs initialization order (Anthony Iliopoulos) \n- openrisc: dont printk() unconditionally (Randy Dunlap) \n- f2fs: reduce the scope of setting fsck tag when de->name_len is zero (Yangtao Li) \n- f2fs: show f2fs instance in printk_ratelimited (Chao Yu) \n- RDMA/efa: Remove double QP type assignment (Leon Romanovsky) \n- powerpc/stacktrace: Include linux/delay.h (Michal Suchanek) \n- vfio: Use config not menuconfig for VFIO_NOIOMMU (Jason Gunthorpe) \n- pinctrl: samsung: Fix pinctrl bank pin count (Jaehyoung Choi) \n- docs: Fix infiniband uverbs minor number (Leon Romanovsky) \n- RDMA/iwcm: Release resources if iw_cm module initialization fails (Leon Romanovsky) \n- IB/hfi1: Adjust pkey entry in index 0 (Mike Marciniszyn) \n- scsi: bsg: Remove support for SCSI_IOCTL_SEND_COMMAND (Christoph Hellwig) \n- f2fs: quota: fix potential deadlock (Chao Yu) \n- HID: input: do not report stylus battery state as full (Dmitry Torokhov) \n- PCI: aardvark: Fix masking and unmasking legacy INTx interrupts (Pali Rohar) \n- PCI: aardvark: Increase polling delay to 1.5s while waiting for PIO response (Pali Rohar) \n- PCI: aardvark: Fix checking for PIO status (Evan Wang) \n- PCI: xilinx-nwl: Enable the clock through CCF (Hyun Kwon) \n- PCI: Return ~0 data on pciconfig_read() CAP_SYS_ADMIN failure (Krzysztof Wilczynski) \n- PCI: Restrict ASMedia ASM1062 SATA Max Payload Size Supported (Marek Behun) \n- PCI/portdrv: Enable Bandwidth Notification only if port supports it (Stuart Hayes) \n- ARM: 9105/1: atags_to_fdt: dont warn about stack size (David Heidelberg) \n- libata: add ATA_HORKAGE_NO_NCQ_TRIM for Samsung 860 and 870 SSDs (Hans de Goede) \n- dmaengine: imx-sdma: remove duplicated sdma_load_context (Robin Gong) \n- Revert dmaengine: imx-sdma: refine to load context only once (Robin Gong) \n- media: rc-loopback: return number of emitters rather than error (Sean Young) \n- media: uvc: dont do DMA on stack (Mauro Carvalho Chehab) \n- VMCI: fix NULL pointer dereference when unmapping queue pair (Wang Hai) \n- dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc() (Arne Welzel) \n- power: supply: max17042: handle fails of reading status register (Krzysztof Kozlowski) \n- block: bfq: fix bfq_set_next_ioprio_data() (Damien Le Moal) \n- crypto: public_key: fix overflow during implicit conversion (zhenwei pi) \n- arm64: head: avoid over-mapping in map_memory (Mark Rutland) \n- soc: aspeed: p2a-ctrl: Fix boundary check for mmap (Iwona Winiarska) \n- soc: aspeed: lpc-ctrl: Fix boundary check for mmap (Iwona Winiarska) \n- soc: qcom: aoss: Fix the out of bound usage of cooling_devs (Manivannan Sadhasivam) \n- pinctrl: ingenic: Fix incorrect pull up/down info (Paul Cercueil) \n- pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast (Marc Zyngier) \n- tools/thermal/tmon: Add cross compiling support (Rolf Eike Beer) \n- 9p/xen: Fix end of loop tests for list_for_each_entry (Harshvardhan Jha) \n- xen: fix setting of max_pfn in shared_info (Juergen Gross) \n- powerpc/perf/hv-gpci: Fix counter value parsing (Kajol Jain) \n- PCI/MSI: Skip masking MSI-X on Xen PV (Marek Marczykowski-Gorecki) \n- blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (Niklas Cassel) \n- blk-zoned: allow zone management send operations without CAP_SYS_ADMIN (Niklas Cassel) \n- btrfs: reset replace target device to allocation state on close (Desmond Cheong Zhi Xi) \n- btrfs: wake up async_delalloc_pages waiters after submit (Josef Bacik) \n- rtc: tps65910: Correct driver module alias (Dmitry Osipenko) \n- LTS tag: v5.4.147 (Jack Vogel) \n- Revert time: Handle negative seconds correctly in timespec64_to_ns() (Greg Kroah-Hartman) \n- Revert posix-cpu-timers: Force next expiration recalc after itimer reset (Greg Kroah-Hartman) \n- Revert block: nbd: add sanity check for first_minor (Greg Kroah-Hartman) \n- Revert Bluetooth: Move shutdown callback before flushing tx and rx queue (Sasha Levin) \n- LTS tag: v5.4.146 (Jack Vogel) \n- clk: kirkwood: Fix a clocking boot regression (Linus Walleij) \n- backlight: pwm_bl: Improve bootloader/kernel device handover (Daniel Thompson) \n- fbmem: dont allow too huge resolutions (Tetsuo Handa) \n- IMA: remove the dependency on CRYPTO_MD5 (THOBY Simon) \n- IMA: remove -Wmissing-prototypes warning (Austin Kim) \n- fuse: flush extending writes (Miklos Szeredi) \n- fuse: truncate pagecache on atomic_o_trunc (Miklos Szeredi) \n- KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter (Sean Christopherson) \n- KVM: x86: Update vCPUs hv_clock before back to guest when tsc_offset is adjusted (Zelin Deng) \n- KVM: s390: index kvm->arch.idle_mask by vcpu_idx (Halil Pasic) \n- x86/resctrl: Fix a maybe-uninitialized build warning treated as error (Babu Moger) \n- perf/x86/amd/ibs: Extend PERF_PMU_CAP_NO_EXCLUDE to IBS Op (Kim Phillips) \n- tty: Fix data race between tiocsti() and flush_to_ldisc() (Nguyen Dinh Phi) \n- bpf: Fix pointer arithmetic mask tightening under state pruning (Daniel Borkmann) \n- bpf: verifier: Allocate idmap scratch in verifier env (Lorenz Bauer) \n- bpf: Fix leakage due to insufficient speculative store bypass mitigation (Daniel Borkmann) \n- bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (Daniel Borkmann) \n- ipv4: fix endianness issue in inet_rtm_getroute_build_skb() (Eric Dumazet) \n- octeontx2-af: Fix loop in free and unmap counter (Subbaraya Sundeep) \n- net: qualcomm: fix QCA7000 checksum handling (Stefan Wahren) \n- net: sched: Fix qdisc_rate_table refcount leak when get tcf_block failed (Xiyu Yang) \n- ipv4: make exception cache less predictible (Eric Dumazet) \n- ipv6: make exception cache less predictible (Eric Dumazet) \n- brcmfmac: pcie: fix oops on failure to resume and reprobe (Ahmad Fatoum) \n- bcma: Fix memory leak for internally-handled cores (Zenghui Yu) \n- ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (Dan Carpenter) \n- ASoC: wcd9335: Disable irq on slave ports in the remove function (Christophe JAILLET) \n- ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (Christophe JAILLET) \n- ASoC: wcd9335: Fix a double irq free in the remove function (Christophe JAILLET) \n- tty: serial: fsl_lpuart: fix the wrong mapbase value (Andy Duan) \n- usb: bdc: Fix an error handling path in bdc_probe() when no suitable DMA config is available (Christophe JAILLET) \n- usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (Evgeny Novikov) \n- i2c: mt65xx: fix IRQ check (Sergey Shtylyov) \n- CIFS: Fix a potencially linear read overflow (Len Baker) \n- bpf: Fix possible out of bound write in narrow load handling (Andrey Ignatov) \n- mmc: moxart: Fix issue with uninitialized dma_slave_config (Tony Lindgren) \n- mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (Tony Lindgren) \n- ASoC: Intel: Skylake: Fix module resource and format selection (Cezary Rojewski) \n- ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (Cezary Rojewski) \n- rsi: fix an error code in rsi_probe() (Dan Carpenter) \n- rsi: fix error code in rsi_load_9116_firmware() (Dan Carpenter) \n- i2c: s3c2410: fix IRQ check (Sergey Shtylyov) \n- i2c: iop3xx: fix deferred probing (Sergey Shtylyov) \n- Bluetooth: add timeout sanity check to hci_inquiry (Pavel Skripkin) \n- mm/swap: consider max pages in iomap_swapfile_add_extent (Xu Yu) \n- usb: gadget: mv_u3d: request_irq() after initializing UDC (Nadezda Lutovinova) \n- nfsd4: Fix forced-expiry locking (J. Bruce Fields) \n- lockd: Fix invalid lockowner cast after vfs_test_lock (Benjamin Coddington) \n- mac80211: Fix insufficient headroom issue for AMSDU (Chih-Kang Chang) \n- usb: phy: tahvo: add IRQ check (Sergey Shtylyov) \n- usb: host: ohci-tmio: add IRQ check (Sergey Shtylyov) \n- usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (Geert Uytterhoeven) \n- usb: phy: twl6030: add IRQ checks (Sergey Shtylyov) \n- usb: phy: fsl-usb: add IRQ check (Sergey Shtylyov) \n- usb: gadget: udc: at91: add IRQ check (Sergey Shtylyov) \n- drm/msm/dsi: Fix some reference counted resource leaks (Christophe JAILLET) \n- Bluetooth: fix repeated calls to sco_sock_kill (Desmond Cheong Zhi Xi) \n- counter: 104-quad-8: Return error when invalid mode during ceiling_write (William Breathitt Gray) \n- arm64: dts: exynos: correct GIC CPU interfaces address range on Exynos7 (Krzysztof Kozlowski)", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-20T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41864"], "modified": "2021-12-20T00:00:00", "id": "ELSA-2021-9621", "href": "http://linux.oracle.com/errata/ELSA-2021-9621.html", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-12T18:39:46", "description": "[4.18.0-372.9.1.OL8]\n- Update Oracle Linux certificates (Kevin Lyons)\n- Disable signing for aarch64 (Ilya Okomin)\n- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]\n- Update x509.genkey [Orabug: 24817676]\n- Conflict with shim-ia32 and shim-x64 <= 15-11.0.5\n[4.18.0-372.9.1]\n- scsi: qedi: Fix failed disconnect handling (Chris Leech) [2071519]\n- scsi: iscsi: Fix unbound endpoint error handling (Chris Leech) [2071519]\n- scsi: iscsi: Fix conn cleanup and stop race during iscsid restart (Chris Leech) [2071519]\n- scsi: iscsi: Fix endpoint reuse regression (Chris Leech) [2071519]\n- scsi: iscsi: Release endpoint ID when its freed (Chris Leech) [2071519]\n- scsi: iscsi: Fix offload conn cleanup when iscsid restarts (Chris Leech) [2071519]\n- Revert 'scsi: iscsi: Fix offload conn cleanup when iscsid restarts' (Chris Leech) [2071519]\n- scsi: iscsi: Speed up session unblocking and removal (Chris Leech) [2071519]\n- scsi: iscsi: Fix recovery and unblocking race (Chris Leech) [2071519]\n- scsi: iscsi: Unblock session then wake up error handler (Chris Leech) [2071519]\n- bnxt_en: make hw-tc-offload default to off (Ken Cox) [2005101]\n- bnxt_en: reject indirect blk offload when hw-tc-offload is off (Ken Cox) [2005101]\n[4.18.0-372.8.1]\n- esp6: fix check on ipv6_skip_exthdrs return value (Sabrina Dubroca) [2054075]\n- scsi: iscsi: Fix nop handling during conn recovery (Chris Leech) [2069969]\n- scsi: iscsi: Merge suspend fields (Chris Leech) [2069969]\n- scsi: iscsi: Fix offload conn cleanup when iscsid restarts (Chris Leech) [2069969]\n- scsi: iscsi: Move iscsi_ep_disconnect (Chris Leech) [2069969]\n- CI: Remove deprecated option (Veronika Kabatova)\n[4.18.0-372.7.1]\n- netfilter: nf_tables_offload: incorrect flow offload action array size (Florian Westphal) [2056728] {CVE-2022-25636}\n- netfilter: nftables_offload: KASAN slab-out-of-bounds Read in nft_flow_rule_create (Florian Westphal) [2056728]\n- KVM: SVM: Allow AVIC support on system w/ physical APIC ID > 255 (Bandan Das) [2033068]\n- PCI/ACPI: Fix acpi_pci_osc_control_set() kernel-doc comment (Mark Langsdorf) [2049209]\n- PCI/ACPI: Check for _OSC support in acpi_pci_osc_control_set() (Mark Langsdorf) [2049209]\n- PCI/ACPI: Move _OSC query checks to separate function (Mark Langsdorf) [2049209]\n- PCI/ACPI: Move supported and control calculations to separate functions (Mark Langsdorf) [2049209]\n- PCI/ACPI: Remove OSC_PCI_SUPPORT_MASKS and OSC_PCI_CONTROL_MASKS (Mark Langsdorf) [2049209]\n- kabi: Adding symbol blkdev_get_by_dev (fs/block_dev.c) (cestmir Kalina) [2010296]\n- kabi: Adding symbol thaw_bdev (fs/block_dev.c) (cestmir Kalina) [2010296]\n- kabi: Adding symbol freeze_bdev (fs/block_dev.c) (cestmir Kalina) [2010296]\n- s390/cio: make ccw_device_dma_* more robust (Thomas Huth) [2066709]\n- perf/x86/intel/uncore: Make uncore_discovery clean for 64 bit addresses (Michael Petlan) [2069237]\n- redhat: switch secureboot kernel image signing to release keys (Augusto Caringi)\n- ice: xsk: Stop Rx processing when ntc catches ntu (Ivan Vecera) [2069082]\n- ice: xsk: Fix indexing in ice_tx_xsk_pool() (Ivan Vecera) [2069082]\n- ice: Fix kernel crash in XDP scenario (Ivan Vecera) [2069082]\n[4.18.0-372.6.1]\n- configs: enable CONFIG_RMI4_F3A (Benjamin Tissoires) [2067219]\n- Input: synaptics-rmi4 - add support for F3A (Benjamin Tissoires) [2067219]\n- RDMA/cma: Do not change route.addr.src_addr.ss_family (Kamal Heib) [2032074] {CVE-2021-4028}\n- drm/i915/adl_s: Remove require_force_probe protection (Michel Danzer) [2025896]\n- drm/i915/adl_s: Update ADL-S PCI IDs (Michel Danzer) [2025896]\n- drm/i915: Limit Wa_22010178259 to affected platforms (Michel Danzer) [2025896]\n- drm/i915/adl_s: Fix dma_mask_size to 39 bit (Michel Danzer) [2025896]\n- drm/i915/dmc: Update DMC to v2.14 on ADL-P (Michel Danzer) [2060051]\n- drm/i915: Update memory bandwidth formulae (Michel Danzer) [2060051]\n- drm/i915/fb: Fold modifier CCS type/tiling attribute to plane caps (Michel Danzer) [2060051]\n- drm/i915/fb: Dont store bitmasks in the intel_plane_caps enum (Michel Danzer) [2060051]\n- drm/i915/adl_p: Add ddc pin mapping (Michel Danzer) [2060051]\n- iommu/amd: Fix I/O page table memory leak (Jerry Snitselaar) [2053210]\n- iommu/amd: Recover from event log overflow (Jerry Snitselaar) [2053210]\n[4.18.0-372.5.1]\n- scsi: mpi3mr: Fix flushing !WQ_MEM_RECLAIM events warning (Tomas Henzl) [2052278]\n- scsi: mpi3mr: Fix memory leaks (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Fix reporting of actual data transfer size (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Fix cmnd getting marked as in use forever (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Fix hibernation issue (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Fix printing of pending I/O count (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Fix deadlock while canceling the fw event (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Fixes around reply request queues (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Enhanced Task Management Support Reply handling (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Use TM response codes from MPI3 headers (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Increase internal cmnds timeout to 60s (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Do access status validation before adding devices (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Update MPI3 headers - part2 (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Update MPI3 headers - part1 (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Dont reset IOC if cmnds flush with reset status (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Replace spin_lock() with spin_lock_irqsave() (Tomas Henzl) [2054814]\n- scsi: mpi3mr: Add debug APIs based on logging_level bits (Tomas Henzl) [2054814]\n- scsi: mpt3sas: Remove scsi_dma_map() error messages (Tomas Henzl) [2057021]\n- net/mlx5: Fix wrong limitation of metadata match on ecpf (Amir Tzin) [2049094]\n- nfsd: fix use-after-free due to delegation race (Thiago Becker) [2053262]\n- dma-buf: cma_heap: Fix mutex locking section (Michel Danzer) [2044440]\n- drm/amdkfd: Check for null pointer after calling kmemdup (Michel Danzer) [2044440]\n- drm/atomic: Check new_crtc_state->active to determine if CRTC needs disable in self refresh mode (Michel Danzer) [2044440]\n- drm/amd: avoid suspend on dGPUs w/ s2idle support when runtime PM enabled (Michel Danzer) [2044440]\n- drm/i915/overlay: Prevent divide by zero bugs in scaling (Michel Danzer) [2044440]\n- dma-buf: heaps: Fix potential spectre v1 gadget (Michel Danzer) [2044440]\n- drm/amd/display: Force link_rate as LINK_RATE_RBR2 for 2018 15 Apple Retina panels (Michel Danzer) [2044440]\n- drm/amd/display: watermark latencies is not enough on DCN31 (Michel Danzer) [2044440]\n- drm/amd/pm: correct the MGpuFanBoost support for Beige Goby (Michel Danzer) [2044440]\n- drm/i915/adlp: Fix TypeC PHY-ready status readout (Michel Danzer) [2044440]\n- drm/nouveau: fix off by one in BIOS boundary checking (Michel Danzer) [2044440]\n- drm/i915: Disable DSB usage for now (Michel Danzer) [2044440]\n- Revert 'drm/ast: Support 1600x900 with 108MHz PCLK' (Michel Danzer) [2044440]\n- drm/amd/display: Fix FP start/end for dcn30_internal_validate_bw. (Michel Danzer) [2044440]\n- drm/atomic: Add the crtc to affected crtc only if uapi.enable = true (Michel Danzer) [2044440]\n- drm/amdgpu: Use correct VIEWPORT_DIMENSION for DCN2 (Michel Danzer) [2044440]\n- drm/amd/display: reset dcn31 SMU mailbox on failures (Michel Danzer) [2044440]\n- drm/vmwgfx: Remove explicit transparent hugepages support (Michel Danzer) [2044440]\n- drm/radeon: fix error handling in radeon_driver_open_kms (Michel Danzer) [2044440]\n- drm/i915/display/ehl: Update voltage swing table (Michel Danzer) [2044440]\n- drm/nouveau/kms/nv04: use vzalloc for nv04_display (Michel Danzer) [2044440]\n- drm/amd/display: Fix the uninitialized variable in enable_stream_features() (Michel Danzer) [2044440]\n- amdgpu/pm: Make sysfs pm attributes as read-only for VFs (Michel Danzer) [2044440]\n- drm/amdgpu: fixup bad vram size on gmc v8 (Michel Danzer) [2044440]\n- drm/amd/amdgpu: fix gmc bo pin count leak in SRIOV (Michel Danzer) [2044440]\n- drm/amd/amdgpu: fix psp tmr bo pin count leak in SRIOV (Michel Danzer) [2044440]\n- drm/amdkfd: Fix error handling in svm_range_add (Michel Danzer) [2044440]\n- drm/vmwgfx: Introduce a new placement for MOB page tables (Michel Danzer) [2044440]\n- drm/vmwgfx: Release ttm memory if probe fails (Michel Danzer) [2044440]\n- drm/amd/display: add else to avoid double destroy clk_mgr (Michel Danzer) [2044440]\n- drm/amdgpu/display: set vblank_disable_immediate for DC (Michel Danzer) [2044440]\n- drm/amd/display: check top_pipe_to_program pointer (Michel Danzer) [2044440]\n- drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L (Michel Danzer) [2044440]\n- drm/amd/display: Fix out of bounds access on DNC31 stream encoder regs (Michel Danzer) [2044440]\n- drm/amd/display: Fix bug in debugfs crc_win_update entry (Michel Danzer) [2044440]\n- drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() (Michel Danzer) [2044440]\n- drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() (Michel Danzer) [2044440]\n- drm/vmwgfx: Fail to initialize on broken configs (Michel Danzer) [2044440]\n- drm/vmwgfx: Remove the deprecated lower mem limit (Michel Danzer) [2044440]\n- drm/vboxvideo: fix a NULL vs IS_ERR() check (Michel Danzer) [2044440]\n- drm: fix null-ptr-deref in drm_dev_init_release() (Michel Danzer) [2044440]\n- drm/ttm: Put BO in its memory managers lru list (Michel Danzer) [2044440]\n- dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled() (Michel Danzer) [2044440]\n- drm/amd/display: explicitly set is_dsc_supported to false before use (Michel Danzer) [2044440]\n- drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() (Michel Danzer) [2044440]\n- drm/amd/pm: keep the BACO feature enabled for suspend (Michel Danzer) [2044440]\n- Revert 'drm/amdgpu: stop scheduler when calling hw_fini (v2)' (Michel Danzer) [2044440]\n- drm/amd/display: Added power down for DCN10 (Michel Danzer) [2044440]\n- drm/amd/display: fix B0 TMDS deepcolor no dislay issue (Michel Danzer) [2044440]\n- drm/amdgpu: put SMU into proper state on runpm suspending for BOCO capable platform (Michel Danzer) [2044440]\n- drm/amd/pm: skip setting gfx cgpg in the s0ix suspend-resume (Michel Danzer) [2044440]\n- drm/amd/pm: Fix xgmi link control on aldebaran (Michel Danzer) [2044440]\n- drm/amdgpu: fix dropped backing store handling in amdgpu_dma_buf_move_notify (Michel Danzer) [2044440]\n- drm/amd/display: Changed pipe split policy to allow for multi-display pipe split (Michel Danzer) [2044440]\n- drm/amdgpu: add support for IP discovery gc_info table v2 (Michel Danzer) [2044440]\n- drm/amdgpu: When the VCN(1.0) block is suspended, powergating is explicitly enabled (Michel Danzer) [2044440]\n- drm/nouveau: wait for the exclusive fence after the shared ones v2 (Michel Danzer) [2044440]\n- drm/nouveau: always wait for the exclusive fence (Michel Danzer) [2044440]\n- drm/amd/display: Set optimize_pwr_state for DCN31 (Michel Danzer) [2044440]\n- drm/amd/display: Send s0i2_rdy in stream_count == 0 optimization (Michel Danzer) [2044440]\n- drm/amd/pm: fix reading SMU FW version from amdgpu_firmware_info on YC (Michel Danzer) [2044440]\n- drm/amdgpu: dont override default ECO_BITs setting (Michel Danzer) [2044440]\n- drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE (Michel Danzer) [2044440]\n- drm/amd/pm: fix a potential gpu_metrics_table memory leak (Michel Danzer) [2044440]\n- drm/amd/display: Set exit_optimized_pwr_state for DCN31 (Michel Danzer) [2044440]\n- drm/i915/display: Fix an unsigned subtraction which can never be negative. (Michel Danzer) [2044440]\n- drm/ast: potential dereference of null pointer (Michel Danzer) [2044440]\n- drm: simpledrm: fix wrong unit with pixel clock (Michel Danzer) [2044440]\n- Revert 'drm/fb-helper: improve DRM fbdev emulation device names' (Michel Danzer) [2044440]\n- drm/i915/hdmi: Turn DP++ TMDS output buffers back on in encoder->shutdown() (Michel Danzer) [2044440]\n- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915 (Michel Danzer) [2044440]\n- drm/amdkfd: process_info lock not needed for svm (Michel Danzer) [2044440]\n- drm/amd/display: add connector type check for CRC source set (Michel Danzer) [2044440]\n- drm/amdkfd: fix double free mem structure (Michel Danzer) [2044440]\n- drm/amd/display: Fix for the no Audio bug with Tiled Displays (Michel Danzer) [2044440]\n- drm/amdgpu: check atomic flag to differeniate with legacy path (Michel Danzer) [2044440]\n- drm/amd/display: Fix DPIA outbox timeout after S3/S4/reset (Michel Danzer) [2044440]\n- drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence. (Michel Danzer) [2044440]\n- drm/i915/dp: Perform 30ms delay after source OUI write (Michel Danzer) [2044440]\n- drm/amd/display: Allow DSC on supported MST branch devices (Michel Danzer) [2044440]\n- dma-buf: system_heap: Use 'for_each_sgtable_sg' in pages free flow (Michel Danzer) [2044440]\n- drm/amd/amdgpu: fix potential memleak (Michel Danzer) [2044440]\n- drm/amd/amdkfd: Fix kernel panic when reset failed and been triggered again (Michel Danzer) [2044440]\n- drm/amd/pm: Remove artificial freq level on Navi1x (Michel Danzer) [2044440]\n- drm/amdgpu/gfx9: switch to golden tsc registers for renoir+ (Michel Danzer) [2044440]\n- drm/amd/display: Set plane update flags for all planes in reset (Michel Danzer) [2044440]\n- drm/amd/display: Fix DPIA outbox timeout after GPU reset (Michel Danzer) [2044440]\n- drm/aspeed: Fix vga_pw sysfs output (Michel Danzer) [2044440]\n- drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks (Michel Danzer) [2044440]\n- drm/amd/display: Fix OLED brightness control on eDP (Michel Danzer) [2044440]\n- drm/amdgpu: IH process reset count when restart (Michel Danzer) [2044440]\n- drm/amd/pm: avoid duplicate powergate/ungate setting (Michel Danzer) [2044440]\n- drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors (Michel Danzer) [2044440]\n- drm/i915: Fix type1 DVI DP dual mode adapter heuristic for modern platforms (Michel Danzer) [2044440]\n- drm/i915/dp: Ensure max link params are always valid (Michel Danzer) [2044440]\n- drm/i915/dp: Ensure sink rate values are always valid (Michel Danzer) [2044440]\n- drm/prime: Fix use after free in mmap with drm_gem_ttm_mmap (Michel Danzer) [2044440]\n- drm/udl: fix control-message timeout (Michel Danzer) [2044440]\n- drm/amd/display: Limit max DSC target bpp for specific monitors (Michel Danzer) [2044440]\n- drm/amd/display: Update swizzle mode enums (Michel Danzer) [2044440]\n- drm/cma-helper: Release non-coherent memory with dma_free_noncoherent() (Michel Danzer) [2044440]\n- Revert 'drm/i915/tgl/dsi: Gate the ddi clocks after pll mapping' (Michel Danzer) [2044440]\n- drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame (Michel Danzer) [2044440]\n- x86/speculation: Check CPU capability before applying IBRS spectre v2 mitigation (Waiman Long) [2062156 2062166] {CVE-2022-0001 CVE-2022-0002 CVE-2021-26401}\n- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (Waiman Long) [2062156 2062166] {CVE-2022-0001 CVE-2022-0002 CVE-2021-26401}\n- x86/speculation: Warn about Spectre v2 LFENCE mitigation (Waiman Long) [2062156 2062166] {CVE-2022-0001 CVE-2022-0002 CVE-2021-26401}\n- x86/speculation: Update link to AMD speculation whitepaper (Waiman Long) [2062166] {CVE-2021-26401}\n- x86/speculation: Use generic retpoline by default on AMD (Waiman Long) [2062166] {CVE-2021-26401}\n- x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Waiman Long) [2062156] {CVE-2022-0001 CVE-2022-0002}\n- Documentation/hw-vuln: Update spectre doc (Waiman Long) [2062156] {CVE-2022-0001 CVE-2022-0002}\n- x86/speculation: Add eIBRS + Retpoline options (Waiman Long) [2062156] {CVE-2022-0001 CVE-2022-0002}\n- x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE (Waiman Long) [2062156] {CVE-2022-0001 CVE-2022-0002}\n- x86,bugs: Unconditionally allow spectre_v2=retpoline,amd (Waiman Long) [2062156] {CVE-2022-0001 CVE-2022-0002}\n- x86: deduplicate the spectre_v2_user documentation (Waiman Long) [2062156] {CVE-2022-0001 CVE-2022-0002}\n- fuse: fix pipe buffer lifetime for direct_io (Miklos Szeredi) [2064863] {CVE-2022-1011}\n- ice: Do not enable VLAN pruning when spoofchk is enabled (Ivan Vecera) [2062343]\n- ice: dont allow to run ice_send_event_to_aux() in atomic ctx (Ivan Vecera) [2062343]\n- ice: fix 'scheduling while atomic' on aux critical err interrupt (Ivan Vecera) [2062343]\n- ice: Fix MAC address setting (Ivan Vecera) [2062343]\n- ice: Clear default forwarding VSI during release (Ivan Vecera) [2062343]\n- ice: Fix broken IFF_ALLMULTI handling (Ivan Vecera) [2062343]\n- iavf: Fix hang during reboot/shutdown (Ivan Vecera) [2062343]\n- iavf: Fix double free in iavf_reset_task (Ivan Vecera) [2062343]\n- ice: destroy flow director filter mutex after releasing VSIs (Ivan Vecera) [2062343]\n- ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() (Ivan Vecera) [2062343]\n- iavf: Fix adopting new combined setting (Ivan Vecera) [2062343]\n- iavf: Fix handling of vlan strip virtual channel messages (Ivan Vecera) [2062343]\n- iavf: Fix __IAVF_RESETTING state usage (Ivan Vecera) [2062343]\n- iavf: Fix missing check for running netdev (Ivan Vecera) [2062343]\n- iavf: Fix deadlock in iavf_reset_task (Ivan Vecera) [2062343]\n- iavf: Fix race in init state (Ivan Vecera) [2062343]\n- iavf: Fix locking for VIRTCHNL_OP_GET_OFFLOAD_VLAN_V2_CAPS (Ivan Vecera) [2062343]\n- iavf: Fix init state closure on remove (Ivan Vecera) [2062343]\n- iavf: Add waiting so the port is initialized in remove (Ivan Vecera) [2062343]\n- iavf: Rework mutexes for better synchronisation (Ivan Vecera) [2062343]\n- iavf: remove an unneeded variable (Ivan Vecera) [2062343]\n- iavf: Fix limit of total number of queues to active queues of VF (Ivan Vecera) [2062343]\n- iavf: Restrict maximum VLAN filters for VIRTCHNL_VF_OFFLOAD_VLAN_V2 (Ivan Vecera) [2062343]\n- iavf: Add support for VIRTCHNL_VF_OFFLOAD_VLAN_V2 offload enable/disable (Ivan Vecera) [2062343]\n- iavf: Add support for VIRTCHNL_VF_OFFLOAD_VLAN_V2 hotpath (Ivan Vecera) [2062343]\n- iavf: Add support VIRTCHNL_VF_OFFLOAD_VLAN_V2 during netdev config (Ivan Vecera) [2062343]\n- iavf: Add support for VIRTCHNL_VF_OFFLOAD_VLAN_V2 negotiation (Ivan Vecera) [2062343]\n- virtchnl: Add support for new VLAN capabilities (Ivan Vecera) [2062343]\n- virtchnl: Use the BIT() macro for capability/offload flags (Ivan Vecera) [2062343]\n- virtchnl: Remove unused VIRTCHNL_VF_OFFLOAD_RSVD define (Ivan Vecera) [2062343]\n- virtchnl: Add missing padding to virtchnl_proto_hdrs (Ivan Vecera) [2062343]\n- ice: Fix race condition during interface enslave (Ivan Vecera) [2062343]\n- ice: Fix curr_link_speed advertised speed (Ivan Vecera) [2062343]\n- ice: Dont use GFP_KERNEL in atomic context (Ivan Vecera) [2062343]\n- ice: Fix error with handling of bonding MTU (Ivan Vecera) [2062343]\n- ice: stop disabling VFs due to PF error responses (Ivan Vecera) [2062343]\n- ice: initialize local variable 'tlv' (Ivan Vecera) [2062343]\n- ice: check the return of ice_ptp_gettimex64 (Ivan Vecera) [2062343]\n- ice: fix concurrent reset and removal of VFs (Ivan Vecera) [2062343]\n- ice: fix setting l4 port flag when adding filter (Ivan Vecera) [2062343]\n- ice: Match on all profiles in slow-path (Ivan Vecera) [2062343]\n- ice: enable parsing IPSEC SPI headers for RSS (Ivan Vecera) [2062343]\n- ice: Avoid RTNL lock when re-creating auxiliary device (Ivan Vecera) [2062343]\n- ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler (Ivan Vecera) [2062343]\n- ice: fix IPIP and SIT TSO offload (Ivan Vecera) [2062343]\n- ice: fix an error code in ice_cfg_phy_fec() (Ivan Vecera) [2062343]\n- ice: Use bitmap_free() to free bitmap (Ivan Vecera) [2062343]\n- ice: Optimize a few bitmap operations (Ivan Vecera) [2062343]\n- ice: Slightly simply ice_find_free_recp_res_idx (Ivan Vecera) [2062343]\n- ice: improve switchdevs slow-path (Ivan Vecera) [2062343]\n- ice: replay advanced rules after reset (Ivan Vecera) [2062343]\n- ice: Add flow director support for channel mode (Ivan Vecera) [2062343]\n- ice: trivial: fix odd indenting (Ivan Vecera) [2062343]\n- ice: support crosstimestamping on E822 devices if supported (Ivan Vecera) [2062343]\n- ice: exit bypass mode once hardware finishes timestamp calibration (Ivan Vecera) [2062343]\n- ice: ensure the hardware Clock Generation Unit is configured (Ivan Vecera) [2062343]\n- ice: implement basic E822 PTP support (Ivan Vecera) [2062343]\n- ice: convert clk_freq capability into time_ref (Ivan Vecera) [2062343]\n- ice: introduce ice_ptp_init_phc function (Ivan Vecera) [2062343]\n- ice: use 'int err' instead of 'int status' in ice_ptp_hw.c (Ivan Vecera) [2062343]\n- ice: PTP: move setting of tstamp_config (Ivan Vecera) [2062343]\n- ice: introduce ice_base_incval function (Ivan Vecera) [2062343]\n- ice: xsk: fix cleaned_count setting (Ivan Vecera) [2062343]\n- ice: xsk: allow empty Rx descriptors on XSK ZC data path (Ivan Vecera) [2062343]\n- ice: xsk: allocate separate memory for XDP SW ring (Ivan Vecera) [2062343]\n- ice: xsk: return xsk buffers back to pool when cleaning the ring (Ivan Vecera) [2062343]\n- ice: use modern kernel API for kick (Ivan Vecera) [2062343]\n- ice: tighter control over VSI_DOWN state (Ivan Vecera) [2062343]\n- ice: use prefetch methods (Ivan Vecera) [2062343]\n- ice: update to newer kernel API (Ivan Vecera) [2062343]\n- ice: support immediate firmware activation via devlink reload (Ivan Vecera) [2062343]\n- ice: reduce time to read Option ROM CIVD data (Ivan Vecera) [2062343]\n- ice: move ice_devlink_flash_update and merge with ice_flash_pldm_image (Ivan Vecera) [2062343]\n- ice: move and rename ice_check_for_pending_update (Ivan Vecera) [2062343]\n- ice: devlink: add shadow-ram region to snapshot Shadow RAM (Ivan Vecera) [2062343]\n- ice: Remove unused ICE_FLOW_SEG_HDRS_L2_MASK (Ivan Vecera) [2062343]\n- ice: Remove unnecessary casts (Ivan Vecera) [2062343]\n- ice: Propagate error codes (Ivan Vecera) [2062343]\n- ice: Remove excess error variables (Ivan Vecera) [2062343]\n- ice: Cleanup after ice_status removal (Ivan Vecera) [2062343]\n- ice: Remove enum ice_status (Ivan Vecera) [2062343]\n- ice: Use int for ice_status (Ivan Vecera) [2062343]\n- ice: Remove string printing for ice_status (Ivan Vecera) [2062343]\n- ice: Refactor status flow for DDP load (Ivan Vecera) [2062343]\n- ice: Refactor promiscuous functions (Ivan Vecera) [2062343]\n- ice: refactor PTYPE validating (Ivan Vecera) [2062343]\n- ice: Add package PTYPE enable information (Ivan Vecera) [2062343]\n- ice: safer stats processing (Ivan Vecera) [2062343]\n- ice: fix adding different tunnels (Ivan Vecera) [2062343]\n- ice: fix choosing UDP header type (Ivan Vecera) [2062343]\n- ice: ignore dropped packets during init (Ivan Vecera) [2062343]\n- ice: rearm other interrupt cause register after enabling VFs (Ivan Vecera) [2062343]\n- net/ice: Remove unused enum (Ivan Vecera) [2062343]\n- net/ice: Fix boolean assignment (Ivan Vecera) [2062343]\n- net/ice: Add support for enable_iwarp and enable_roce devlink param (Ivan Vecera) [2062343]\n- ice: avoid bpf_prog refcount underflow (Ivan Vecera) [2062343]\n- ice: fix vsi->txq_map sizing (Ivan Vecera) [2062343]\n- ice: Hide bus-info in ethtool for PRs in switchdev mode (Ivan Vecera) [2062343]\n- ice: Clear synchronized addrs when adding VFs in switchdev mode (Ivan Vecera) [2062343]\n- ice: fix error return code in ice_get_recp_frm_fw() (Ivan Vecera) [2062343]\n- ice: Fix clang -Wimplicit-fallthrough in ice_pull_qvec_from_rc() (Ivan Vecera) [2062343]\n- ice: Add support to print error on PHY FW load failure (Ivan Vecera) [2062343]\n- ice: Add support for changing MTU on PR in switchdev mode (Ivan Vecera) [2062343]\n- ice: send correct vc status in switchdev (Ivan Vecera) [2062343]\n- ice: support for GRE in eswitch (Ivan Vecera) [2062343]\n- ice: low level support for tunnels (Ivan Vecera) [2062343]\n- ice: VXLAN and Geneve TC support (Ivan Vecera) [2062343]\n- ice: support for indirect notification (Ivan Vecera) [2062343]\n- ice: Add tc-flower filter support for channel (Ivan Vecera) [2062343]\n- ice: enable ndo_setup_tc support for mqprio_qdisc (Ivan Vecera) [2062343]\n- ice: Add infrastructure for mqprio support via ndo_setup_tc (Ivan Vecera) [2062343]\n- ice: fix an error code in ice_ena_vfs() (Ivan Vecera) [2062343]\n- ice: use devm_kcalloc() instead of devm_kzalloc() (Ivan Vecera) [2062343]\n- ice: Make use of the helper function devm_add_action_or_reset() (Ivan Vecera) [2062343]\n- ice: Refactor PR ethtool ops (Ivan Vecera) [2062343]\n- ice: Forbid trusted VFs in switchdev mode (Ivan Vecera) [2062343]\n- ice: Manage act flags for switchdev offloads (Ivan Vecera) [2062343]\n- ice: introduce XDP_TX fallback path (Ivan Vecera) [2062343]\n- ice: optimize XDP_TX workloads (Ivan Vecera) [2062343]\n- ice: propagate xdp_ring onto rx_ring (Ivan Vecera) [2062343]\n- ice: do not create xdp_frame on XDP_TX (Ivan Vecera) [2062343]\n- ice: unify xdp_rings accesses (Ivan Vecera) [2062343]\n- ice: ndo_setup_tc implementation for PR (Ivan Vecera) [2062343]\n- ice: ndo_setup_tc implementation for PF (Ivan Vecera) [2062343]\n- ice: Allow changing lan_en and lb_en on all kinds of filters (Ivan Vecera) [2062343]\n- ice: cleanup rules info (Ivan Vecera) [2062343]\n- ice: allow deleting advanced rules (Ivan Vecera) [2062343]\n- ice: allow adding advanced rules (Ivan Vecera) [2062343]\n- ice: create advanced switch recipe (Ivan Vecera) [2062343]\n- ice: manage profiles and field vectors (Ivan Vecera) [2062343]\n- ice: implement low level recipes functions (Ivan Vecera) [2062343]\n- ice: add port representor ethtool ops and stats (Ivan Vecera) [2062343]\n- ice: switchdev slow path (Ivan Vecera) [2062343]\n- ice: rebuild switchdev when resetting all VFs (Ivan Vecera) [2062343]\n- ice: enable/disable switchdev when managing VFs (Ivan Vecera) [2062343]\n- ice: introduce new type of VSI for switchdev (Ivan Vecera) [2062343]\n- ice: set and release switchdev environment (Ivan Vecera) [2062343]\n- net: export metadata_dst_free() (Ivan Vecera) [2062343]\n- ice: allow changing lan_en and lb_en on dflt rules (Ivan Vecera) [2062343]\n- ice: manage VSI antispoof and destination override (Ivan Vecera) [2062343]\n- ice: allow process VF opcodes in different ways (Ivan Vecera) [2062343]\n- ice: introduce VF port representor (Ivan Vecera) [2062343]\n- ice: Move devlink port to PF/VF struct (Ivan Vecera) [2062343]\n- ice: support basic E-Switch mode control (Ivan Vecera) [2062343]\n- ethernet: use eth_hw_addr_set() for dev->addr_len cases (Ivan Vecera) [2062343]\n- ethernet: use eth_hw_addr_set() instead of ether_addr_copy() (Ivan Vecera) [2062343]\n- ice: Use xdp_buf instead of rx_buf for xsk zero-copy (Ivan Vecera) [2062343]\n- ice: fix FDIR init missing when reset VF (Ivan Vecera) [2062343]\n- intel: Remove rcu_read_lock() around XDP program invocation (Ivan Vecera) [2062343]\n- intel: Update drivers to use ethtool_sprintf (Ivan Vecera) [2062343]\n- ice: fix conversion to new udp_tunnel infrastructure (Ivan Vecera) [2062343]\n- intel-ethernet: clean up W=1 warnings in kdoc (Ivan Vecera) [2062343]\n- PCI: Use 'pci_channel_state_t' instead of 'enum pci_channel_state' (Ivan Vecera) [2062343]\n- treewide: Use sizeof_field() macro (Ivan Vecera) [2062343]\n- devlink: Add 'enable_iwarp' generic device param (Ivan Vecera) [2062343]\n- devlink: Add new 'enable_vnet' generic device param (Ivan Vecera) [2062343]\n- devlink: Add new 'enable_rdma' generic device param (Ivan Vecera) [2062343]\n- devlink: Add new 'enable_eth' generic device param (Ivan Vecera) [2062343]\n- gfs2: dequeue iopen holder in gfs2_inode_lookup error (Bob Peterson) [2061665]\n[4.18.0-372.4.1]\n- igb: refactor XDP registration (Corinna Vinschen) [2040171]\n- igc: avoid kernel warning when changing RX ring parameters (Corinna Vinschen) [2040171]\n- scsi: qedi: Fix cmd_cleanup_cmpl counter mismatch issue (Nilesh Javali) [2054565]\n- EDAC/amd64: Save max number of controllers for F19 M70 (Aristeu Rozanski) [2064285]\n- CI: Use 8.6-rt branch for r realtime_check (Chris White)\n- blk-mq: avoid extending delays of active hctx from blk_mq_delay_run_hw_queues (Ming Lei) [2046525]\n- tipc: fix incorrect order of state message data sanity check (Xin Long) [2048971]\n- tipc: improve size validations for received domain records (Xin Long) [2048971] {CVE-2022-0435}\n- efi/x86: Call efi_parse_options() from efi_main() (Lenny Szubowicz) [2049233]\n[4.18.0-372.3.1]\n- net/mlx5e: TC, Remove redundant error logging (Amir Tzin) [2023907]\n- net/mlx5: DR, Warn on failure to destroy objects due to refcount (Amir Tzin) [2022325]\n- net/mlx5: DR, Add support for dumping steering info (Amir Tzin) [2022325]\n- net/mlx5: DR, Add missing reserved fields to dr_match_param (Amir Tzin) [2022325]\n- net/mlx5: DR, Add check for flex parser ID value (Amir Tzin) [2022325]\n- net/mlx5: DR, Rename list field in matcher struct to list_node (Amir Tzin) [2022325]\n- net/mlx5: DR, Remove unused struct member in matcher (Amir Tzin) [2022325]\n- net/mlx5: DR, Fix error flow in creating matcher (Amir Tzin) [2022325]\n- net/mlx5e: Avoid implicit modify hdr for decap drop rule (Amir Tzin) [2015434]\n- net/mlx5e: TC, Fix memory leak with rules with internal port (Amir Tzin) [2015434]\n- net/mlx5e: Fix skb memory leak when TC classifier action offloads are disabled (Amir Tzin) [2015434]\n- net/mlx5: Fix some error handling paths in 'mlx5e_tc_add_fdb_flow()' (Amir Tzin) [2015434]\n- net/mlx5: E-Switch, Check group pointer before reading bw_share value (Amir Tzin) [2015434]\n- net/mlx5: E-Switch, fix single FDB creation on BlueField (Amir Tzin) [2015434]\n- net/mlx5: E-switch, Respect BW share of the new group (Amir Tzin) [2015434]\n- net/mlx5: DR, Fix check for unsupported fields in match param (Amir Tzin) [2015434]\n- net/mlx5: E-Switch, rebuild lag only when needed (Amir Tzin) [2015434]\n- net/mlx5e: Delete forward rule for ct or sample action (Amir Tzin) [2015434]\n- net/mlx5: E-Switch, Use indirect table only if all destinations support it (Amir Tzin) [2015434]\n- net/mlx5: Support internal port as decap route device (Amir Tzin) [2015434]\n- net/mlx5e: Term table handling of internal port rules (Amir Tzin) [2015434]\n- net/mlx5e: Add indirect tc offload of ovs internal port (Amir Tzin) [2015434]\n- net/{mlx5|nfp|bnxt}: Remove unnecessary RTNL lock assert (Amir Tzin) [2015434]\n- net/mlx5e: Offload internal port as encap route device (Amir Tzin) [2015434]\n- net/mlx5e: Offload tc rules that redirect to ovs internal port (Amir Tzin) [2015434]\n- net/mlx5e: Accept action skbedit in the tc actions list (Amir Tzin) [2015434]\n- net/mlx5: E-Switch, Add ovs internal port mapping to metadata support (Amir Tzin) [2015434]\n- net/mlx5e: Use generic name for the forwarding dev pointer (Amir Tzin) [2015434]\n- net/mlx5e: Refactor rx handler of represetor device (Amir Tzin) [2015434]\n- net/mlx5: DR, Add check for unsupported fields in match param (Amir Tzin) [2015434]\n- net/mlx5: Allow skipping counter refresh on creation (Amir Tzin) [2015434]\n- net/mlx5e: IPsec: Refactor checksum code in tx data path (Amir Tzin) [2015434]\n- net/mlx5: CT: Remove warning of ignore_flow_level support for VFs (Amir Tzin) [2015434]\n- net/mlx5: Add esw assignment back in mlx5e_tc_sample_unoffload() (Amir Tzin) [2015434]\n- net/mlx5: Bridge, fix uninitialized variable usage (Amir Tzin) [2015434]\n- net/mlx5: Lag, dont update lag if lag isnt supported (Amir Tzin) [2015434]\n- net/mlx5: E-switch, Return correct error code on group creation failure (Amir Tzin) [2015434]\n- net/mlx5: Bridge, support LAG (Amir Tzin) [2015434]\n- net/mlx5: Bridge, allow merged eswitch connectivity (Amir Tzin) [2015434]\n- net/mlx5: Bridge, extract FDB delete notification to function (Amir Tzin) [2015434]\n- net/mlx5: Bridge, identify port by vport_num+esw_owner_vhca_id pair (Amir Tzin) [2015434]\n- net/mlx5: Bridge, obtain core device from eswitch instead of priv (Amir Tzin) [2015434]\n- net/mlx5: Bridge, release bridge in same function where it is taken (Amir Tzin) [2015434]\n- net/mlx5: Lag, Create shared FDB when in switchdev mode (Amir Tzin) [2015434]\n- net/mlx5: E-Switch, add logic to enable shared FDB (Amir Tzin) [2015434]\n- net/mlx5: Lag, properly lock eswitch if needed (Amir Tzin) [2015434]\n- net/mlx5: Add send to vport rules on paired device (Amir Tzin) [2015434]\n- net/mlx5: E-Switch, Add event callback for representors (Amir Tzin) [2015434]\n- net/mlx5e: Use shared mappings for restoring from metadata (Amir Tzin) [2015434]\n- net/mlx5e: Add an option to create a shared mapping (Amir Tzin) [2015434]\n- net/mlx5: E-Switch, set flow source for send to uplink rule (Amir Tzin) [2015434]\n- RDMA/mlx5: Add shared FDB support (Amir Tzin) [2015434]\n- {net, RDMA}/mlx5: Extend send to vport rules (Amir Tzin) [2015434]\n- RDMA/mlx5: Fill port info based on the relevant eswitch (Amir Tzin) [2015434]\n- net/mlx5: Lag, add initial logic for shared FDB (Amir Tzin) [2015434]\n- net/mlx5: Return mdev from eswitch (Amir Tzin) [2015434]\n- net/mlx5: E-switch, Add QoS tracepoints (Amir Tzin) [2015434]\n- net/mlx5: E-switch, Allow to add vports to rate groups (Amir Tzin) [2015434]\n- net/mlx5: E-switch, Allow setting share/max tx rate limits of rate groups (Amir Tzin) [2015434]\n- net/mlx5: E-switch, Introduce rate limiting groups API (Amir Tzin) [2015434]\n- net/mlx5: E-switch, Enable devlink port tx_{share|max} rate control (Amir Tzin) [2015434]\n- net/mlx5: E-switch, Move QoS related code to dedicated file (Amir Tzin) [2015434]\n- net/mlx5e: TC, Support sample offload action for tunneled traffic (Amir Tzin) [2015434]\n- net/mlx5e: TC, Restore tunnel info for sample offload (Amir Tzin) [2015434]\n- net/mlx5e: TC, Remove CONFIG_NET_TC_SKB_EXT dependency when restoring tunnel (Amir Tzin) [2015434]\n- net/mlx5e: Refactor ct to use post action infrastructure (Amir Tzin) [2015434]\n- net/mlx5e: Introduce post action infrastructure (Amir Tzin) [2015434]\n- net/mlx5e: CT, Use xarray to manage fte ids (Amir Tzin) [2015434]\n- net/mlx5e: Move sample attribute to flow attribute (Amir Tzin) [2015434]\n- net/mlx5e: Move esw/sample to en/tc/sample (Amir Tzin) [2015434]\n- net/mlx5e: Remove mlx5e dependency from E-Switch sample (Amir Tzin) [2015434]\n- net/mlx5: DR, Fix querying eswitch manager vport for ECPF (Amir Tzin) [2018097]\n- net/mlx5: DR, Handle eswitch manager and uplink vports separately (Amir Tzin) [2018097]\n- net/mlx5: DR, Add missing string for action type SAMPLER (Amir Tzin) [2018097]\n- net/mlx5: DR, init_next_match only if needed (Amir Tzin) [2018097]\n- net/mlx5: DR, Increase supported num of actions to 32 (Amir Tzin) [2018097]\n- net/mlx5: DR, Add support for SF vports (Amir Tzin) [2018097]\n- net/mlx5: DR, Support csum recalculation flow table on SFs (Amir Tzin) [2018097]\n- net/mlx5: DR, Align error messages for failure to obtain vport caps (Amir Tzin) [2018097]\n- net/mlx5: DR, Add missing query for vport 0 (Amir Tzin) [2018097]\n- net/mlx5: DR, Replace local WIRE_PORT macro with the existing MLX5_VPORT_UPLINK (Amir Tzin) [2018097]\n- scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (Dick Kennedy) [1943202]\n- nvme-tcp: change target from tech-preview to unmaintained (John Meneghini) [2061577]\n- drm/amd/display: Dont reinitialize DMCUB on s0ix resume (Karol Herbst) [2059680]\n- tcp: Add snd_wnd to TCP_INFO (Davide Caratti) [2056608]\n- tcp: Add TCP_INFO counter for packets received out-of-order (Davide Caratti) [2056608]\n- net/mlx5: Move MODIFY_RQT command to ignore list in internal error state (Amir Tzin) [1982236]\n- net/mlx5e: Add TX max rate support for MQPRIO channel mode (Amir Tzin) [1982236]\n- net/mlx5e: Specify SQ stats struct for mlx5e_open_txqsq() (Amir Tzin) [1982236]\n- net/mlx5e: Allow only complete TXQs partition in MQPRIO channel mode (Amir Tzin) [1982236]\n- net/mlx5e: Mutually exclude setting of TX-port-TS and MQPRIO in channel mode (Amir Tzin) [1982236]\n- net/mlx5e: Fix condition when retrieving PTP-rqn (Amir Tzin) [1982236]\n- net/mlx5: Fix inner TTC table creation (Amir Tzin) [1982236]\n- net/mlx5e: Fix division by 0 in mlx5e_select_queue for representors (Amir Tzin) [1982236]\n- net/mlx5e: Improve MQPRIO resiliency (Amir Tzin) [1982236]\n- net/mlx5e: Support MQPRIO channel mode (Amir Tzin) [1982236]\n- net/mlx5e: Handle errors of netdev_set_num_tc() (Amir Tzin) [1982236]\n- net/mlx5e: Maintain MQPRIO mode parameter (Amir Tzin) [1982236]\n- net/mlx5e: Abstract MQPRIO params (Amir Tzin) [1982236]\n- net/mlx5e: Support flow classification into RSS contexts (Amir Tzin) [1982236]\n- net/mlx5e: Support multiple RSS contexts (Amir Tzin) [1982236]\n- net/mlx5e: Dynamically allocate TIRs in RSS contexts (Amir Tzin) [1982236]\n- net/mlx5e: Convert RSS to a dedicated object (Amir Tzin) [1982236]\n- net/mlx5e: Introduce abstraction of RSS context (Amir Tzin) [1982236]\n- net/mlx5e: Introduce TIR create/destroy API in rx_res (Amir Tzin) [1982236]\n- net/mlx5e: Do not try enable RSS when resetting indir table (Amir Tzin) [1982236]\n- net/mlx5: Embed mlx5_ttc_table (Amir Tzin) [1982236]\n- net/mlx5: Move TTC logic to fs_ttc (Amir Tzin) [1982236]\n- net/mlx5e: Decouple TTC logic from mlx5e (Amir Tzin) [1982236]\n- net/mlx5e: Rename some related TTC args and functions (Amir Tzin) [1982236]\n- net/mlx5e: Rename traffic type enums (Amir Tzin) [1982236]\n- net/mlx5e: Allocate the array of channels according to the real max_nch (Amir Tzin) [1982236]\n- net/mlx5e: Hide all implementation details of mlx5e_rx_res (Amir Tzin) [1982236]\n- net/mlx5e: Introduce mlx5e_channels API to get RQNs (Amir Tzin) [1982236]\n- net/mlx5e: Use a new initializer to build uniform indir table (Amir Tzin) [1982236]\n- net/mlx5e: Use the new TIR API for kTLS (Amir Tzin) [1982236]\n- net/mlx5e: Move management of indir traffic types to rx_res (Amir Tzin) [1982236]\n- net/mlx5e: Convert TIR to a dedicated object (Amir Tzin) [1982236]\n- net/mlx5e: Create struct mlx5e_rss_params_hash (Amir Tzin) [1982236]\n- net/mlx5e: Remove mdev from mlx5e_build_indir_tir_ctx_common() (Amir Tzin) [1982236]\n- net/mlx5e: Remove lro_param from mlx5e_build_indir_tir_ctx_common() (Amir Tzin) [1982236]\n- net/mlx5e: Remove mlx5e_priv usage from mlx5e_build_*tir_ctx*() (Amir Tzin) [1982236]\n- net/mlx5e: Use mlx5e_rqt_get_rqtn to access RQT hardware id (Amir Tzin) [1982236]\n- net/mlx5e: Take RQT out of TIR and group RX resources (Amir Tzin) [1982236]\n- net/mlx5e: Move RX resources to a separate struct (Amir Tzin) [1982236]\n- net/mlx5e: Move mlx5e_build_rss_params() call to init_rx (Amir Tzin) [1982236]\n- net/mlx5e: Convert RQT to a dedicated object (Amir Tzin) [1982236]\n- net/mlx5e: Check if inner FT is supported outside of create/destroy functions (Amir Tzin) [1982236]\n- net/mlx5: Take TIR destruction out of the TIR list lock (Amir Tzin) [1982236]\n- PCI: pciehp: Ignore Link Down/Up caused by error-induced Hot Reset (Myron Stowe) [2060122]\n- PCI/portdrv: Rename pm_iter() to pcie_port_device_iter() (Myron Stowe) [2060122]\n- iommu/vt-d: Fix double list_add when enabling VMD in scalable mode (Jerry Snitselaar) [2062094]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-17T00:00:00", "type": "oraclelinux", "title": "kernel security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-0404", "CVE-2020-13974", "CVE-2020-27820", "CVE-2020-4788", "CVE-2021-0941", "CVE-2021-20322", "CVE-2021-21781", "CVE-2021-26401", "CVE-2021-29154", "CVE-2021-3612", "CVE-2021-3669", "CVE-2021-37159", "CVE-2021-3743", "CVE-2021-3744", "CVE-2021-3752", "CVE-2021-3759", "CVE-2021-3764", "CVE-2021-3772", "CVE-2021-3773", "CVE-2021-4002", "CVE-2021-4037", "CVE-2021-4083", "CVE-2021-4157", "CVE-2021-41864", "CVE-2021-4197", "CVE-2021-4203", "CVE-2021-42739", "CVE-2021-43056", "CVE-2021-43389", "CVE-2021-43976", "CVE-2021-44733", "CVE-2021-45485", "CVE-2021-45486", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0286", "CVE-2022-0322", "CVE-2022-1011"], "modified": "2022-05-17T00:00:00", "id": "ELSA-2022-1988", "href": "http://linux.oracle.com/errata/ELSA-2022-1988.html", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-07-14T14:38:10", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:3743-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-20T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 20 for SLE 15 SP2) (SUSE-SU-2021:3743-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-41864"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_86-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_27-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3743-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155649", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3743-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155649);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3743-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 20 for SLE 15 SP2) (SUSE-SU-2021:3743-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-\nSU-2021:3743-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009751.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?82973571\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-24_86-default and / or kernel-livepatch-5_3_18-59_27-default packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_86-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_27-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-livepatch-5_3_18-24_86-default-2-2.3', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']},\n {'reference':'kernel-livepatch-5_3_18-59_27-default-2-2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-24_86-default / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:37:26", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:3712-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-18T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 14 for SLE 15 SP2) (SUSE-SU-2021:3712-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-41864"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_67-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3712-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155580", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3712-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155580);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3712-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 14 for SLE 15 SP2) (SUSE-SU-2021:3712-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-\nSU-2021:3712-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009739.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ce17d386\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-24_67-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_67-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-livepatch-5_3_18-24_67-default-6-2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-24_67-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:26", "description": "The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9623 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-20T00:00:00", "type": "nessus", "title": "Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9623)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-41864"], "modified": "2021-12-20T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-uek-container", "p-cpe:/a:oracle:linux:kernel-uek-container-debug"], "id": "ORACLELINUX_ELSA-2021-9623.NASL", "href": "https://www.tenable.com/plugins/nessus/156205", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-9623.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156205);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/20\");\n\n script_cve_id(\"CVE-2021-41864\");\n\n script_name(english:\"Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9623)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2021-9623 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-9623.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-uek-container and / or kernel-uek-container-debug packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-container-debug\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7 / 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.4.17-2136.302.6.1.el7', '5.4.17-2136.302.6.1.el8'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2021-9623');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.4';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-container-5.4.17-2136.302.6.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-5.4.17'},\n {'reference':'kernel-uek-container-debug-5.4.17-2136.302.6.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-debug-5.4.17'},\n {'reference':'kernel-uek-container-5.4.17-2136.302.6.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-5.4.17'},\n {'reference':'kernel-uek-container-debug-5.4.17-2136.302.6.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-debug-5.4.17'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek-container / kernel-uek-container-debug');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:28", "description": "The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9621 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-12-20T00:00:00", "type": "nessus", "title": "Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9621)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-41864"], "modified": "2021-12-20T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-tools", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2021-9621.NASL", "href": "https://www.tenable.com/plugins/nessus/156204", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-9621.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156204);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/20\");\n\n script_cve_id(\"CVE-2021-41864\");\n\n script_name(english:\"Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9621)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2021-9621 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-9621.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7 / 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.4.17-2136.302.6.1.el7uek', '5.4.17-2136.302.6.1.el8uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2021-9621');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.4';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-5.4.17-2136.302.6.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-5.4.17-2136.302.6.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.302.6.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.302.6.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.302.6.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.302.6.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.302.6.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.302.6.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-doc-5.4.17-2136.302.6.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'},\n {'reference':'kernel-uek-tools-5.4.17-2136.302.6.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},\n {'reference':'kernel-uek-tools-5.4.17-2136.302.6.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},\n {'reference':'kernel-uek-tools-libs-5.4.17-2136.302.6.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-5.4.17'},\n {'reference':'perf-5.4.17-2136.302.6.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-5.4.17-2136.302.6.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-5.4.17-2136.302.6.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-5.4.17-2136.302.6.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.302.6.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.302.6.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.302.6.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.302.6.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.302.6.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.302.6.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-doc-5.4.17-2136.302.6.1.el8uek', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-16T15:15:08", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3742-1 advisory.\n\n - This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14689. (CVE-2021-34866)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-20T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP3) (SUSE-SU-2021:3742-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34866", "CVE-2021-41864"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_5-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3742-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155650", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3742-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155650);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-34866\", \"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3742-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP3) (SUSE-SU-2021:3742-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:3742-1 advisory.\n\n - This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel\n 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in\n order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The\n issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a\n type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute\n arbitrary code in the context of the kernel. Was ZDI-CAN-14689. (CVE-2021-34866)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-34866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009753.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?96c1bbf6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-59_5-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-34866\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_5-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-livepatch-5_3_18-59_5-default-6-2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-59_5-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:40", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-12-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2919)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-40490", "CVE-2021-41864"], "modified": "2021-12-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2919.NASL", "href": "https://www.tenable.com/plugins/nessus/156415", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156415);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/30\");\n\n script_cve_id(\"CVE-2021-40490\", \"CVE-2021-41864\");\n\n script_name(english:\"EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2919)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2919\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?86cdb5cb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.18.0-147.5.1.6.h585.eulerosv2r9\",\n \"kernel-tools-4.18.0-147.5.1.6.h585.eulerosv2r9\",\n \"kernel-tools-libs-4.18.0-147.5.1.6.h585.eulerosv2r9\",\n \"python3-perf-4.18.0-147.5.1.6.h585.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:38:34", "description": "The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3692-1 advisory.\n\n - In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References:\n Upstream kernel (CVE-2021-0935)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-18T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (Live Patch 24 for SLE 12 SP5) (SUSE-SU-2021:3692-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-0935", "CVE-2021-41864"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_91-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-3692-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155576", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3692-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155576);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-0935\", \"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3692-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (Live Patch 24 for SLE 12 SP5) (SUSE-SU-2021:3692-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:3692-1 advisory.\n\n - In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could\n lead to local escalation of privilege with System execution privileges needed. User interaction is not\n needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References:\n Upstream kernel (CVE-2021-0935)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-0935\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009742.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5e045f02\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kgraft-patch-4_12_14-122_91-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-0935\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_91-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kgraft-patch-4_12_14-122_91-default-2-2.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kgraft-patch-4_12_14-122_91-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:38:10", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3737-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-20T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP2) (SUSE-SU-2021:3737-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3752", "CVE-2021-41864"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_49-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3737-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155646", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3737-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155646);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-3752\", \"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3737-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP2) (SUSE-SU-2021:3737-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:3737-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to\n the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the\n system or escalate their privileges. The highest threat from this vulnerability is to confidentiality,\n integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190432\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3752\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009749.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3b42d591\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-24_49-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3752\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_49-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-livepatch-5_3_18-24_49-default-12-2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-24_49-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:50", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-12-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2912)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-40490", "CVE-2021-41864"], "modified": "2021-12-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2912.NASL", "href": "https://www.tenable.com/plugins/nessus/156414", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156414);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/30\");\n\n script_cve_id(\"CVE-2021-40490\", \"CVE-2021-41864\");\n\n script_name(english:\"EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2912)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2912\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8912202d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.19.90-vhulk2103.1.0.h588.eulerosv2r9\",\n \"kernel-tools-4.19.90-vhulk2103.1.0.h588.eulerosv2r9\",\n \"kernel-tools-libs-4.19.90-vhulk2103.1.0.h588.eulerosv2r9\",\n \"python3-perf-4.19.90-vhulk2103.1.0.h588.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T16:09:25", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3710-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-18T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 7 for SLE 15 SP2) (SUSE-SU-2021:3710-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3752", "CVE-2021-41864"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_37-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3710-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155582", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3710-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155582);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-3752\", \"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3710-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 7 for SLE 15 SP2) (SUSE-SU-2021:3710-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:3710-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to\n the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the\n system or escalate their privileges. The highest threat from this vulnerability is to confidentiality,\n integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190432\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3752\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009738.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9b1a2d52\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-24_37-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3752\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_37-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-livepatch-5_3_18-24_37-default-14-2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-24_37-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-15T18:46:17", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3718-1 advisory.\n\n - This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14689. (CVE-2021-34866)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-18T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 3 for SLE 15 SP3) (SUSE-SU-2021:3718-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34866", "CVE-2021-41864"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_13-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3718-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155579", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3718-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155579);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-34866\", \"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3718-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 3 for SLE 15 SP3) (SUSE-SU-2021:3718-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:3718-1 advisory.\n\n - This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel\n 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in\n order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The\n issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a\n type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute\n arbitrary code in the context of the kernel. Was ZDI-CAN-14689. (CVE-2021-34866)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-34866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009735.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1d2feb71\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-59_13-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-34866\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_13-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-livepatch-5_3_18-59_13-default-6-2.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-59_13-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T16:09:11", "description": "The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3735-1 advisory.\n\n - In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References:\n Upstream kernel (CVE-2021-0935)\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-20T00:00:00", "type": "nessus", "title": "SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 15 for SLE 12 SP5) (SUSE-SU-2021:3735-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-0935", "CVE-2021-3752", "CVE-2021-41864"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-4_12_14-150_66-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_60-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-95_74-default", "cpe:/o:novell:suse_linux:12", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3735-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155640", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3735-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155640);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-0935\", \"CVE-2021-3752\", \"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3735-1\");\n\n script_name(english:\"SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 15 for SLE 12 SP5) (SUSE-SU-2021:3735-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:3735-1 advisory.\n\n - In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could\n lead to local escalation of privilege with System execution privileges needed. User interaction is not\n needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References:\n Upstream kernel (CVE-2021-0935)\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to\n the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the\n system or escalate their privileges. The highest threat from this vulnerability is to confidentiality,\n integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190432\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-0935\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3752\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009747.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?19372059\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-4_12_14-150_66-default, kgraft-patch-4_12_14-122_60-default and / or kgraft-\npatch-4_12_14-95_74-default packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3752\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-4_12_14-150_66-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_60-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-95_74-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kgraft-patch-4_12_14-95_74-default-8-2.2', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.4']},\n {'reference':'kgraft-patch-4_12_14-122_60-default-12-2.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']},\n {'reference':'kernel-livepatch-4_12_14-150_66-default-12-2.2', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-4_12_14-150_66-default / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T16:08:01", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3738-1 advisory.\n\n - This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14689. (CVE-2021-34866)\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-20T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2021:3738-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34866", "CVE-2021-3752", "CVE-2021-41864"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-57-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3738-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155641", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3738-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155641);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2021-3752\", \"CVE-2021-34866\", \"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3738-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 0 for SLE 15 SP3) (SUSE-SU-2021:3738-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:3738-1 advisory.\n\n - This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel\n 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in\n order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The\n issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a\n type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute\n arbitrary code in the context of the kernel. Was ZDI-CAN-14689. (CVE-2021-34866)\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to\n the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the\n system or escalate their privileges. The highest threat from this vulnerability is to confidentiality,\n integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190432\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-34866\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3752\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-November/009754.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?01c958eb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-57-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3752\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-57-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-livepatch-5_3_18-57-default-8-3.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-57-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:34:52", "description": "The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-79cbbefebe advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-10-14T00:00:00", "type": "nessus", "title": "Fedora 35 : kernel (2021-79cbbefebe)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18808", "CVE-2021-3744", "CVE-2021-41864"], "modified": "2022-03-14T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:35", "p-cpe:/a:fedoraproject:fedora:kernel"], "id": "FEDORA_2021-79CBBEFEBE.NASL", "href": "https://www.tenable.com/plugins/nessus/154140", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2021-79cbbefebe\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154140);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/14\");\n\n script_cve_id(\"CVE-2021-3744\", \"CVE-2021-41864\");\n script_xref(name:\"FEDORA\", value:\"2021-79cbbefebe\");\n\n script_name(english:\"Fedora 35 : kernel (2021-79cbbefebe)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2021-79cbbefebe advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in\n drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2021-79cbbefebe\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Fedora' >!< release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^35([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 35', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3744', 'CVE-2021-41864');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for FEDORA-2021-79cbbefebe');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'reference':'kernel-5.14.10-300.fc35', 'release':'FC35', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T16:08:47", "description": "The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3684-1 advisory.\n\n - In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References:\n Upstream kernel (CVE-2021-0935)\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-18T00:00:00", "type": "nessus", "title": "SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 12 for SLE 12 SP5) (SUSE-SU-2021:3684-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-0935", "CVE-2021-3752", "CVE-2021-41864"], "modified": "2023-07-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-4_12_14-150_63-default", "p-cpe:/a:novell:suse_linux:kernel-livepatch-4_12_14-197_67-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_51-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-95_65-default", "cpe:/o:novell:suse_linux:12", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-3684-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155581", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3684-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155581);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/12\");\n\n script_cve_id(\"CVE-2021-0935\", \"CVE-2021-3752\", \"CVE-2021-41864\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3684-1\");\n\n script_name(english:\"SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 12 for SLE 12 SP5) (SUSE-SU-2021:3684-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:3684-1 advisory.\n\n - In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could\n lead to local escalation of privilege with System execution privileges needed. User interaction is not\n needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References:\n Upstream kernel (CVE-2021-0935)\n\n - A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to\n the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the\n system or escalate their privileges. The highest threat from this vulnerability is to confidentiality,\n integrity, as well as system availability. (CVE-2021-3752)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1190432\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1191318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.suse.com/pipermail/sle-updates/2021-November/020771.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-0935\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3752\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-41864\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-4_12_14-150_63-default, kernel-livepatch-4_12_14-197_67-default, kgraft-\npatch-4_12_14-122_51-default and / or kgraft-patch-4_12_14-95_65-default packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3752\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-4_12_14-150_63-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-4_12_14-197_67-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_51-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-95_65-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kgraft-patch-4_12_14-95_65-default-13-2.2', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.4']},\n {'reference':'kgraft-patch-4_12_14-122_51-default-15-2.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']},\n {'reference':'kernel-livepatch-4_12_14-150_63-default-14-2.2', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15']},\n {'reference':'kernel-livepatch-4_12_14-197_67-default-14-2.2', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.1']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-4_12_14-150_63-default / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:15:37", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. (CVE-2021-3669)\n\n - A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-3759)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-02-12T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : kernel (EulerOS-SA-2022-1046)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3669", "CVE-2021-3759", "CVE-2021-40490", "CVE-2021-41864"], "modified": "2023-03-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2022-1046.NASL", "href": "https://www.tenable.com/plugins/nessus/157928", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157928);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\n \"CVE-2021-3669\",\n \"CVE-2021-3759\",\n \"CVE-2021-40490\",\n \"CVE-2021-41864\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : kernel (EulerOS-SA-2022-1046)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large\n shared memory segment counts which could lead to resource exhaustion and DoS. (CVE-2021-3669)\n\n - A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem,\n in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local\n user to starve the resources, causing a denial of service. The highest threat from this vulnerability is\n to system availability. (CVE-2021-3759)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1046\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5ab5e810\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bpftool-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:43", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5140-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. (CVE-2021-3764)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (OEM 5.14) vulnerabilities (USN-5140-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18808", "CVE-2021-3744", "CVE-2021-3764", "CVE-2021-41864"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.14.0-1007-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.14.0-1007-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04d", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.14.0-1007-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04d", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.14.0-1007-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.14.0-1007-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04d", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-headers-5.14.0-1007", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-tools-5.14.0-1007", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.14.0-1007-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04d"], "id": "UBUNTU_USN-5140-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155232", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5140-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155232);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2021-3744\", \"CVE-2021-3764\", \"CVE-2021-41864\");\n script_xref(name:\"USN\", value:\"5140-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (OEM 5.14) vulnerabilities (USN-5140-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5140-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in\n drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker\n to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat\n from this vulnerability is to system availability. (CVE-2021-3764)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5140-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.14.0-1007-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.14.0-1007-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.14.0-1007-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.14.0-1007-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.14.0-1007-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-headers-5.14.0-1007\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-tools-5.14.0-1007\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.14.0-1007-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04d\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3744', 'CVE-2021-3764');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5140-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.14.0-1007-oem', 'pkgver': '5.14.0-1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.14.0-1007-oem', 'pkgver': '5.14.0-1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04d', 'pkgver': '5.14.0.1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.14.0-1007-oem', 'pkgver': '5.14.0-1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04d', 'pkgver': '5.14.0.1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.14.0-1007-oem', 'pkgver': '5.14.0-1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.14.0-1007-oem', 'pkgver': '5.14.0-1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04d', 'pkgver': '5.14.0.1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.14-headers-5.14.0-1007', 'pkgver': '5.14.0-1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.14-tools-5.14.0-1007', 'pkgver': '5.14.0-1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.14-tools-host', 'pkgver': '5.14.0-1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.14.0-1007-oem', 'pkgver': '5.14.0-1007.7'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04d', 'pkgver': '5.14.0.1007.7'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-buildinfo-5.14.0-1007-oem / linux-headers-5.14.0-1007-oem / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T15:00:24", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS. (CVE-2021-3669)\n\n - A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-3759)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2021-12-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-2805)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3669", "CVE-2021-3759", "CVE-2021-40490", "CVE-2021-41864"], "modified": "2023-03-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2805.NASL", "href": "https://www.tenable.com/plugins/nessus/156303", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156303);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\n \"CVE-2021-3669\",\n \"CVE-2021-3759\",\n \"CVE-2021-40490\",\n \"CVE-2021-41864\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-2805)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large\n shared memory segment counts which could lead to resource exhaustion and DoS. (CVE-2021-3669)\n\n - A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem,\n in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local\n user to starve the resources, causing a denial of service. The highest threat from this vulnerability is\n to system availability. (CVE-2021-3759)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2805\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8133fa37\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bpftool-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h1108.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:29:14", "description": "The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-031 advisory.\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-22T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-031)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18808", "CVE-2021-20321", "CVE-2021-3744", "CVE-2021-3764", "CVE-2021-41864"], "modified": "2023-09-05T00:00:00", "cpe": ["cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo"], "id": "AL2_ALASKERNEL-5_4-2022-031.NASL", "href": "https://www.tenable.com/plugins/nessus/163387", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.4-2022-031.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163387);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/05\");\n\n script_cve_id(\n \"CVE-2021-3744\",\n \"CVE-2021-3764\",\n \"CVE-2021-20321\",\n \"CVE-2021-41864\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-031)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-031 advisory.\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users\n do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in\n drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-031.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-20321.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3744.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3764.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-41864.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kpatch.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2021-3744\", \"CVE-2021-3764\", \"CVE-2021-20321\", \"CVE-2021-41864\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.4-2022-031\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-aarch64-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-x86_64-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:29:14", "description": "The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-027 advisory.\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-027)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18808", "CVE-2021-20321", "CVE-2021-3744", "CVE-2021-3764", "CVE-2021-41864"], "modified": "2023-09-05T00:00:00", "cpe": ["cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo"], "id": "AL2_ALASKERNEL-5_4-2022-027.NASL", "href": "https://www.tenable.com/plugins/nessus/163310", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.4-2022-027.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163310);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/05\");\n\n script_cve_id(\n \"CVE-2019-18808\",\n \"CVE-2021-3744\",\n \"CVE-2021-3764\",\n \"CVE-2021-20321\",\n \"CVE-2021-41864\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-027)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-027 advisory.\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel\n through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users\n do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in\n drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-027.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-20321.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3744.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3764.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-41864.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kpatch.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2019-18808\", \"CVE-2021-3744\", \"CVE-2021-3764\", \"CVE-2021-20321\", \"CVE-2021-41864\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.4-2022-027\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-aarch64-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-x86_64-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:27:47", "description": "The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-029 advisory.\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-029)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18808", "CVE-2021-20321", "CVE-2021-3744", "CVE-2021-3764", "CVE-2021-41864"], "modified": "2023-09-05T00:00:00", "cpe": ["cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo"], "id": "AL2_ALASKERNEL-5_4-2022-029.NASL", "href": "https://www.tenable.com/plugins/nessus/163323", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.4-2022-029.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163323);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/05\");\n\n script_cve_id(\n \"CVE-2019-18808\",\n \"CVE-2021-3744\",\n \"CVE-2021-3764\",\n \"CVE-2021-20321\",\n \"CVE-2021-41864\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-029)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-029 advisory.\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel\n through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users\n do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in\n drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-029.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-20321.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3744.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3764.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-41864.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kpatch.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2019-18808\", \"CVE-2021-3744\", \"CVE-2021-3764\", \"CVE-2021-20321\", \"CVE-2021-41864\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.4-2022-029\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-aarch64-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-x86_64-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:25:17", "description": "The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-009 advisory.\n\n - A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. (CVE-2021-20322)\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. (CVE-2021-3764)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-009)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18808", "CVE-2021-20322", "CVE-2021-3744", "CVE-2021-3764", "CVE-2021-41864"], "modified": "2023-09-05T00:00:00", "cpe": ["cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo"], "id": "AL2_ALASKERNEL-5_4-2022-009.NASL", "href": "https://www.tenable.com/plugins/nessus/160436", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.4-2022-009.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160436);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/05\");\n\n script_cve_id(\n \"CVE-2019-18808\",\n \"CVE-2021-3744\",\n \"CVE-2021-3764\",\n \"CVE-2021-20322\",\n \"CVE-2021-41864\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-009)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.4.156-83.273. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-009 advisory.\n\n - A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux\n kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an\n off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this\n vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source\n port randomization are indirectly affected as well. (CVE-2021-20322)\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel\n through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in\n drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker\n to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat\n from this vulnerability is to system availability. (CVE-2021-3764)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-009.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-20322.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3744.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3764.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-41864.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-20322\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kpatch.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2019-18808\", \"CVE-2021-3744\", \"CVE-2021-3764\", \"CVE-2021-20322\", \"CVE-2021-41864\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.4-2022-009\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-aarch64-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-x86_64-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.156-83.273.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-27T15:45:11", "description": "An update of the linux package has been released.\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation. (CVE-2021-41073)\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes. (CVE-2021-42252)", "cvss3": {}, "published": "2021-11-12T00:00:00", "type": "nessus", "title": "Photon OS 4.0: Linux PHSA-2021-4.0-0126", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16119", "CVE-2021-40490", "CVE-2021-41073", "CVE-2021-41864", "CVE-2021-42252"], "modified": "2021-11-15T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:4.0"], "id": "PHOTONOS_PHSA-2021-4_0-0126_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/155326", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2021-4.0-0126. The text\n# itself is copyright (C) VMware, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155326);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/15\");\n\n script_cve_id(\n \"CVE-2020-16119\",\n \"CVE-2021-40490\",\n \"CVE-2021-41073\",\n \"CVE-2021-41864\",\n \"CVE-2021-42252\"\n );\n\n script_name(english:\"Photon OS 4.0: Linux PHSA-2021-4.0-0126\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc/<pid>/maps for exploitation. (CVE-2021-41073)\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP\n socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux\n kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux\n kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite\n memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a\n certain comparison uses values that are not memory sizes. (CVE-2021-42252)\n\n\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-4.0-0126.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41073\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:4.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/PhotonOS/release');\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, 'PhotonOS');\nif (release !~ \"^VMware Photon (?:Linux|OS) 4\\.0(\\D|$)\") audit(AUDIT_OS_NOT, 'PhotonOS 4.0');\n\nif (!get_kb_item('Host/PhotonOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'PhotonOS', cpu);\n\nvar flag = 0;\n\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', reference:'linux-api-headers-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-devel-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-docs-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-drivers-gpu-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-oprofile-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-aws-sound-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-devel-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-docs-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-gpu-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-intel-sgx-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-drivers-sound-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-devel-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-esx-docs-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-oprofile-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-python3-perf-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-devel-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-rt-docs-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-devel-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-secure-docs-5.10.75-1.ph4')) flag++;\nif (rpm_check(release:'PhotonOS-4.0', cpu:'x86_64', reference:'linux-tools-5.10.75-1.ph4')) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-13T14:25:57", "description": "The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5209-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. (CVE-2021-3760)\n\n - A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.\n (CVE-2021-20317)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5209-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-20317", "CVE-2021-20321", "CVE-2021-3760", "CVE-2021-4002", "CVE-2021-41864", "CVE-2021-43389"], "modified": "2023-07-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1033-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1085-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1114-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1129-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-166-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-166-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-4.15.0-1105", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-4.15.0-1105", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1033-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1085-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1101-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1105-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1114-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1118-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1118-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1129-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-166", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-166-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-166-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-166-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-cloud-tools-4.15.0-166", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-tools-4.15.0-166", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1033-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1085-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1101-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1105-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1114-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1118-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1118-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1129-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-166-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-166-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-166-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1033-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1085-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1101-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1105-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1114-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1118-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-headers-4.15.0-1118", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-tools-4.15.0-1118", "p-cpe:/a:canonical:ubuntu_linux:linux-source", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1118-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1129-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-166-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-166-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-166-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1085-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1114-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1118-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1129-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-166-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-4.15.0-1085", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-4.15.0-1085", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-headers-4.15.0-1101", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-tools-4.15.0-1101", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-source-4.15.0", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1033-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1085-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1101-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1105-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1114-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1118-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1118-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1129-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-166", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-166-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-166-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-166-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-4.15.0-1118", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-4.15.0-1118", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-cloud-tools-4.15.0-1118", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-tools-4.15.0-1118", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-4.15.0-1118", "p-cpe:/a:canonical:ubuntu_linux:linux-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-cloud-tools-4.15.0-1129", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-headers-4.15.0-1129", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-tools-4.15.0-1129", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-4.15.0-1129", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-4.15.0-1129", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-4.15.0-1129", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1033-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1085-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1101-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1105-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1114-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1118-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1118-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1129-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-166-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-166-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-166-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1118-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1129-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-166", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-166-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-166-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-crashdump", "p-cpe:/a:canonical:ubuntu_linux:linux-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-headers-4.15.0-1033", "p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-tools-4.15.0-1033", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-headers-4.15.0-1114", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-tools-4.15.0-1114", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-4.15.0-1114", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-4.15.0-1114", "p-cpe:/a:canonical:ubuntu_linux:linux-generic"], "id": "UBUNTU_USN-5209-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156484", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5209-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156484);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/12\");\n\n script_cve_id(\n \"CVE-2021-3760\",\n \"CVE-2021-4002\",\n \"CVE-2021-20317\",\n \"CVE-2021-20321\",\n \"CVE-2021-41864\",\n \"CVE-2021-43389\"\n );\n script_xref(name:\"USN\", value:\"5209-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5209-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5209-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat\n to confidentiality, integrity, and system availability. (CVE-2021-3760)\n\n - A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the\n timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user\n privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.\n (CVE-2021-20317)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users\n do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in\n the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5209-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3760\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-4.15.0-1118\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-4.15.0-1118\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-cloud-tools-4.15.0-1118\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-tools-4.15.0-1118\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-4.15.0-1118\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-cloud-tools-4.15.0-1129\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-headers-4.15.0-1129\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-tools-4.15.0-1129\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-4.15.0-1129\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-4.15.0-1129\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-4.15.0-1129\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1033-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1085-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1101-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1105-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1114-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1118-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1118-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1129-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-166-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-166-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-166-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1118-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1129-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-166\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-166-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-166-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-crashdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-headers-4.15.0-1033\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-tools-4.15.0-1033\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-headers-4.15.0-1114\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-tools-4.15.0-1114\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-4.15.0-1114\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-4.15.0-1114\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1033-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1085-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1101-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1105-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1114-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1118-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1118-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1129-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-166\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-166-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-166-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-166-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-cloud-tools-4.15.0-166\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-tools-4.15.0-166\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1033-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1085-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1101-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1105-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1114-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1118-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1118-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1129-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-166-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-166-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-166-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1033-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1085-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1114-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1129-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-166-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-166-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-4.15.0-1105\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-4.15.0-1105\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1033-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1085-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1101-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1105-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1114-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1118-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1118-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1129-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-166-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-166-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-166-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1085-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1114-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1118-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1129-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-166-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-4.15.0-1085\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-4.15.0-1085\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-headers-4.15.0-1101\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-tools-4.15.0-1101\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-headers-4.15.0-1118\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-tools-4.15.0-1118\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-4.15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1033-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1085-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1101-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1105-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1114-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1118-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1118-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1129-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-166\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-166-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-166-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-166-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release || '18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'linux-aws-edge', 'pkgver': '4.15.0.1118.108'},\n {'osver': '16.04', 'pkgname': 'linux-aws-headers-4.15.0-1118', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-aws-hwe', 'pkgver': '4.15.0.1118.108'},\n {'osver': '16.04', 'pkgname': 'linux-aws-hwe-cloud-tools-4.15.0-1118', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-aws-hwe-tools-4.15.0-1118', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-azure', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-azure-cloud-tools-4.15.0-1129', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-azure-edge', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-azure-headers-4.15.0-1129', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-azure-tools-4.15.0-1129', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-166-generic', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-166-generic', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-azure-edge', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-gcp', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-gcp-headers-4.15.0-1114', 'pkgver': '4.15.0-1114.128~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-gcp-tools-4.15.0-1114', 'pkgver': '4.15.0-1114.128~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-generic-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-gke', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-166', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-166-generic', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-aws-hwe', 'pkgver': '4.15.0.1118.108'},\n {'osver': '16.04', 'pkgname': 'linux-headers-azure', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-headers-azure-edge', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-headers-gcp', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-headers-generic-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-headers-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-headers-gke', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-headers-oem', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-headers-oracle', 'pkgver': '4.15.0.1085.73'},\n {'osver': '16.04', 'pkgname': 'linux-headers-virtual-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-headers-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-hwe-cloud-tools-4.15.0-166', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-hwe-tools-4.15.0-166', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-166-generic', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-aws-hwe', 'pkgver': '4.15.0.1118.108'},\n {'osver': '16.04', 'pkgname': 'linux-image-azure', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-image-azure-edge', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-image-gcp', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-image-generic-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-image-gke', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-image-oem', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-image-oracle', 'pkgver': '4.15.0.1085.73'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-166-generic', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-virtual-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-image-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-166-generic', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-166-generic', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-aws-hwe', 'pkgver': '4.15.0.1118.108'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-azure-edge', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-gcp', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-gke', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-oem', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-oracle', 'pkgver': '4.15.0.1085.73'},\n {'osver': '16.04', 'pkgname': 'linux-oracle-headers-4.15.0-1085', 'pkgver': '4.15.0-1085.93~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-oracle-tools-4.15.0-1085', 'pkgver': '4.15.0-1085.93~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-signed-azure', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-signed-azure-edge', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-signed-generic-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-azure', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-azure-edge', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-oem', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-oracle', 'pkgver': '4.15.0.1085.73'},\n {'osver': '16.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-oem', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-signed-oracle', 'pkgver': '4.15.0.1085.73'},\n {'osver': '16.04', 'pkgname': 'linux-source-4.15.0', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-166-generic', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-aws-hwe', 'pkgver': '4.15.0.1118.108'},\n {'osver': '16.04', 'pkgname': 'linux-tools-azure', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-tools-azure-edge', 'pkgver': '4.15.0.1129.120'},\n {'osver': '16.04', 'pkgname': 'linux-tools-gcp', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-tools-generic-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-tools-gke', 'pkgver': '4.15.0.1114.115'},\n {'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-tools-oem', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-tools-oracle', 'pkgver': '4.15.0.1085.73'},\n {'osver': '16.04', 'pkgname': 'linux-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-virtual-hwe-16.04', 'pkgver': '4.15.0.166.158'},\n {'osver': '16.04', 'pkgname': 'linux-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.158'},\n {'osver': '18.04', 'pkgname': 'linux-aws-cloud-tools-4.15.0-1118', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-aws-headers-4.15.0-1118', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-aws-lts-18.04', 'pkgver': '4.15.0.1118.121'},\n {'osver': '18.04', 'pkgname': 'linux-aws-tools-4.15.0-1118', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-azure-4.15-cloud-tools-4.15.0-1129', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-azure-4.15-headers-4.15.0-1129', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-azure-4.15-tools-4.15.0-1129', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-azure-lts-18.04', 'pkgver': '4.15.0.1129.102'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1033-dell300x', 'pkgver': '4.15.0-1033.38'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1101-raspi2', 'pkgver': '4.15.0-1101.108'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1105-kvm', 'pkgver': '4.15.0-1105.107'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1118-snapdragon', 'pkgver': '4.15.0-1118.127'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-166-generic', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-166-generic-lpae', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-166', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-166-generic', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-azure-lts-18.04', 'pkgver': '4.15.0.1129.102'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-common', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-crashdump', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-dell300x', 'pkgver': '4.15.0.1033.35'},\n {'osver': '18.04', 'pkgname': 'linux-dell300x-headers-4.15.0-1033', 'pkgver': '4.15.0-1033.38'},\n {'osver': '18.04', 'pkgname': 'linux-dell300x-tools-4.15.0-1033', 'pkgver': '4.15.0-1033.38'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-4.15-headers-4.15.0-1114', 'pkgver': '4.15.0-1114.128'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-4.15-tools-4.15.0-1114', 'pkgver': '4.15.0-1114.128'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-lts-18.04', 'pkgver': '4.15.0.1114.133'},\n {'osver': '18.04', 'pkgname': 'linux-generic', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-generic-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1033-dell300x', 'pkgver': '4.15.0-1033.38'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1101-raspi2', 'pkgver': '4.15.0-1101.108'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1105-kvm', 'pkgver': '4.15.0-1105.107'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1118-snapdragon', 'pkgver': '4.15.0-1118.127'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-166', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-166-generic', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-166-generic-lpae', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-headers-aws-lts-18.04', 'pkgver': '4.15.0.1118.121'},\n {'osver': '18.04', 'pkgname': 'linux-headers-azure-lts-18.04', 'pkgver': '4.15.0.1129.102'},\n {'osver': '18.04', 'pkgname': 'linux-headers-dell300x', 'pkgver': '4.15.0.1033.35'},\n {'osver': '18.04', 'pkgname': 'linux-headers-gcp-lts-18.04', 'pkgver': '4.15.0.1114.133'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-kvm', 'pkgver': '4.15.0.1105.101'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-oracle-lts-18.04', 'pkgver': '4.15.0.1085.95'},\n {'osver': '18.04', 'pkgname': 'linux-headers-raspi2', 'pkgver': '4.15.0.1101.99'},\n {'osver': '18.04', 'pkgname': 'linux-headers-snapdragon', 'pkgver': '4.15.0.1118.121'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1033-dell300x', 'pkgver': '4.15.0-1033.38'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1101-raspi2', 'pkgver': '4.15.0-1101.108'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1105-kvm', 'pkgver': '4.15.0-1105.107'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1118-snapdragon', 'pkgver': '4.15.0-1118.127'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-166-generic', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-166-generic-lpae', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-image-aws-lts-18.04', 'pkgver': '4.15.0.1118.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-azure-lts-18.04', 'pkgver': '4.15.0.1129.102'},\n {'osver': '18.04', 'pkgname': 'linux-image-dell300x', 'pkgver': '4.15.0.1033.35'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-gcp-lts-18.04', 'pkgver': '4.15.0.1114.133'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-kvm', 'pkgver': '4.15.0.1105.101'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-oracle-lts-18.04', 'pkgver': '4.15.0.1085.95'},\n {'osver': '18.04', 'pkgname': 'linux-image-raspi2', 'pkgver': '4.15.0.1101.99'},\n {'osver': '18.04', 'pkgname': 'linux-image-snapdragon', 'pkgver': '4.15.0.1118.121'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1033-dell300x', 'pkgver': '4.15.0-1033.38'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-166-generic', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-kvm', 'pkgver': '4.15.0.1105.101'},\n {'osver': '18.04', 'pkgname': 'linux-kvm-headers-4.15.0-1105', 'pkgver': '4.15.0-1105.107'},\n {'osver': '18.04', 'pkgname': 'linux-kvm-tools-4.15.0-1105', 'pkgver': '4.15.0-1105.107'},\n {'osver': '18.04', 'pkgname': 'linux-libc-dev', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1033-dell300x', 'pkgver': '4.15.0-1033.38'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1101-raspi2', 'pkgver': '4.15.0-1101.108'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1105-kvm', 'pkgver': '4.15.0-1105.107'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1118-snapdragon', 'pkgver': '4.15.0-1118.127'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-166-generic', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-166-generic-lpae', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-166-generic', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-aws-lts-18.04', 'pkgver': '4.15.0.1118.121'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-azure-lts-18.04', 'pkgver': '4.15.0.1129.102'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-gcp-lts-18.04', 'pkgver': '4.15.0.1114.133'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-headers-4.15.0-1085', 'pkgver': '4.15.0-1085.93'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-lts-18.04', 'pkgver': '4.15.0.1085.95'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-tools-4.15.0-1085', 'pkgver': '4.15.0-1085.93'},\n {'osver': '18.04', 'pkgname': 'linux-raspi2', 'pkgver': '4.15.0.1101.99'},\n {'osver': '18.04', 'pkgname': 'linux-raspi2-headers-4.15.0-1101', 'pkgver': '4.15.0-1101.108'},\n {'osver': '18.04', 'pkgname': 'linux-raspi2-tools-4.15.0-1101', 'pkgver': '4.15.0-1101.108'},\n {'osver': '18.04', 'pkgname': 'linux-signed-azure-lts-18.04', 'pkgver': '4.15.0.1129.102'},\n {'osver': '18.04', 'pkgname': 'linux-signed-generic', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-generic-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-azure-lts-18.04', 'pkgver': '4.15.0.1129.102'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-generic', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-lowlatency', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-oracle-lts-18.04', 'pkgver': '4.15.0.1085.95'},\n {'osver': '18.04', 'pkgname': 'linux-signed-lowlatency', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-signed-oracle-lts-18.04', 'pkgver': '4.15.0.1085.95'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon', 'pkgver': '4.15.0.1118.121'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon-headers-4.15.0-1118', 'pkgver': '4.15.0-1118.127'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon-tools-4.15.0-1118', 'pkgver': '4.15.0-1118.127'},\n {'osver': '18.04', 'pkgname': 'linux-source', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-source-4.15.0', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1033-dell300x', 'pkgver': '4.15.0-1033.38'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1085-oracle', 'pkgver': '4.15.0-1085.93'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1101-raspi2', 'pkgver': '4.15.0-1101.108'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1105-kvm', 'pkgver': '4.15.0-1105.107'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1114-gcp', 'pkgver': '4.15.0-1114.128'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1118-aws', 'pkgver': '4.15.0-1118.125'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1118-snapdragon', 'pkgver': '4.15.0-1118.127'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1129-azure', 'pkgver': '4.15.0-1129.142'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-166', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-166-generic', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-166-generic-lpae', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-166-lowlatency', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-tools-aws-lts-18.04', 'pkgver': '4.15.0.1118.121'},\n {'osver': '18.04', 'pkgname': 'linux-tools-azure-lts-18.04', 'pkgver': '4.15.0.1129.102'},\n {'osver': '18.04', 'pkgname': 'linux-tools-common', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-tools-dell300x', 'pkgver': '4.15.0.1033.35'},\n {'osver': '18.04', 'pkgname': 'linux-tools-gcp-lts-18.04', 'pkgver': '4.15.0.1114.133'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-host', 'pkgver': '4.15.0-166.174'},\n {'osver': '18.04', 'pkgname': 'linux-tools-kvm', 'pkgver': '4.15.0.1105.101'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-oracle-lts-18.04', 'pkgver': '4.15.0.1085.95'},\n {'osver': '18.04', 'pkgname': 'linux-tools-raspi2', 'pkgver': '4.15.0.1101.99'},\n {'osver': '18.04', 'pkgname': 'linux-tools-snapdragon', 'pkgver': '4.15.0.1118.121'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-virtual', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-virtual-hwe-16.04', 'pkgver': '4.15.0.166.155'},\n {'osver': '18.04', 'pkgname': 'linux-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.166.155'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws-cloud-tools-4.15.0-1118 / linux-aws-edge / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T15:16:36", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5139-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. (CVE-2021-3760)\n\n - An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values. (CVE-2021-43056)\n\n - An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (OEM 5.10) vulnerabilities (USN-5139-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3655", "CVE-2021-3744", "CVE-2021-3760", "CVE-2021-3764", "CVE-2021-41864", "CVE-2021-43056", "CVE-2021-43389"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.10.0-1051-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.10.0-1051-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.10.0-1051-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.10.0-1051-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.10.0-1051-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-headers-5.10.0-1051", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-5.10.0-1051", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.10.0-1051-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04b"], "id": "UBUNTU_USN-5139-1.NASL", "href": "https://www.tenable.com/plugins/nessus/155221", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5139-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155221);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\n \"CVE-2021-3655\",\n \"CVE-2021-3744\",\n \"CVE-2021-3760\",\n \"CVE-2021-3764\",\n \"CVE-2021-41864\",\n \"CVE-2021-43056\",\n \"CVE-2021-43389\"\n );\n script_xref(name:\"USN\", value:\"5139-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (OEM 5.10) vulnerabilities (USN-5139-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5139-1 advisory.\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat\n to confidentiality, integrity, and system availability. (CVE-2021-3760)\n\n - An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to\n crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S\n implementation bug in the handling of the SRR1 register values. (CVE-2021-43056)\n\n - An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in\n the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5139-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3760\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.10.0-1051-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.10.0-1051-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.10.0-1051-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.10.0-1051-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.10.0-1051-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-headers-5.10.0-1051\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-5.10.0-1051\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.10.0-1051-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04b\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3655', 'CVE-2021-3744', 'CVE-2021-3764');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5139-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.10.0-1051-oem', 'pkgver': '5.10.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.10.0-1051-oem', 'pkgver': '5.10.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04-edge', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04b', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.10.0-1051-oem', 'pkgver': '5.10.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04-edge', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04b', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.10.0-1051-oem', 'pkgver': '5.10.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.10.0-1051-oem', 'pkgver': '5.10.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04-edge', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04b', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.10-headers-5.10.0-1051', 'pkgver': '5.10.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.10-tools-5.10.0-1051', 'pkgver': '5.10.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.10-tools-host', 'pkgver': '5.10.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.10.0-1051-oem', 'pkgver': '5.10.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04-edge', 'pkgver': '5.10.0.1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04b', 'pkgver': '5.10.0.1051.53'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-buildinfo-5.10.0-1051-oem / linux-headers-5.10.0-1051-oem / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-13T14:25:58", "description": "The remote Ubuntu 20.04 LTS / 21.04 / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5208-1 advisory.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter- Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)\n\n - A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. (CVE-2021-3760)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values. (CVE-2021-43056)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-06T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 21.04 / 21.10 : Linux kernel vulnerabilities (USN-5208-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-20321", "CVE-2021-3760", "CVE-2021-4002", "CVE-2021-41864", "CVE-2021-43056", "CVE-2021-43267", "CVE-2021-43389"], "modified": "2023-07-12T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.04", "cpe:/o:canonical:ubuntu_linux:21.10", "p-cpe:/a:canonical:ubuntu_linux:linux-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-cloud-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-headers-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.13.0-1008", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.13.0-1008", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.13.0-1008", "p-cpe:/a:canonical:ubuntu_linux:linux-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-cloud-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-headers-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.13.0-1009", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.13.0-1009", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.13.0-1009", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1021-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1023-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1023-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1023-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1024-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1024-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1024-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-44-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-44-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-44-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-44-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1007-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1008-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1008-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1009-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1011-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1012-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1012-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-23-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-23-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-23-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-23-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1023-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1023-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-44", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-44-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-44-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-1008-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-1009-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-23", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-23-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-23-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-44-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1007-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1008-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1008-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1009-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1011-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1012-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1012-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-23-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-23-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-23-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-23-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-crashdump", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11-headers-5.11.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11-tools-5.11.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.11.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.13.0-1008", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.11.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.13.0-1008", "p-cpe:/a:canonical:ubuntu_linux:linux-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1021-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1023-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1023-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1023-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1024-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1024-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1024-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1007-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1008-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1008-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1009-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1011-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1012-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1012-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-5.11.0-44", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-headers-5.11.0-44", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-source-5.11.0", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-5.11.0-44", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-23-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.11.0-1021", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.13.0-1007", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.11.0-1021", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.13.0-1007", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1021-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1023-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1023-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1023-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1024-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1024-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1024-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-44-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-44-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-headers-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1021-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1023-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1023-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1023-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1024-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1024-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1024-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-44-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-44-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-44-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1021-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1023-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1023-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1024-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-44-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-44-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-44-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1007-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1008-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1009-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1011-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-23-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-23-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-44-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-44-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1007-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1008-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1008-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1009-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1011-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1012-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1012-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-23-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-23-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-23-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-23-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1023-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1023-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1023-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1024-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-44-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1008-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1008-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1009-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1011-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1012-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1012-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-23-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1007-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1008-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1008-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.13.0-1011", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.11.0-1023", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.13.0-1011", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.11.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.13.0-1012", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.11.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.13.0-1012", "p-cpe:/a:canonical:ubuntu_linux:linux-source", "p-cpe:/a:canonical:ubuntu_linux:linux-source-5.11.0", "p-cpe:/a:canonical:ubuntu_linux:linux-source-5.13.0", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1021-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1023-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1023-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1023-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1024-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1024-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1024-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1009-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1011-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1012-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1012-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04-edge"], "id": "UBUNTU_USN-5208-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156486", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5208-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156486);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/12\");\n\n script_cve_id(\n \"CVE-2021-3760\",\n \"CVE-2021-4002\",\n \"CVE-2021-20321\",\n \"CVE-2021-41864\",\n \"CVE-2021-43056\",\n \"CVE-2021-43267\",\n \"CVE-2021-43389\"\n );\n script_xref(name:\"USN\", value:\"5208-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 21.04 / 21.10 : Linux kernel vulnerabilities (USN-5208-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 21.04 / 21.10 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5208-1 advisory.\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-\n Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of\n user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)\n\n - A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat\n to confidentiality, integrity, and system availability. (CVE-2021-3760)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users\n do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to\n crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S\n implementation bug in the handling of the SRR1 register values. (CVE-2021-43056)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5208-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-cloud-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-headers-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.13.0-1008\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.13.0-1008\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.13.0-1008\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-cloud-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-headers-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.13.0-1009\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.13.0-1009\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.13.0-1009\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1021-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1023-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1023-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1023-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1024-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1024-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1024-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-44-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-44-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-44-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-44-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1007-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1008-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1008-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1009-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1011-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1012-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1012-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-23-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-23-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-23-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-23-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1023-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1023-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-44-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-44-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-1008-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-1009-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-23-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.13.0-23-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-crashdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11-headers-5.11.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11-tools-5.11.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.11.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.13.0-1008\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.11.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.13.0-1008\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1021-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1023-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1023-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1023-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1024-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1024-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1024-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-44-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1007-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1008-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1008-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1009-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1011-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1012-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1012-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-23-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-5.11.0-44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-headers-5.11.0-44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-source-5.11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-5.11.0-44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1021-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1023-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1023-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1023-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1024-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1024-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1024-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-44-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-44-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-44-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-44-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1007-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1008-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1008-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1009-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1011-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1012-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1012-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-23-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-23-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-23-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-23-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1021-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1023-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1023-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1024-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-44-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-44-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-44-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1007-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1008-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1009-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1011-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-23-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-23-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-23-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.11.0-1021\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.13.0-1007\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.11.0-1021\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.13.0-1007\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1021-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1023-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1023-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1023-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1024-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1024-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1024-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-44-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-44-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-44-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-44-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1007-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1008-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1008-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1009-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1011-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1012-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1012-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-23-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-23-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-23-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-23-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1023-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1023-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1023-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1024-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-44-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1008-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1008-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1009-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1011-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1012-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-1012-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.13.0-23-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-headers-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.13.0-1011\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.11.0-1023\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.13.0-1011\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.11.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.13.0-1012\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.11.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.13.0-1012\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-5.11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-5.13.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1021-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1023-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1023-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1023-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1024-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1024-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1024-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-44-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1007-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1008-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1008-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1009-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1011-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1012-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1012-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-23-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('20.04' >< os_release || '21.04' >< os_release || '21.10' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 21.04 / 21.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-aws', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-aws-5.11-cloud-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-aws-5.11-headers-5.11.0-1023', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-aws-5.11-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.11-cloud-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.11-headers-5.11.0-1023', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.11-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-44-generic', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-44-generic', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-gcp', 'pkgver': '5.11.0.1024.26~20.04.24'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-5.11-headers-5.11.0-1024', 'pkgver': '5.11.0-1024.26~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-5.11-tools-5.11.0-1024', 'pkgver': '5.11.0-1024.26~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-generic-64k-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-44-generic', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-aws', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-headers-azure', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gcp', 'pkgver': '5.11.0.1024.26~20.04.24'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-64k-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oracle', 'pkgver': '5.11.0.1023.24~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oracle-edge', 'pkgver': '5.11.0.1023.24~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-cloud-tools-5.11.0-44', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-cloud-tools-common', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-headers-5.11.0-44', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-source-5.11.0', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-tools-5.11.0-44', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-tools-common', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-tools-host', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-44-generic', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-aws', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-image-azure', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-image-gcp', 'pkgver': '5.11.0.1024.26~20.04.24'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-64k-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle', 'pkgver': '5.11.0.1023.24~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle-edge', 'pkgver': '5.11.0.1023.24~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-44-generic', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-44-generic', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-44-generic', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-aws', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gcp', 'pkgver': '5.11.0.1024.26~20.04.24'},\n {'osver': '20.04', 'pkgname': 'linux-oracle', 'pkgver': '5.11.0.1023.24~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-5.11-headers-5.11.0-1023', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-5.11-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-edge', 'pkgver': '5.11.0.1023.24~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-44-generic', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-aws', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-tools-azure', 'pkgver': '5.11.0.1023.24~20.04.23'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gcp', 'pkgver': '5.11.0.1024.26~20.04.24'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-64k-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oracle', 'pkgver': '5.11.0.1023.24~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oracle-edge', 'pkgver': '5.11.0.1023.24~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-20.04', 'pkgver': '5.11.0.44.48~20.04.22'},\n {'osver': '21.04', 'pkgname': 'linux-aws', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-aws-cloud-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-aws-headers-5.11.0-1023', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-aws-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-azure', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-azure-cloud-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-azure-headers-5.11.0-1023', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-azure-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-1021-kvm', 'pkgver': '5.11.0-1021.23'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-1024-raspi', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-1024-raspi-nolpae', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-44-generic', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-5.11.0-44', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-5.11.0-44-generic', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-common', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-generic', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-generic-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-generic-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-lowlatency', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-virtual', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-crashdump', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-gcp', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-gcp-headers-5.11.0-1024', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-gcp-tools-5.11.0-1024', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-generic', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-generic-64k', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-generic-64k-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-generic-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-generic-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-generic-lpae', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-gke', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-1021-kvm', 'pkgver': '5.11.0-1021.23'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-1024-raspi', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-1024-raspi-nolpae', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-44', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-44-generic', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-headers-aws', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-headers-azure', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-headers-gcp', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-headers-generic', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-generic-64k', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-generic-64k-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-generic-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-generic-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-generic-lpae', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-gke', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-headers-kvm', 'pkgver': '5.11.0.1021.22'},\n {'osver': '21.04', 'pkgname': 'linux-headers-lowlatency', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-oem-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-oracle', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-headers-raspi', 'pkgver': '5.11.0.1024.22'},\n {'osver': '21.04', 'pkgname': 'linux-headers-raspi-nolpae', 'pkgver': '5.11.0.1024.22'},\n {'osver': '21.04', 'pkgname': 'linux-headers-virtual', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-virtual-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-headers-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-1021-kvm', 'pkgver': '5.11.0-1021.23'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-1024-raspi', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-1024-raspi-nolpae', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-44-generic', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-image-aws', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-azure', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-extra-virtual', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-extra-virtual-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-extra-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-gcp', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-generic', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-generic-64k', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-generic-64k-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-generic-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-gke', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-kvm', 'pkgver': '5.11.0.1021.22'},\n {'osver': '21.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-oracle', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-raspi', 'pkgver': '5.11.0.1024.22'},\n {'osver': '21.04', 'pkgname': 'linux-image-raspi-nolpae', 'pkgver': '5.11.0.1024.22'},\n {'osver': '21.04', 'pkgname': 'linux-image-unsigned-5.11.0-1021-kvm', 'pkgver': '5.11.0-1021.23'},\n {'osver': '21.04', 'pkgname': 'linux-image-unsigned-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-unsigned-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-image-unsigned-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-image-unsigned-5.11.0-44-generic', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-image-unsigned-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-image-unsigned-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-image-virtual', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-image-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-kvm', 'pkgver': '5.11.0.1021.22'},\n {'osver': '21.04', 'pkgname': 'linux-kvm-headers-5.11.0-1021', 'pkgver': '5.11.0-1021.23'},\n {'osver': '21.04', 'pkgname': 'linux-kvm-tools-5.11.0-1021', 'pkgver': '5.11.0-1021.23'},\n {'osver': '21.04', 'pkgname': 'linux-libc-dev', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-lowlatency', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-1021-kvm', 'pkgver': '5.11.0-1021.23'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-1024-raspi', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-1024-raspi-nolpae', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-44-generic', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-5.11.0-44-generic', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-aws', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-gcp', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-gke', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-oem-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-oracle', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-oracle-headers-5.11.0-1023', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-oracle-tools-5.11.0-1023', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-raspi', 'pkgver': '5.11.0.1024.22'},\n {'osver': '21.04', 'pkgname': 'linux-raspi-headers-5.11.0-1024', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-raspi-nolpae', 'pkgver': '5.11.0.1024.22'},\n {'osver': '21.04', 'pkgname': 'linux-raspi-tools-5.11.0-1024', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-source', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-source-5.11.0', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-1021-kvm', 'pkgver': '5.11.0-1021.23'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-1023-aws', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-1023-azure', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-1023-oracle', 'pkgver': '5.11.0-1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-1024-gcp', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-1024-raspi', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-1024-raspi-nolpae', 'pkgver': '5.11.0-1024.26'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-44', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-44-generic', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-44-generic-64k', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-44-generic-lpae', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-44-lowlatency', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-tools-aws', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-tools-azure', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-tools-common', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-tools-gcp', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-tools-generic', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-generic-64k', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-generic-64k-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-generic-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-generic-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-generic-lpae', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-gke', 'pkgver': '5.11.0.1024.24'},\n {'osver': '21.04', 'pkgname': 'linux-tools-host', 'pkgver': '5.11.0-44.48'},\n {'osver': '21.04', 'pkgname': 'linux-tools-kvm', 'pkgver': '5.11.0.1021.22'},\n {'osver': '21.04', 'pkgname': 'linux-tools-lowlatency', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-lowlatency-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-oem-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-oracle', 'pkgver': '5.11.0.1023.24'},\n {'osver': '21.04', 'pkgname': 'linux-tools-raspi', 'pkgver': '5.11.0.1024.22'},\n {'osver': '21.04', 'pkgname': 'linux-tools-raspi-nolpae', 'pkgver': '5.11.0.1024.22'},\n {'osver': '21.04', 'pkgname': 'linux-tools-virtual', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-virtual-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-tools-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-virtual', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-virtual-hwe-20.04', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.04', 'pkgname': 'linux-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.44.44'},\n {'osver': '21.10', 'pkgname': 'linux-aws', 'pkgver': '5.13.0.1008.10'},\n {'osver': '21.10', 'pkgname': 'linux-aws-cloud-tools-5.13.0-1008', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-aws-headers-5.13.0-1008', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-aws-tools-5.13.0-1008', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-azure', 'pkgver': '5.13.0.1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-azure-cloud-tools-5.13.0-1009', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-azure-headers-5.13.0-1009', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-azure-tools-5.13.0-1009', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-1007-kvm', 'pkgver': '5.13.0-1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-1008-aws', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-1008-gcp', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-1009-azure', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-1011-oracle', 'pkgver': '5.13.0-1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-1012-raspi', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-1012-raspi-nolpae', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-23-generic', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-23-generic-64k', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-23-generic-lpae', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-buildinfo-5.13.0-23-lowlatency', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-5.13.0-1008-aws', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-5.13.0-1009-azure', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-5.13.0-23', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-5.13.0-23-generic', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-5.13.0-23-lowlatency', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '5.13.0.1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-common', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-generic', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-generic-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-generic-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-lowlatency', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-virtual', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-virtual-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-cloud-tools-virtual-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-crashdump', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-gcp', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-gcp-headers-5.13.0-1008', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-gcp-tools-5.13.0-1008', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-generic', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-generic-64k', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-generic-64k-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-generic-64k-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-generic-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-generic-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-generic-lpae', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-generic-lpae-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-generic-lpae-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-gke', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-1007-kvm', 'pkgver': '5.13.0-1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-1008-aws', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-1008-gcp', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-1009-azure', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-1011-oracle', 'pkgver': '5.13.0-1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-1012-raspi', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-1012-raspi-nolpae', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-23', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-23-generic', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-23-generic-64k', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-23-generic-lpae', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-headers-5.13.0-23-lowlatency', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-headers-aws', 'pkgver': '5.13.0.1008.10'},\n {'osver': '21.10', 'pkgname': 'linux-headers-azure', 'pkgver': '5.13.0.1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-headers-gcp', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-headers-generic', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-generic-64k', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-generic-64k-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-generic-64k-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-generic-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-generic-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-generic-lpae', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-generic-lpae-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-generic-lpae-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-gke', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-headers-kvm', 'pkgver': '5.13.0.1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-headers-lowlatency', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-lowlatency-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-lowlatency-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-oem-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-oracle', 'pkgver': '5.13.0.1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-headers-raspi', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-headers-raspi-nolpae', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-headers-virtual', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-virtual-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-headers-virtual-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-1007-kvm', 'pkgver': '5.13.0-1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-1008-aws', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-1008-gcp', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-1009-azure', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-1011-oracle', 'pkgver': '5.13.0-1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-1012-raspi', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-1012-raspi-nolpae', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-23-generic', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-23-generic-64k', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-23-generic-lpae', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-image-5.13.0-23-lowlatency', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-image-aws', 'pkgver': '5.13.0.1008.10'},\n {'osver': '21.10', 'pkgname': 'linux-image-azure', 'pkgver': '5.13.0.1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-image-extra-virtual', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-extra-virtual-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-extra-virtual-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-gcp', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-image-generic', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-generic-64k', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-generic-64k-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-generic-64k-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-generic-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-generic-lpae-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-gke', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-image-kvm', 'pkgver': '5.13.0.1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-lowlatency-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-oracle', 'pkgver': '5.13.0.1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-image-raspi', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-image-raspi-nolpae', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-image-unsigned-5.13.0-1007-kvm', 'pkgver': '5.13.0-1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-image-unsigned-5.13.0-1008-gcp', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-image-unsigned-5.13.0-1009-azure', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-image-unsigned-5.13.0-1011-oracle', 'pkgver': '5.13.0-1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-image-unsigned-5.13.0-23-generic', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-image-unsigned-5.13.0-23-generic-64k', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-image-unsigned-5.13.0-23-lowlatency', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-image-virtual', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-image-virtual-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-kvm', 'pkgver': '5.13.0.1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-kvm-headers-5.13.0-1007', 'pkgver': '5.13.0-1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-kvm-tools-5.13.0-1007', 'pkgver': '5.13.0-1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-libc-dev', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-lowlatency', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-lowlatency-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-lowlatency-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-1007-kvm', 'pkgver': '5.13.0-1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-1008-aws', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-1008-gcp', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-1009-azure', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-1011-oracle', 'pkgver': '5.13.0-1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-1012-raspi', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-1012-raspi-nolpae', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-23-generic', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-23-generic-64k', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-23-generic-lpae', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-modules-5.13.0-23-lowlatency', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-5.13.0-1008-aws', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-5.13.0-1008-gcp', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-5.13.0-1009-azure', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-5.13.0-1011-oracle', 'pkgver': '5.13.0-1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-5.13.0-1012-raspi', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-5.13.0-1012-raspi-nolpae', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-5.13.0-23-generic', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-aws', 'pkgver': '5.13.0.1008.10'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '5.13.0.1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-gcp', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-gke', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-raspi', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-modules-extra-raspi-nolpae', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-oem-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-oracle', 'pkgver': '5.13.0.1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-oracle-headers-5.13.0-1011', 'pkgver': '5.13.0-1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-oracle-tools-5.13.0-1011', 'pkgver': '5.13.0-1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-raspi', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-raspi-headers-5.13.0-1012', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-raspi-nolpae', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-raspi-tools-5.13.0-1012', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-source', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-source-5.13.0', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-1007-kvm', 'pkgver': '5.13.0-1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-1008-aws', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-1008-gcp', 'pkgver': '5.13.0-1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-1009-azure', 'pkgver': '5.13.0-1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-1011-oracle', 'pkgver': '5.13.0-1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-1012-raspi', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-1012-raspi-nolpae', 'pkgver': '5.13.0-1012.14'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-23', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-23-generic', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-23-generic-64k', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-23-generic-lpae', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-tools-5.13.0-23-lowlatency', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-tools-aws', 'pkgver': '5.13.0.1008.10'},\n {'osver': '21.10', 'pkgname': 'linux-tools-azure', 'pkgver': '5.13.0.1009.10'},\n {'osver': '21.10', 'pkgname': 'linux-tools-common', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-tools-gcp', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-tools-generic', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-generic-64k', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-generic-64k-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-generic-64k-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-generic-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-generic-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-generic-lpae', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-generic-lpae-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-generic-lpae-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-gke', 'pkgver': '5.13.0.1008.9'},\n {'osver': '21.10', 'pkgname': 'linux-tools-host', 'pkgver': '5.13.0-23.23'},\n {'osver': '21.10', 'pkgname': 'linux-tools-kvm', 'pkgver': '5.13.0.1007.7'},\n {'osver': '21.10', 'pkgname': 'linux-tools-lowlatency', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-lowlatency-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-lowlatency-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-oem-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-oracle', 'pkgver': '5.13.0.1011.13'},\n {'osver': '21.10', 'pkgname': 'linux-tools-raspi', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-tools-raspi-nolpae', 'pkgver': '5.13.0.1012.18'},\n {'osver': '21.10', 'pkgname': 'linux-tools-virtual', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-virtual-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-tools-virtual-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-virtual', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-virtual-hwe-20.04', 'pkgver': '5.13.0.23.34'},\n {'osver': '21.10', 'pkgname': 'linux-virtual-hwe-20.04-edge', 'pkgver': '5.13.0.23.34'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws / linux-aws-5.11-cloud-tools-5.11.0-1023 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-13T14:24:14", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5210-1 advisory.\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. (CVE-2021-3760)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values. (CVE-2021-43056)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-01-06T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5210-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-26541", "CVE-2021-20321", "CVE-2021-3760", "CVE-2021-4002", "CVE-2021-41864", "CVE-2021-43056", "CVE-2021-43389"], "modified": "2023-07-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-crashdump", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.4-headers-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.4-tools-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4-headers-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4-tools-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-headers-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-tools-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-cloud-tools-5.4.0-1029", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-headers-5.4.0-1029", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-source-5.4.0", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-tools-5.4.0-1029", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1010-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1029-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1048-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1051-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1057-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1059-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1059-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1061-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1065-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-92", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-92-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-92-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-92-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-ibm-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-cloud-tools-5.4.0-92", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-headers-5.4.0-92", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-source-5.4.0", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-tools-5.4.0-92", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-ibm-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-ibm-headers-5.4.0-1010", "p-cpe:/a:canonical:ubuntu_linux:linux-ibm-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-ibm-source-5.4.0", "p-cpe:/a:canonical:ubuntu_linux:linux-ibm-tools-5.4.0-1010", "p-cpe:/a:canonical:ubuntu_linux:linux-ibm-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1010-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1029-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1048-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1051-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1057-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1059-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1059-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1065-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-92-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-92-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-92-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1010-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1029-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1051-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1057-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1059-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1059-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1061-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1065-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-92-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-92-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.4.0-1051", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.4.0-1051", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1010-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1029-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1048-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1051-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1057-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1059-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1059-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1061-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1065-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-92-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-92-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-92-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1010-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1029-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1057-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1059-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1059-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1061-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1065-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-92-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-ibm-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.4-headers-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.4-tools-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.4.0-1048", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.4.0-1048", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-source", "p-cpe:/a:canonical:ubuntu_linux:linux-source-5.4.0", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1010-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1029-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1048-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1051-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1057-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1059-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1059-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1061-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1065-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-92", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-92-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-92-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-92-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-ibm-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04-edge", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4-cloud-tools-5.4.0-1061", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4-headers-5.4.0-1061", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4-tools-5.4.0-1061", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.4.0-1061", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.4.0-1061", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.4.0-1061", "p-cpe:/a:canonical:ubuntu_linux:linux-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4-cloud-tools-5.4.0-1065", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4-headers-5.4.0-1065", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4-tools-5.4.0-1065", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.4.0-1065", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.4.0-1065", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.4.0-1065", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1010-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1029-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1048-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1051-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1057-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1059-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1059-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1061-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1065-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-92-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-92-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-92-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1029-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1061-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1065-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-92", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-92-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-92-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04"], "id": "UBUNTU_USN-5210-1.NASL", "href": "https://www.tenable.com/plugins/nessus/156481", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5210-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156481);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/12\");\n\n script_cve_id(\n \"CVE-2020-26541\",\n \"CVE-2021-3760\",\n \"CVE-2021-4002\",\n \"CVE-2021-20321\",\n \"CVE-2021-41864\",\n \"CVE-2021-43056\",\n \"CVE-2021-43389\"\n );\n script_xref(name:\"USN\", value:\"5210-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5210-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5210-1 advisory.\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database\n (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat\n to confidentiality, integrity, and system availability. (CVE-2021-3760)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users\n do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to\n crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S\n implementation bug in the handling of the SRR1 register values. (CVE-2021-43056)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5210-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3760\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-41864\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4-cloud-tools-5.4.0-1061\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4-headers-5.4.0-1061\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4-tools-5.4.0-1061\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.4.0-1061\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.4.0-1061\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.4.0-1061\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4-cloud-tools-5.4.0-1065\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4-headers-5.4.0-1065\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4-tools-5.4.0-1065\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.4.0-1065\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.4.0-1065\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.4.0-1065\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1010-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1029-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1048-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1051-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1057-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1059-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1059-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1061-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1065-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-92-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-92-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-92-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1029-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1061-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1065-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-92\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-92-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-92-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-crashdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.4-headers-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.4-tools-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4-headers-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4-tools-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-headers-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-tools-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-cloud-tools-5.4.0-1029\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-headers-5.4.0-1029\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-source-5.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-tools-5.4.0-1029\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1010-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1029-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1048-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1051-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1057-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1059-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1059-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1061-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1065-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-92\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-92-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-92-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-92-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-ibm-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-cloud-tools-5.4.0-92\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-headers-5.4.0-92\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-source-5.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-tools-5.4.0-92\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ibm-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ibm-headers-5.4.0-1010\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ibm-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ibm-source-5.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ibm-tools-5.4.0-1010\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ibm-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1010-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1029-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1048-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1051-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1057-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1059-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1059-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1065-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-92-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-92-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-92-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1010-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1029-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1051-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1057-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1059-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1059-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1061-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1065-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-92-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-92-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.4.0-1051\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.4.0-1051\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1010-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1029-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1048-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1051-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1057-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1059-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1059-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1061-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1065-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-92-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-92-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-92-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1010-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1029-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1057-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1059-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1059-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1061-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1065-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-92-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-ibm-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.4-headers-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.4-tools-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.4.0-1048\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.4.0-1048\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-5.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1010-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1029-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1048-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1051-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1057-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1059-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1059-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1061-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1065-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-92\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-92-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-92-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-92-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-ibm-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release || '20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'linux-aws', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-aws-5.4-cloud-tools-5.4.0-1061', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-aws-5.4-headers-5.4.0-1061', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-aws-5.4-tools-5.4.0-1061', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-aws-edge', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-azure', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-azure-5.4-cloud-tools-5.4.0-1065', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-azure-5.4-headers-5.4.0-1065', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-azure-5.4-tools-5.4.0-1065', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-azure-edge', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-92-generic', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-5.4.0-92-generic', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-azure-edge', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-gkeop-5.4', 'pkgver': '5.4.0.1029.30~18.04.30'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-gcp', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-5.4-headers-5.4.0-1059', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-5.4-tools-5.4.0-1059', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-edge', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-generic-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-gke-5.4', 'pkgver': '5.4.0.1057.60~18.04.22'},\n {'osver': '18.04', 'pkgname': 'linux-gke-5.4-headers-5.4.0-1057', 'pkgver': '5.4.0-1057.60~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-gke-5.4-tools-5.4.0-1057', 'pkgver': '5.4.0-1057.60~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-gkeop-5.4', 'pkgver': '5.4.0.1029.30~18.04.30'},\n {'osver': '18.04', 'pkgname': 'linux-gkeop-5.4-cloud-tools-5.4.0-1029', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-gkeop-5.4-headers-5.4.0-1029', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-gkeop-5.4-source-5.4.0', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-gkeop-5.4-tools-5.4.0-1029', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-92-generic', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-headers-aws', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-headers-aws-edge', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-headers-azure', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-headers-azure-edge', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-headers-gcp', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-headers-gcp-edge', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-gke-5.4', 'pkgver': '5.4.0.1057.60~18.04.22'},\n {'osver': '18.04', 'pkgname': 'linux-headers-gkeop-5.4', 'pkgver': '5.4.0.1029.30~18.04.30'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-oem', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-oem-osp1', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-oracle', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-headers-oracle-edge', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-headers-snapdragon-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-snapdragon-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-hwe-5.4-cloud-tools-5.4.0-92', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-hwe-5.4-cloud-tools-common', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-hwe-5.4-headers-5.4.0-92', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-hwe-5.4-source-5.4.0', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-hwe-5.4-tools-5.4.0-92', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-hwe-5.4-tools-common', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-92-generic', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-image-aws', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-image-aws-edge', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-image-azure', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-image-azure-edge', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-gcp', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-image-gcp-edge', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-gke-5.4', 'pkgver': '5.4.0.1057.60~18.04.22'},\n {'osver': '18.04', 'pkgname': 'linux-image-gkeop-5.4', 'pkgver': '5.4.0.1029.30~18.04.30'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-oem', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-oem-osp1', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-oracle', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-image-oracle-edge', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-image-snapdragon-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-snapdragon-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-5.4.0-92-generic', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-92-generic', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-5.4.0-92-generic', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-aws', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-aws-edge', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-azure-edge', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-gcp', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-gcp-edge', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-gke-5.4', 'pkgver': '5.4.0.1057.60~18.04.22'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-gkeop-5.4', 'pkgver': '5.4.0.1029.30~18.04.30'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-oracle', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-oracle-edge', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-virtual-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-oem', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-oem-osp1', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-oracle', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-5.4-headers-5.4.0-1059', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-5.4-tools-5.4.0-1059', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-edge', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-signed-azure', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-signed-azure-edge', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-azure', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-azure-edge', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-oracle', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-oracle-edge', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-signed-oracle', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-signed-oracle-edge', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-92-generic', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103~18.04.2'},\n {'osver': '18.04', 'pkgname': 'linux-tools-aws', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-tools-aws-edge', 'pkgver': '5.4.0.1061.44'},\n {'osver': '18.04', 'pkgname': 'linux-tools-azure', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-tools-azure-edge', 'pkgver': '5.4.0.1065.45'},\n {'osver': '18.04', 'pkgname': 'linux-tools-gcp', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-tools-gcp-edge', 'pkgver': '5.4.0.1059.45'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-gke-5.4', 'pkgver': '5.4.0.1057.60~18.04.22'},\n {'osver': '18.04', 'pkgname': 'linux-tools-gkeop-5.4', 'pkgver': '5.4.0.1029.30~18.04.30'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-oem', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-oem-osp1', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-oracle', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-tools-oracle-edge', 'pkgver': '5.4.0.1059.63~18.04.39'},\n {'osver': '18.04', 'pkgname': 'linux-tools-snapdragon-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-snapdragon-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-virtual-hwe-18.04', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '18.04', 'pkgname': 'linux-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.103~18.04.82'},\n {'osver': '20.04', 'pkgname': 'linux-aws-cloud-tools-5.4.0-1061', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-aws-headers-5.4.0-1061', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-aws-lts-20.04', 'pkgver': '5.4.0.1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-aws-tools-5.4.0-1061', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-azure-cloud-tools-5.4.0-1065', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-azure-headers-5.4.0-1065', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-azure-lts-20.04', 'pkgver': '5.4.0.1065.63'},\n {'osver': '20.04', 'pkgname': 'linux-azure-tools-5.4.0-1065', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-bluefield', 'pkgver': '5.4.0.1023.24'},\n {'osver': '20.04', 'pkgname': 'linux-bluefield-headers-5.4.0-1023', 'pkgver': '5.4.0-1023.26'},\n {'osver': '20.04', 'pkgname': 'linux-bluefield-tools-5.4.0-1023', 'pkgver': '5.4.0-1023.26'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1010-ibm', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1023-bluefield', 'pkgver': '5.4.0-1023.26'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1048-raspi', 'pkgver': '5.4.0-1048.53'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1051-kvm', 'pkgver': '5.4.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-92-generic', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-92', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-92-generic', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-azure-lts-20.04', 'pkgver': '5.4.0.1065.63'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-common', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-gkeop', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-gkeop-5.4', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-crashdump', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-headers-5.4.0-1059', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-lts-20.04', 'pkgver': '5.4.0.1059.69'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-tools-5.4.0-1059', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-generic', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-gke', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-gke-5.4', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-gke-headers-5.4.0-1057', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-gke-tools-5.4.0-1057', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-5.4', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-cloud-tools-5.4.0-1029', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-headers-5.4.0-1029', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-source-5.4.0', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-tools-5.4.0-1029', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1010-ibm', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1023-bluefield', 'pkgver': '5.4.0-1023.26'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1048-raspi', 'pkgver': '5.4.0-1048.53'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1051-kvm', 'pkgver': '5.4.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-92', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-92-generic', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-headers-aws-lts-20.04', 'pkgver': '5.4.0.1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-headers-azure-lts-20.04', 'pkgver': '5.4.0.1065.63'},\n {'osver': '20.04', 'pkgname': 'linux-headers-bluefield', 'pkgver': '5.4.0.1023.24'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gcp-lts-20.04', 'pkgver': '5.4.0.1059.69'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gke', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gke-5.4', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gkeop', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gkeop-5.4', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-headers-ibm', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-headers-ibm-lts-20.04', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-headers-kvm', 'pkgver': '5.4.0.1051.50'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-osp1', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oracle-lts-20.04', 'pkgver': '5.4.0.1059.59'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi-hwe-18.04', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi2', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi2-hwe-18.04', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-ibm', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-ibm-cloud-tools-common', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-ibm-headers-5.4.0-1010', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-ibm-lts-20.04', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-ibm-source-5.4.0', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-ibm-tools-5.4.0-1010', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-ibm-tools-common', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1010-ibm', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1023-bluefield', 'pkgver': '5.4.0-1023.26'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1048-raspi', 'pkgver': '5.4.0-1048.53'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1051-kvm', 'pkgver': '5.4.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-92-generic', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-image-aws-lts-20.04', 'pkgver': '5.4.0.1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-image-azure-lts-20.04', 'pkgver': '5.4.0.1065.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-bluefield', 'pkgver': '5.4.0.1023.24'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-gcp-lts-20.04', 'pkgver': '5.4.0.1059.69'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-gke', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-gke-5.4', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-image-gkeop', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-image-gkeop-5.4', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-image-ibm', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-image-ibm-lts-20.04', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-image-kvm', 'pkgver': '5.4.0.1051.50'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-osp1', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle-lts-20.04', 'pkgver': '5.4.0.1059.59'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi-hwe-18.04', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi2', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi2-hwe-18.04', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1010-ibm', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1023-bluefield', 'pkgver': '5.4.0-1023.26'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1051-kvm', 'pkgver': '5.4.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-92-generic', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-kvm', 'pkgver': '5.4.0.1051.50'},\n {'osver': '20.04', 'pkgname': 'linux-kvm-headers-5.4.0-1051', 'pkgver': '5.4.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-kvm-tools-5.4.0-1051', 'pkgver': '5.4.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-libc-dev', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1010-ibm', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1023-bluefield', 'pkgver': '5.4.0-1023.26'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1048-raspi', 'pkgver': '5.4.0-1048.53'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1051-kvm', 'pkgver': '5.4.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-92-generic', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1010-ibm', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-92-generic', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-aws-lts-20.04', 'pkgver': '5.4.0.1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-azure-lts-20.04', 'pkgver': '5.4.0.1065.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gcp-lts-20.04', 'pkgver': '5.4.0.1059.69'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gke', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gke-5.4', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gkeop', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gkeop-5.4', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-ibm', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-ibm-lts-20.04', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-oem', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-oem-osp1', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-oem-osp1-tools-host', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-oem-tools-host', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-headers-5.4.0-1059', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-lts-20.04', 'pkgver': '5.4.0.1059.59'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-tools-5.4.0-1059', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-raspi', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-headers-5.4.0-1048', 'pkgver': '5.4.0-1048.53'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-hwe-18.04', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-tools-5.4.0-1048', 'pkgver': '5.4.0-1048.53'},\n {'osver': '20.04', 'pkgname': 'linux-raspi2', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-raspi2-hwe-18.04', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-source', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-source-5.4.0', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1010-ibm', 'pkgver': '5.4.0-1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1023-bluefield', 'pkgver': '5.4.0-1023.26'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1029-gkeop', 'pkgver': '5.4.0-1029.30'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1048-raspi', 'pkgver': '5.4.0-1048.53'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1051-kvm', 'pkgver': '5.4.0-1051.53'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1057-gke', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1059-gcp', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1059-oracle', 'pkgver': '5.4.0-1059.63'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1061-aws', 'pkgver': '5.4.0-1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1065-azure', 'pkgver': '5.4.0-1065.68'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-92', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-92-generic', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-92-generic-lpae', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-92-lowlatency', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-tools-aws-lts-20.04', 'pkgver': '5.4.0.1061.64'},\n {'osver': '20.04', 'pkgname': 'linux-tools-azure-lts-20.04', 'pkgver': '5.4.0.1065.63'},\n {'osver': '20.04', 'pkgname': 'linux-tools-bluefield', 'pkgver': '5.4.0.1023.24'},\n {'osver': '20.04', 'pkgname': 'linux-tools-common', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gcp-lts-20.04', 'pkgver': '5.4.0.1059.69'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gke', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gke-5.4', 'pkgver': '5.4.0.1057.67'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gkeop', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gkeop-5.4', 'pkgver': '5.4.0.1029.32'},\n {'osver': '20.04', 'pkgname': 'linux-tools-host', 'pkgver': '5.4.0-92.103'},\n {'osver': '20.04', 'pkgname': 'linux-tools-ibm', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-tools-ibm-lts-20.04', 'pkgver': '5.4.0.1010.11'},\n {'osver': '20.04', 'pkgname': 'linux-tools-kvm', 'pkgver': '5.4.0.1051.50'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-osp1', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oracle-lts-20.04', 'pkgver': '5.4.0.1059.59'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi-hwe-18.04', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi2', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi2-hwe-18.04', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1048.83'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-virtual', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-18.04', 'pkgver': '5.4.0.92.96'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.92.96'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws / linux-aws-5.4-cloud-tools-5.4.0-1061 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:25:17", "description": "The version of kernel installed on the remote host is prior to 5.10.75-79.358. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-007 advisory.\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter- Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-007)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18808", "CVE-2021-20321", "CVE-2021-34866", "CVE-2021-3744", "CVE-2021-3764", "CVE-2021-41864", "CVE-2021-43267"], "modified": "2023-09-06T00:00:00", "cpe": ["cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo", "p-cpe:/a:amazon:linux:kernel-livepatch-5.10.75-79.358"], "id": "AL2_ALASKERNEL-5_10-2022-007.NASL", "href": "https://www.tenable.com/plugins/nessus/160447", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.10-2022-007.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160447);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/06\");\n\n script_cve_id(\n \"CVE-2021-3744\",\n \"CVE-2021-3764\",\n \"CVE-2021-20321\",\n \"CVE-2021-34866\",\n \"CVE-2021-41864\",\n \"CVE-2021-43267\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-007)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.10.75-79.358. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-007 advisory.\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel\n through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users\n do rename in specific way with OverlayFS. A local user could use this flaw to crash the system.\n (CVE-2021-20321)\n\n - A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in\n drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).\n This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-\n Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of\n user-supplied sizes for the MSG_CRYPTO message type. (CVE-2021-43267)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-007.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3744.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3764.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-20321.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-34866.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-41864.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-43267.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-43267\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-5.10.75-79.358\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kpatch.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2021-3744\", \"CVE-2021-3764\", \"CVE-2021-20321\", \"CVE-2021-34866\", \"CVE-2021-41864\", \"CVE-2021-43267\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.10-2022-007\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-aarch64-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-x86_64-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.75-79.358.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-livepatch-5.10.75-79.358-1.0-0.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-livepatch-5.10.75-79.358-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.75-79.358.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.75-79.358.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:14", "description": "The version of kernel installed on the remote host is prior to 4.14.252-195.481. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1719 advisory.\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.\n (CVE-2021-20317)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context.\n This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.\n (CVE-2021-38300)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-05T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2021-1719)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-18808", "CVE-2021-20317", "CVE-2021-20321", "CVE-2021-37159", "CVE-2021-3744", "CVE-2021-3764", "CVE-2021-38300", "CVE-2021-41864"], "modified": "2021-11-05T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-4.14.252-195.481", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2021-1719.NASL", "href": "https://www.tenable.com/plugins/nessus/154914", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2021-1719.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154914);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/05\");\n\n script_cve_id(\n \"CVE-2019-18808\",\n \"CVE-2021-3744\",\n \"CVE-2021-3764\",\n \"CVE-2021-20317\",\n \"CVE-2021-20321\",\n \"CVE-2021-37159\",\n \"CVE-2021-38300\",\n \"CVE-2021-41864\"\n );\n script_xref(name:\"ALAS\", value:\"2021-1719\");\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2021-1719)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.252-195.481. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2021-1719 advisory.\n\n - A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel\n through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.\n (CVE-2019-18808)\n\n - A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the\n timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user\n privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.\n (CVE-2021-20317)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when\n transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context.\n This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.\n (CVE-2021-38300)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2021-1719.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-20317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.