fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
{"cve": [{"lastseen": "2022-03-23T18:58:44", "description": "fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-08T20:15:00", "type": "cve", "title": "CVE-2021-38199", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-12-21T12:54:00", "cpe": ["cpe:/o:netapp:hci_bootstrap_os:-", "cpe:/o:debian:debian_linux:11.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:netapp:hci_management_node:-", "cpe:/a:netapp:solidfire:-", "cpe:/a:netapp:element_software:-"], "id": "CVE-2021-38199", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38199", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*"]}], "veracode": [{"lastseen": "2022-07-17T13:05:27", "description": "linux is vulnerable to denial of service. The vulnerability exists due to an incorrect connection-setup ordering in fs/nfs/nfs4client.c. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-30T13:39:21", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-12-21T14:07:44", "id": "VERACODE:32329", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-32329/summary", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:17:02", "description": "fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect\nconnection-setup ordering, which allows operators of remote NFSv4 servers\nto cause a denial of service (hanging of mounts) by arranging for those\nservers to be unreachable during trunking detection.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-08T00:00:00", "type": "ubuntucve", "title": "CVE-2021-38199", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-08-08T00:00:00", "id": "UB:CVE-2021-38199", "href": "https://ubuntu.com/security/CVE-2021-38199", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2022-07-07T17:30:22", "description": "A flaw was found in the hanging of mounts in the Linux kernel's NFS4 subsystem where remote servers are unreachable for the client during migration of data from one server to another (during trunking detection). This flaw allows a remote NFS4 server (if the client is connected) to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.\n#### Mitigation\n\nIf not using NFS, then to mitigate this issue, prevent the module nfsv4 from being loaded. Please see <https://access.redhat.com/solutions/41278> for information on how to blacklist a kernel module to prevent it from loading automatically. \n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-10T21:21:30", "type": "redhatcve", "title": "CVE-2021-38199", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2022-07-07T15:45:02", "id": "RH:CVE-2021-38199", "href": "https://access.redhat.com/security/cve/cve-2021-38199", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "photon": [{"lastseen": "2022-05-12T18:14:12", "description": "Updates of ['linux', 'linux-esx', 'linux-aws', 'linux-secure'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-30T00:00:00", "type": "photon", "title": "Moderate Photon OS Security Update - PHSA-2021-0410", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-10-30T00:00:00", "id": "PHSA-2021-0410", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-410", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-12T17:55:55", "description": "Updates of ['linux'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-22T00:00:00", "type": "photon", "title": "Moderate Photon OS Security Update - PHSA-2021-0447", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-10-22T00:00:00", "id": "PHSA-2021-0447", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-447", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-12T18:41:56", "description": "Updates of ['linux-rt', 'linux-esx', 'linux', 'linux-secure', 'linux-aws'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-01T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2021-0278", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-26139", "CVE-2020-26147", "CVE-2020-26558", "CVE-2020-36311", "CVE-2021-33098", "CVE-2021-34693", "CVE-2021-35039", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38208"], "modified": "2021-08-01T00:00:00", "id": "PHSA-2021-0278", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-278", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2022-01-04T10:38:33", "description": "Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-30T00:00:00", "type": "ubuntu", "title": "Linux kernel (Raspberry Pi) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-38160", "CVE-2021-38204", "CVE-2021-3679", "CVE-2021-33624"], "modified": "2021-09-30T00:00:00", "id": "USN-5091-2", "href": "https://ubuntu.com/security/notices/USN-5091-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T10:38:00", "description": "Valentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nIt was discovered that the Linux kernel did not properly enforce certain \ntypes of entries in the Secure Boot Forbidden Signature Database (aka dbx) \nprotection mechanism. An attacker could use this to bypass UEFI Secure Boot \nrestrictions. (CVE-2020-26541)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly perform reference counting in some situations, \nleading to a use-after-free vulnerability. An attacker who could start and \ncontrol a VM could possibly use this to expose sensitive information or \nexecute arbitrary code. (CVE-2021-22543)\n\nMurray McAllister discovered that the joystick device interface in the \nLinux kernel did not properly validate data passed via an ioctl(). A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code on systems with a joystick device \nregistered. (CVE-2021-3612)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-06T00:00:00", "type": "ubuntu", "title": "Linux kernel (OEM) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-38160", "CVE-2021-41073", "CVE-2021-3612", "CVE-2021-22543", "CVE-2020-26541"], "modified": "2021-10-06T00:00:00", "id": "USN-5106-1", "href": "https://ubuntu.com/security/notices/USN-5106-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T10:37:40", "description": "USN-5091-1 fixed vulnerabilities in Linux 5.4-based kernels. \nUnfortunately, for Linux kernels intended for use within Microsoft \nAzure environments, that update introduced a regression that could \ncause the kernel to fail to boot in large Azure instance types. \nThis update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-15T00:00:00", "type": "ubuntu", "title": "Linux kernel (Azure) regression", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-38160", "CVE-2021-38204", "CVE-2021-3679", "CVE-2021-37576", "CVE-2021-33624"], "modified": "2021-10-15T00:00:00", "id": "USN-5091-3", "href": "https://ubuntu.com/security/notices/USN-5091-3", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T10:38:51", "description": "Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-28T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-38160", "CVE-2021-38204", "CVE-2021-3679", "CVE-2021-37576", "CVE-2021-33624"], "modified": "2021-09-28T00:00:00", "id": "USN-5091-1", "href": "https://ubuntu.com/security/notices/USN-5091-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-09T11:44:12", "description": "It was discovered that the f2fs file system in the Linux kernel did not \nproperly validate metadata in some situations. An attacker could use this \nto construct a malicious f2fs image that, when mounted and operated on, \ncould cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2019-19449)\n\nIt was discovered that the FUSE user space file system implementation in \nthe Linux kernel did not properly handle bad inodes in some situations. A \nlocal attacker could possibly use this to cause a denial of service. \n(CVE-2020-36322)\n\nIt was discovered that the Infiniband RDMA userspace connection manager \nimplementation in the Linux kernel contained a race condition leading to a \nuse-after-free vulnerability. A local attacker could use this to cause a \ndenial of service (system crash) or possible execute arbitrary code. \n(CVE-2020-36385)\n\nIlja Van Sprundel discovered that the SCTP implementation in the Linux \nkernel did not properly perform size validations on incoming packets in \nsome situations. An attacker could possibly use this to expose sensitive \ninformation (kernel memory). (CVE-2021-3655)\n\nIt was discovered that the Qualcomm IPC Router protocol implementation in \nthe Linux kernel did not properly validate metadata in some situations. A \nlocal attacker could use this to cause a denial of service (system crash) \nor expose sensitive information. (CVE-2021-3743)\n\nIt was discovered that the virtual terminal (vt) device implementation in \nthe Linux kernel contained a race condition in its ioctl handling that led \nto an out-of-bounds read vulnerability. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-3753)\n\nIt was discovered that the Linux kernel did not properly account for the \nmemory usage of certain IPC objects. A local attacker could use this to \ncause a denial of service (memory exhaustion). (CVE-2021-3759)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Aspeed Low Pin Count (LPC) Bus Controller \nimplementation in the Linux kernel did not properly perform boundary checks \nin some situations, allowing out-of-bounds write access. A local attacker \ncould use this to cause a denial of service (system crash) or possibly \nexecute arbitrary code. In Ubuntu, this issue only affected systems running \narmhf kernels. (CVE-2021-42252)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-11-09T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3743", "CVE-2020-36322", "CVE-2021-42252", "CVE-2021-3753", "CVE-2021-3655", "CVE-2021-38199", "CVE-2021-3759", "CVE-2019-19449", "CVE-2020-36385"], "modified": "2021-11-09T00:00:00", "id": "USN-5136-1", "href": "https://ubuntu.com/security/notices/USN-5136-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-04T10:36:45", "description": "It was discovered that the f2fs file system in the Linux kernel did not \nproperly validate metadata in some situations. An attacker could use this \nto construct a malicious f2fs image that, when mounted and operated on, \ncould cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2019-19449)\n\nIt was discovered that the Linux kernel did not properly enforce certain \ntypes of entries in the Secure Boot Forbidden Signature Database (aka dbx) \nprotection mechanism. An attacker could use this to bypass UEFI Secure Boot \nrestrictions. (CVE-2020-26541)\n\nIt was discovered that the KVM hypervisor implementation for AMD processors \nin the Linux kernel did not ensure enough processing time was given to \nperform cleanups of large SEV VMs. A local attacker could use this to cause \na denial of service (soft lockup). (CVE-2020-36311)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly perform reference counting in some situations, \nleading to a use-after-free vulnerability. An attacker who could start and \ncontrol a VM could possibly use this to expose sensitive information or \nexecute arbitrary code. (CVE-2021-22543)\n\nMurray McAllister discovered that the joystick device interface in the \nLinux kernel did not properly validate data passed via an ioctl(). A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code on systems with a joystick device \nregistered. (CVE-2021-3612)\n\nIt was discovered that the Linux kernel did not properly account for the \nmemory usage of certain IPC objects. A local attacker could use this to \ncause a denial of service (memory exhaustion). (CVE-2021-3759)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Xilinx LL TEMAC device driver in the Linux \nkernel did not properly calculate the number of buffers to be used in \ncertain situations. A remote attacker could use this to cause a denial of \nservice (system crash). (CVE-2021-38207)\n\nIt was discovered that the ext4 file system in the Linux kernel contained a \nrace condition when writing xattrs to an inode. A local attacker could use \nthis to cause a denial of service or possibly gain administrative \nprivileges. (CVE-2021-40490)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-21T00:00:00", "type": "ubuntu", "title": "Linux kernel (Azure) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-3759", "CVE-2021-40490", "CVE-2020-36311", "CVE-2021-38207", "CVE-2019-19449", "CVE-2021-3612", "CVE-2021-22543", "CVE-2020-26541"], "modified": "2021-10-21T00:00:00", "id": "USN-5120-1", "href": "https://ubuntu.com/security/notices/USN-5120-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-27T03:38:00", "description": "Valentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nBenedict Schlueter discovered that the BPF subsystem in the Linux kernel \ndid not properly protect against Speculative Store Bypass (SSB) side- \nchannel attacks in some situations. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-34556)\n\nPiotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not \nproperly protect against Speculative Store Bypass (SSB) side-channel \nattacks in some situations. A local attacker could possibly use this to \nexpose sensitive information. (CVE-2021-35477)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Option USB High Speed Mobile device driver in \nthe Linux kernel did not properly handle error conditions. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2021-37159)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Sun RPC implementation in the Linux kernel \ncontained an out-of-bounds access error. A remote attacker could possibly \nuse this to cause a denial of service (system crash). (CVE-2021-38201)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n\nIt was discovered that the Xilinx 10/100 Ethernet Lite device driver in the \nLinux kernel could report pointer addresses in some situations. An attacker \ncould use this information to ease the exploitation of another \nvulnerability. (CVE-2021-38205)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-28T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-38201", "CVE-2021-38205", "CVE-2021-41073", "CVE-2021-33624", "CVE-2021-37576", "CVE-2021-38204", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-3679", "CVE-2021-37159"], "modified": "2021-09-28T00:00:00", "id": "USN-5092-1", "href": "https://ubuntu.com/security/notices/USN-5092-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-27T03:37:50", "description": "Valentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nBenedict Schlueter discovered that the BPF subsystem in the Linux kernel \ndid not properly protect against Speculative Store Bypass (SSB) side- \nchannel attacks in some situations. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-34556)\n\nPiotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not \nproperly protect against Speculative Store Bypass (SSB) side-channel \nattacks in some situations. A local attacker could possibly use this to \nexpose sensitive information. (CVE-2021-35477)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Option USB High Speed Mobile device driver in \nthe Linux kernel did not properly handle error conditions. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2021-37159)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Sun RPC implementation in the Linux kernel \ncontained an out-of-bounds access error. A remote attacker could possibly \nuse this to cause a denial of service (system crash). (CVE-2021-38201)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n\nIt was discovered that the Xilinx 10/100 Ethernet Lite device driver in the \nLinux kernel could report pointer addresses in some situations. An attacker \ncould use this information to ease the exploitation of another \nvulnerability. (CVE-2021-38205)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-29T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-38201", "CVE-2021-38205", "CVE-2021-41073", "CVE-2021-33624", "CVE-2021-37576", "CVE-2021-38204", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-3679", "CVE-2021-37159"], "modified": "2021-09-29T00:00:00", "id": "USN-5092-2", "href": "https://ubuntu.com/security/notices/USN-5092-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-27T03:36:52", "description": "USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. \nUnfortunately, for Linux kernels intended for use within Microsoft \nAzure environments, that update introduced a regression that could \ncause the kernel to fail to boot in large Azure instance types. \nThis update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nValentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nBenedict Schlueter discovered that the BPF subsystem in the Linux kernel \ndid not properly protect against Speculative Store Bypass (SSB) side- \nchannel attacks in some situations. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-34556)\n\nPiotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not \nproperly protect against Speculative Store Bypass (SSB) side-channel \nattacks in some situations. A local attacker could possibly use this to \nexpose sensitive information. (CVE-2021-35477)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Option USB High Speed Mobile device driver in \nthe Linux kernel did not properly handle error conditions. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2021-37159)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Sun RPC implementation in the Linux kernel \ncontained an out-of-bounds access error. A remote attacker could possibly \nuse this to cause a denial of service (system crash). (CVE-2021-38201)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n\nIt was discovered that the Xilinx 10/100 Ethernet Lite device driver in the \nLinux kernel could report pointer addresses in some situations. An attacker \ncould use this information to ease the exploitation of another \nvulnerability. (CVE-2021-38205)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-18T00:00:00", "type": "ubuntu", "title": "Linux kernel (Azure) regression", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-38201", "CVE-2021-38205", "CVE-2021-41073", "CVE-2021-33624", "CVE-2021-37576", "CVE-2021-38204", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-3679", "CVE-2021-37159"], "modified": "2021-10-18T00:00:00", "id": "USN-5092-3", "href": "https://ubuntu.com/security/notices/USN-5092-3", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T10:38:42", "description": "Valentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nBenedict Schlueter discovered that the BPF subsystem in the Linux kernel \ndid not properly protect against Speculative Store Bypass (SSB) side- \nchannel attacks in some situations. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-34556)\n\nPiotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not \nproperly protect against Speculative Store Bypass (SSB) side-channel \nattacks in some situations. A local attacker could possibly use this to \nexpose sensitive information. (CVE-2021-35477)\n\nMurray McAllister discovered that the joystick device interface in the \nLinux kernel did not properly validate data passed via an ioctl(). A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code on systems with a joystick device \nregistered. (CVE-2021-3612)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Option USB High Speed Mobile device driver in \nthe Linux kernel did not properly handle error conditions. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2021-37159)\n\nAlois Wohlschlager discovered that the overlay file system in the Linux \nkernel did not restrict private clones in some situations. An attacker \ncould use this to expose sensitive information. (CVE-2021-3732)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nIt was discovered that the BPF subsystem in the Linux kernel contained an \ninteger overflow in its hash table implementation. A local attacker could \nuse this to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2021-38166)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Sun RPC implementation in the Linux kernel \ncontained an out-of-bounds access error. A remote attacker could possibly \nuse this to cause a denial of service (system crash). (CVE-2021-38201)\n\nIt was discovered that the NFS server implementation in the Linux kernel \ncontained an out-of-bounds read when the trace even framework is being used \nfor nfsd. A remote attacker could possibly use this to cause a denial of \nservice (system crash). (CVE-2021-38202)\n\nNaohiro Aota discovered that the btrfs file system in the Linux kernel \ncontained a race condition in situations that triggered allocations of new \nsystem chunks. A local attacker could possibly use this to cause a denial \nof service (deadlock). (CVE-2021-38203)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n\nIt was discovered that the Xilinx 10/100 Ethernet Lite device driver in the \nLinux kernel could report pointer addresses in some situations. An attacker \ncould use this information to ease the exploitation of another \nvulnerability. (CVE-2021-38205)\n\nIt was discovered that the ext4 file system in the Linux kernel contained a \nrace condition when writing xattrs to an inode. A local attacker could use \nthis to cause a denial of service or possibly gain administrative \nprivileges. (CVE-2021-40490)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-29T00:00:00", "type": "ubuntu", "title": "Linux kernel (OEM) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-3732", "CVE-2021-38160", "CVE-2021-38203", "CVE-2021-38204", "CVE-2021-3679", "CVE-2021-40490", "CVE-2021-38205", "CVE-2021-35477", "CVE-2021-37159", "CVE-2021-41073", "CVE-2021-34556", "CVE-2021-38166", "CVE-2021-3612", "CVE-2021-38201", "CVE-2021-38202"], "modified": "2021-09-29T00:00:00", "id": "USN-5096-1", "href": "https://ubuntu.com/security/notices/USN-5096-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-08-09T16:31:02", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-11-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-2636)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3753", "CVE-2021-38160", "CVE-2021-38199"], "modified": "2022-02-22T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-source", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2636.NASL", "href": "https://www.tenable.com/plugins/nessus/154812", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154812);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/22\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-3753\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-2636)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may\n cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl\n (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2636\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a35bcc9d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bpftool-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-source-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:28:40", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5091-2 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-30T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5091-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-33624", "CVE-2021-3679", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38204"], "modified": "2021-09-30T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4-headers-5.4.0-1044", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4-tools-5.4.0-1044", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.4.0-1044", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.4.0-1044", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04-edge"], "id": "UBUNTU_USN-5091-2.NASL", "href": "https://www.tenable.com/plugins/nessus/153801", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5091-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153801);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/30\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38204\"\n );\n script_xref(name:\"USN\", value:\"5091-2\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5091-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5091-2 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5091-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4-headers-5.4.0-1044\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4-tools-5.4.0-1044\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.4.0-1044\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.4.0-1044\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3679', 'CVE-2021-33624', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-38204');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5091-2');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-headers-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-headers-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-image-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-raspi-5.4-headers-5.4.0-1044', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-raspi-5.4-tools-5.4.0-1044', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-tools-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-tools-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.47'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi2', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi2-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi2', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi2-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-raspi', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-headers-5.4.0-1044', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-tools-5.4.0-1044', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-raspi2', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi2-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi2', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi2-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-buildinfo-5.4.0-1044-raspi / linux-headers-5.4.0-1044-raspi / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:27:23", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5091-1 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-28T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5091-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-33624", "CVE-2021-3679", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38204"], "modified": "2021-09-28T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-crashdump", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.4.0-1053", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.4.0-1053", "p-cpe:/a:canonical:ubuntu_linux:linux-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-headers-5.4.0-1053", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-tools-5.4.0-1053", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-cloud-tools-5.4.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-headers-5.4.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-source-5.4.0", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-tools-5.4.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.4.0-1047", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.4.0-1047", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.4.0-1055", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.4.0-1055", "p-cpe:/a:canonical:ubuntu_linux:linux-source", "p-cpe:/a:canonical:ubuntu_linux:linux-source-5.4.0", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04-edge"], "id": "UBUNTU_USN-5091-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153769", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5091-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153769);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/28\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38204\"\n );\n script_xref(name:\"USN\", value:\"5091-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5091-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5091-1 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5091-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-crashdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.4.0-1053\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.4.0-1053\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-headers-5.4.0-1053\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-tools-5.4.0-1053\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-cloud-tools-5.4.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-headers-5.4.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-source-5.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-tools-5.4.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.4.0-1047\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.4.0-1047\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.4.0-1055\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.4.0-1055\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-5.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3679', 'CVE-2021-33624', 'CVE-2021-37576', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-38204');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5091-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-aws-cloud-tools-5.4.0-1057', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-aws-headers-5.4.0-1057', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-aws-tools-5.4.0-1057', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-azure-cloud-tools-5.4.0-1059', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-azure-headers-5.4.0-1059', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-azure-tools-5.4.0-1059', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-88', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-common', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-crashdump', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-headers-5.4.0-1053', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-tools-5.4.0-1053', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-gke-headers-5.4.0-1053', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-gke-tools-5.4.0-1053', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-cloud-tools-5.4.0-1024', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-headers-5.4.0-1024', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-source-5.4.0', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-tools-5.4.0-1024', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-88', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-headers-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-headers-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-headers-kvm', 'pkgver': '5.4.0.1047.46'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-osp1', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oracle-lts-20.04', 'pkgver': '5.4.0.1055.55'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-image-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-image-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-image-kvm', 'pkgver': '5.4.0.1047.46'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-osp1', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle-lts-20.04', 'pkgver': '5.4.0.1055.55'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-kvm', 'pkgver': '5.4.0.1047.46'},\n {'osver': '20.04', 'pkgname': 'linux-kvm-headers-5.4.0-1047', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-kvm-tools-5.4.0-1047', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-libc-dev', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-oem', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-oem-osp1', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-oem-osp1-tools-host', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-oem-tools-host', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-headers-5.4.0-1055', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-lts-20.04', 'pkgver': '5.4.0.1055.55'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-tools-5.4.0-1055', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-source', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-source-5.4.0', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-88', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-tools-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-tools-common', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-tools-host', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-kvm', 'pkgver': '5.4.0.1047.46'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-osp1', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oracle-lts-20.04', 'pkgver': '5.4.0.1055.55'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws-cloud-tools-5.4.0-1057 / linux-aws-headers-5.4.0-1057 / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:28:14", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5106-1 advisory.\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (CVE-2021-22543)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-07T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5106-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-26541", "CVE-2021-22543", "CVE-2021-3612", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-41073"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-headers-5.10.0-1049", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-5.10.0-1049", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04b"], "id": "UBUNTU_USN-5106-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153908", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5106-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153908);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\n \"CVE-2020-26541\",\n \"CVE-2021-3612\",\n \"CVE-2021-22543\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-41073\"\n );\n script_xref(name:\"USN\", value:\"5106-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5106-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5106-1 advisory.\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database\n (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions\n before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the\n system or possibly escalate their privileges on the system. The highest threat from this vulnerability is\n to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass\n RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users\n with the ability to start and control a VM to read/write random pages of memory and can result in local\n privilege escalation. (CVE-2021-22543)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5106-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41073\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-headers-5.10.0-1049\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-5.10.0-1049\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04b\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2020-26541', 'CVE-2021-3612', 'CVE-2021-22543', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-41073');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5106-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04-edge', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04b', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04-edge', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04b', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04-edge', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04b', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.10-headers-5.10.0-1049', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.10-tools-5.10.0-1049', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.10-tools-host', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04-edge', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04b', 'pkgver': '5.10.0.1049.51'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-buildinfo-5.10.0-1049-oem / linux-headers-5.10.0-1049-oem / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:55:42", "description": "The version of kernel installed on the remote host is prior to 5.10.59-52.142. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-004 advisory.\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3655", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-38160", "CVE-2021-38199"], "modified": "2022-06-07T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-5.10.59-52.142", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALASKERNEL-5_10-2022-004.NASL", "href": "https://www.tenable.com/plugins/nessus/160434", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.10-2022-004.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160434);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/07\");\n\n script_cve_id(\n \"CVE-2021-3655\",\n \"CVE-2021-3679\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-004)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.10.59-52.142. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-004 advisory.\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-004.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-34556.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-35477.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3655.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3679.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-37159.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38160.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38199.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-5.10.59-52.142\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2021-3655\", \"CVE-2021-3679\", \"CVE-2021-34556\", \"CVE-2021-35477\", \"CVE-2021-37159\", \"CVE-2021-38160\", \"CVE-2021-38199\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.10-2022-004\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-aarch64-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-x86_64-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.59-52.142.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-livepatch-5.10.59-52.142-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:57:49", "description": "The version of kernel installed on the remote host is prior to 5.4.141-67.229. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-006 advisory.\n\n - An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184. (CVE-2020-36311)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-36311", "CVE-2021-33624", "CVE-2021-3655", "CVE-2021-3679", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199"], "modified": "2022-06-07T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALASKERNEL-5_4-2022-006.NASL", "href": "https://www.tenable.com/plugins/nessus/160429", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.4-2022-006.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160429);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/07\");\n\n script_cve_id(\n \"CVE-2020-36311\",\n \"CVE-2021-3655\",\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-38160\",\n \"CVE-2021-38198\",\n \"CVE-2021-38199\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-006)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.4.141-67.229. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-006 advisory.\n\n - An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a\n denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering\n many encrypted regions), aka CID-7be74942f184. (CVE-2020-36311)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access\n permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-006.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-36311.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-33624.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3655.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3679.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38160.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38198.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38199.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2020-36311\", \"CVE-2021-3655\", \"CVE-2021-3679\", \"CVE-2021-33624\", \"CVE-2021-38160\", \"CVE-2021-38198\", \"CVE-2021-38199\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.4-2022-006\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-aarch64-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-x86_64-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.141-67.229.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:36:39", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.\n (CVE-2021-42008)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-12-31T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2934)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-20322", "CVE-2021-21781", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3753", "CVE-2021-38199", "CVE-2021-40490", "CVE-2021-42008"], "modified": "2021-12-31T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2934.NASL", "href": "https://www.tenable.com/plugins/nessus/156431", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156431);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/31\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-3753\",\n \"CVE-2021-20322\",\n \"CVE-2021-21781\",\n \"CVE-2021-37159\",\n \"CVE-2021-38199\",\n \"CVE-2021-40490\",\n \"CVE-2021-42008\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2934)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66\n and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read\n the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's\n memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222\n 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab\n out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.\n (CVE-2021-42008)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2934\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?32432ab9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-42008\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"kernel-devel-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"kernel-headers-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"kernel-tools-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"kernel-tools-libs-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"perf-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"python-perf-3.10.0-862.14.1.5.h641.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:31:04", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5120-1 advisory.\n\n - In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). (CVE-2019-19449)\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184. (CVE-2020-36311)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (CVE-2021-22543)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes. (CVE-2021-38207)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-22T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5120-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19449", "CVE-2020-26541", "CVE-2020-36311", "CVE-2021-22543", "CVE-2021-3612", "CVE-2021-3759", "CVE-2021-38199", "CVE-2021-38207", "CVE-2021-40490"], "modified": "2021-10-22T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-cloud-tools-5.8.0-1043", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-headers-5.8.0-1043", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-tools-5.8.0-1043", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure"], "id": "UBUNTU_USN-5120-1.NASL", "href": "https://www.tenable.com/plugins/nessus/154338", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5120-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154338);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/22\");\n\n script_cve_id(\n \"CVE-2019-19449\",\n \"CVE-2020-26541\",\n \"CVE-2020-36311\",\n \"CVE-2021-3612\",\n \"CVE-2021-3759\",\n \"CVE-2021-22543\",\n \"CVE-2021-38199\",\n \"CVE-2021-38207\",\n \"CVE-2021-40490\"\n );\n script_xref(name:\"USN\", value:\"5120-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5120-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5120-1 advisory.\n\n - In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read\n access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in\n fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). (CVE-2019-19449)\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database\n (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a\n denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering\n many encrypted regions), aka CID-7be74942f184. (CVE-2020-36311)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions\n before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the\n system or possibly escalate their privileges on the system. The highest threat from this vulnerability is\n to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass\n RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users\n with the ability to start and control a VM to read/write random pages of memory and can result in local\n privilege escalation. (CVE-2021-22543)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to\n cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten\n minutes. (CVE-2021-38207)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5120-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3612\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-cloud-tools-5.8.0-1043\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-headers-5.8.0-1043\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-tools-5.8.0-1043\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2019-19449', 'CVE-2020-26541', 'CVE-2020-36311', 'CVE-2021-3612', 'CVE-2021-3759', 'CVE-2021-22543', 'CVE-2021-38199', 'CVE-2021-38207', 'CVE-2021-40490');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5120-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.8-cloud-tools-5.8.0-1043', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.8-headers-5.8.0-1043', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.8-tools-5.8.0-1043', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-azure', 'pkgver': '5.8.0.1043.46~20.04.15'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-azure / linux-azure-5.8-cloud-tools-5.8.0-1043 / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:29:56", "description": "The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5136-1 advisory.\n\n - In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). (CVE-2019-19449)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. (CVE-2020-36322)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-11-09T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5136-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19449", "CVE-2020-36322", "CVE-2020-36385", "CVE-2021-28950", "CVE-2021-3655", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-3759", "CVE-2021-38199", "CVE-2021-42252"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-cloud-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-cloud-tools-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-headers-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-tools-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-crashdump", "p-cpe:/a:canonical:ubuntu_linux:linux-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-headers-4.15.0-1030", "p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-tools-4.15.0-1030", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-headers-4.15.0-1111", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-tools-4.15.0-1111", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-cloud-tools-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-tools-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-4.15.0-1102", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-4.15.0-1102", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-4.15.0-1083", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-4.15.0-1083", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-headers-4.15.0-1098", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-tools-4.15.0-1098", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-headers-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-source", "p-cpe:/a:canonical:ubuntu_linux:linux-source-4.15.0", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04-edge"], "id": "UBUNTU_USN-5136-1.NASL", "href": "https://www.tenable.com/plugins/nessus/154972", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5136-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154972);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2019-19449\",\n \"CVE-2020-36322\",\n \"CVE-2020-36385\",\n \"CVE-2021-3655\",\n \"CVE-2021-3743\",\n \"CVE-2021-3753\",\n \"CVE-2021-3759\",\n \"CVE-2021-38199\",\n \"CVE-2021-42252\"\n );\n script_xref(name:\"USN\", value:\"5136-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5136-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5136-1 advisory.\n\n - In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read\n access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in\n fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). (CVE-2019-19449)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka\n CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system\n crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as\n CVE-2021-28950. (CVE-2020-36322)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-\n free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is\n called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5136-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-36385\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-42252\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-cloud-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-cloud-tools-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-headers-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-tools-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-crashdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-headers-4.15.0-1030\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-tools-4.15.0-1030\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-headers-4.15.0-1111\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-tools-4.15.0-1111\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-cloud-tools-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-tools-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-4.15.0-1102\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-4.15.0-1102\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-4.15.0-1083\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-4.15.0-1083\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-headers-4.15.0-1098\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-tools-4.15.0-1098\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-headers-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-4.15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2022 Canonical, Inc. / NASL script (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2019-19449', 'CVE-2020-36322', 'CVE-2020-36385', 'CVE-2021-3655', 'CVE-2021-3743', 'CVE-2021-3753', 'CVE-2021-3759', 'CVE-2021-38199');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5136-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'linux-aws-edge', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-aws-headers-4.15.0-1115', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-aws-hwe-cloud-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-aws-hwe-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-azure-cloud-tools-4.15.0-1126', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-azure-headers-4.15.0-1126', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-azure-tools-4.15.0-1126', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-162', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-headers-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-headers-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-headers-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-headers-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-hwe-cloud-tools-4.15.0-162', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-hwe-tools-4.15.0-162', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-image-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-image-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-oracle-headers-4.15.0-1083', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-oracle-tools-4.15.0-1083', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-signed-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-signed-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-signed-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-source-4.15.0', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-tools-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-tools-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-tools-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '18.04', 'pkgname': 'linux-aws-cloud-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-aws-headers-4.15.0-1115', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-aws-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-azure-4.15-cloud-tools-4.15.0-1126', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-azure-4.15-headers-4.15.0-1126', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-azure-4.15-tools-4.15.0-1126', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-162', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-common', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-crashdump', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-dell300x', 'pkgver': '4.15.0.1030.32'},\n {'osver': '18.04', 'pkgname': 'linux-dell300x-headers-4.15.0-1030', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-dell300x-tools-4.15.0-1030', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-4.15-headers-4.15.0-1111', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-4.15-tools-4.15.0-1111', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-162', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-headers-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-headers-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-headers-dell300x', 'pkgver': '4.15.0.1030.32'},\n {'osver': '18.04', 'pkgname': 'linux-headers-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-kvm', 'pkgver': '4.15.0.1102.98'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-headers-raspi2', 'pkgver': '4.15.0.1098.96'},\n {'osver': '18.04', 'pkgname': 'linux-headers-snapdragon', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-image-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-image-dell300x', 'pkgver': '4.15.0.1030.32'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-kvm', 'pkgver': '4.15.0.1102.98'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-image-raspi2', 'pkgver': '4.15.0.1098.96'},\n {'osver': '18.04', 'pkgname': 'linux-image-snapdragon', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-kvm', 'pkgver': '4.15.0.1102.98'},\n {'osver': '18.04', 'pkgname': 'linux-kvm-headers-4.15.0-1102', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-kvm-tools-4.15.0-1102', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-libc-dev', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-headers-4.15.0-1083', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-tools-4.15.0-1083', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-raspi2', 'pkgver': '4.15.0.1098.96'},\n {'osver': '18.04', 'pkgname': 'linux-raspi2-headers-4.15.0-1098', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-raspi2-tools-4.15.0-1098', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-signed-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-signed-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-signed-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon-headers-4.15.0-1115', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-source', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-source-4.15.0', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-162', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-tools-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-tools-common', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-dell300x', 'pkgver': '4.15.0.1030.32'},\n {'osver': '18.04', 'pkgname': 'linux-tools-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-host', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-kvm', 'pkgver': '4.15.0.1102.98'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-tools-raspi2', 'pkgver': '4.15.0.1098.96'},\n {'osver': '18.04', 'pkgname': 'linux-tools-snapdragon', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws-cloud-tools-4.15.0-1115 / linux-aws-edge / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-09T16:27:43", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5092-1 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-28T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5092-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-33624", "CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38201", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-41073"], "modified": "2021-09-28T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-cloud-tools-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-headers-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-tools-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-edge"], "id": "UBUNTU_USN-5092-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153770", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5092-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153770);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/28\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38201\",\n \"CVE-2021-38204\",\n \"CVE-2021-38205\",\n \"CVE-2021-41073\"\n );\n script_xref(name:\"USN\", value:\"5092-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5092-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5092-1 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service\n (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5092-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-cloud-tools-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-headers-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-tools-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3679', 'CVE-2021-33624', 'CVE-2021-34556', 'CVE-2021-35477', 'CVE-2021-37159', 'CVE-2021-37576', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-38201', 'CVE-2021-38204', 'CVE-2021-38205', 'CVE-2021-41073');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5092-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-aws-5.11-cloud-tools-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-aws-5.11-headers-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-aws-5.11-tools-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-headers-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-tools-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws / linux-aws-5.11-cloud-tools-5.11.0-1019 / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:27:23", "description": "The remote Ubuntu 20.04 LTS / 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5092-2 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-30T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5092-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-33624", "CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38201", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-41073"], "modified": "2021-09-30T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.04", "p-cpe:/a:canonical:ubuntu_linux:linux-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-cloud-tools-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-headers-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-tools-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-5.11.0-37", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-headers-5.11.0-37", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-source-5.11.0", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-5.11.0-37", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-headers-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-tools-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04-edge"], "id": "UBUNTU_USN-5092-2.NASL", "href": "https://www.tenable.com/plugins/nessus/153799", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5092-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153799);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/30\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38201\",\n \"CVE-2021-38204\",\n \"CVE-2021-38205\",\n \"CVE-2021-41073\"\n );\n script_xref(name:\"USN\", value:\"5092-2\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5092-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 21.04 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5092-2 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service\n (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5092-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-cloud-tools-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-headers-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-tools-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-5.11.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-headers-5.11.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-source-5.11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-5.11.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-headers-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-tools-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04|21\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 21.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3679', 'CVE-2021-33624', 'CVE-2021-34556', 'CVE-2021-35477', 'CVE-2021-37159', 'CVE-2021-37576', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-38201', 'CVE-2021-38204', 'CVE-2021-38205', 'CVE-2021-41073');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5092-2');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-azure-5.11-cloud-tools-5.11.0-1017', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.11-headers-5.11.0-1017', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.11-tools-5.11.0-1017', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-64k-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-64k-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oracle', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oracle-edge', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-cloud-tools-5.11.0-37', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-cloud-tools-common', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-headers-5.11.0-37', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-source-5.11.0', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-tools-5.11.0-37', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-tools-common', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-tools-host', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-64k-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle-edge', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-oracle', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-5.11-headers-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-5.11-tools-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-edge', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-64k-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oracle', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oracle-edge', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '21.04', 'pkgname': 'linux-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-azure-cloud-tools-5.11.0-1017', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-azure-headers-5.11.0-1017', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-azure-tools-5.11.0-1017', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-headers-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-image-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-image-unsigned-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-tools-azure', 'pkgver': '5.11.0.1017.18'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-azure / linux-azure-5.11-cloud-tools-5.11.0-1017 / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:34:46", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes. (CVE-2021-38207)\n\n - net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call. (CVE-2021-38208)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2688)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3655", "CVE-2021-3659", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38205", "CVE-2021-38207", "CVE-2021-38208"], "modified": "2021-11-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2688.NASL", "href": "https://www.tenable.com/plugins/nessus/155261", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155261);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/11\");\n\n script_cve_id(\n \"CVE-2021-3655\",\n \"CVE-2021-3659\",\n \"CVE-2021-3679\",\n \"CVE-2021-3743\",\n \"CVE-2021-3753\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38205\",\n \"CVE-2021-38207\",\n \"CVE-2021-38208\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2688)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to\n cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten\n minutes. (CVE-2021-38207)\n\n - net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial\n of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure\n of a bind call. (CVE-2021-38208)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2688\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d2ef017d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.19.90-vhulk2103.1.0.h584.eulerosv2r9\",\n \"kernel-tools-4.19.90-vhulk2103.1.0.h584.eulerosv2r9\",\n \"kernel-tools-libs-4.19.90-vhulk2103.1.0.h584.eulerosv2r9\",\n \"python3-perf-4.19.90-vhulk2103.1.0.h584.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T16:33:56", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the 'int_ctl' field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7. (CVE-2021-3653)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call. (CVE-2021-38208)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2713)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3656", "CVE-2021-3659", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3743", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-38205", "CVE-2021-38208"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2713.NASL", "href": "https://www.tenable.com/plugins/nessus/155119", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155119);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-3653\",\n \"CVE-2021-3655\",\n \"CVE-2021-3656\",\n \"CVE-2021-3659\",\n \"CVE-2021-3679\",\n \"CVE-2021-3743\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38198\",\n \"CVE-2021-38199\",\n \"CVE-2021-38205\",\n \"CVE-2021-38208\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2713)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when\n processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested\n guest (L2). Due to improper validation of the 'int_ctl' field, this issue could allow a malicious L1 to\n enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest\n would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak\n of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to\n 5.14-rc7. (CVE-2021-3653)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access\n permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial\n of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure\n of a bind call. (CVE-2021-38208)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2713\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?65b91eef\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3656\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.18.0-147.5.1.6.h579.eulerosv2r9\",\n \"kernel-tools-4.18.0-147.5.1.6.h579.eulerosv2r9\",\n \"kernel-tools-libs-4.18.0-147.5.1.6.h579.eulerosv2r9\",\n \"python3-perf-4.18.0-147.5.1.6.h579.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-12T15:24:26", "description": "The version of kernel installed on the remote host is prior to 4.14.268-139.500. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1571 advisory.\n\n - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.\n (CVE-2018-25020)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. (CVE-2020-36322)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)\n\n - An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. (CVE-2022-24448)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-08T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2022-1571)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-25020", "CVE-2020-36322", "CVE-2021-26341", "CVE-2021-26401", "CVE-2021-28950", "CVE-2021-38199", "CVE-2021-4197", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0330", "CVE-2022-0435", "CVE-2022-0617", "CVE-2022-23960", "CVE-2022-24448"], "modified": "2022-07-08T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2022-1571.NASL", "href": "https://www.tenable.com/plugins/nessus/158697", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1571.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158697);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/08\");\n\n script_cve_id(\n \"CVE-2018-25020\",\n \"CVE-2020-36322\",\n \"CVE-2021-4197\",\n \"CVE-2021-26341\",\n \"CVE-2021-26401\",\n \"CVE-2021-38199\",\n \"CVE-2022-0001\",\n \"CVE-2022-0002\",\n \"CVE-2022-0330\",\n \"CVE-2022-0435\",\n \"CVE-2022-0617\",\n \"CVE-2022-23960\",\n \"CVE-2022-24448\"\n );\n script_xref(name:\"ALAS\", value:\"2022-1571\");\n \n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2022-1571)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.268-139.500. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS-2022-1571 advisory.\n\n - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an\n instruction sequence where inner instructions require substantial expansions into multiple BPF\n instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.\n (CVE-2018-25020)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka\n CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system\n crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as\n CVE-2021-28950. (CVE-2020-36322)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way\n user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw\n to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)\n\n - An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the\n O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a\n regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file\n descriptor. (CVE-2022-24448)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2022-1571.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2018-25020.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-36322.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38199.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4197.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0330.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0435.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0617.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-24448.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0435\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\ninclude('hotfixes.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2018-25020\", \"CVE-2020-36322\", \"CVE-2021-4197\", \"CVE-2021-38199\", \"CVE-2022-0001\", \"CVE-2022-0002\", \"CVE-2022-0330\", \"CVE-2022-0435\", \"CVE-2022-0617\", \"CVE-2022-24448\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALAS-2022-1571\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-i686-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-12T15:23:27", "description": "The version of kernel installed on the remote host is prior to 4.14.268-205.500. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1761 advisory.\n\n - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.\n (CVE-2018-25020)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. (CVE-2020-36322)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)\n\n - An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. (CVE-2022-24448)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-08T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2022-1761)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-25020", "CVE-2020-36322", "CVE-2021-26341", "CVE-2021-26401", "CVE-2021-28950", "CVE-2021-38199", "CVE-2021-4197", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0330", "CVE-2022-0435", "CVE-2022-0617", "CVE-2022-23960", "CVE-2022-24448"], "modified": "2022-07-08T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-4.14.268-205.500", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1761.NASL", "href": "https://www.tenable.com/plugins/nessus/158720", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1761.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158720);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/07/08\");\n\n script_cve_id(\n \"CVE-2018-25020\",\n \"CVE-2020-36322\",\n \"CVE-2021-4197\",\n \"CVE-2021-26341\",\n \"CVE-2021-26401\",\n \"CVE-2021-38199\",\n \"CVE-2022-0001\",\n \"CVE-2022-0002\",\n \"CVE-2022-0330\",\n \"CVE-2022-0435\",\n \"CVE-2022-0617\",\n \"CVE-2022-23960\",\n \"CVE-2022-24448\"\n );\n script_xref(name:\"ALAS\", value:\"2022-1761\");\n \n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2022-1761)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.268-205.500. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2022-1761 advisory.\n\n - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an\n instruction sequence where inner instructions require substantial expansions into multiple BPF\n instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.\n (CVE-2018-25020)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka\n CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system\n crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as\n CVE-2021-28950. (CVE-2020-36322)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way\n user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw\n to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)\n\n - An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the\n O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a\n regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file\n descriptor. (CVE-2022-24448)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1761.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2018-25020.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-36322.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38199.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4197.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0330.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0435.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0617.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-24448.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0435\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-4.14.268-205.500\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\ninclude('hotfixes.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2018-25020\", \"CVE-2020-36322\", \"CVE-2021-4197\", \"CVE-2021-38199\", \"CVE-2022-0001\", \"CVE-2022-0002\", \"CVE-2022-0330\", \"CVE-2022-0435\", \"CVE-2022-0617\", \"CVE-2022-24448\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALAS-2022-1761\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-aarch64-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-205.500.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-livepatch-4.14.268-205.500-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T16:28:04", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4978 advisory.\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability. (CVE-2021-38166)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-09-25T00:00:00", "type": "nessus", "title": "Debian DSA-4978-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-3653", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-3732", "CVE-2021-3739", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38166", "CVE-2021-38199", "CVE-2021-40490", "CVE-2021-41073"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:bpftool", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:hyperv-daemons", "p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:libcpupower-dev", "p-cpe:/a:debian:debian_linux:libcpupower1", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-arm", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-s390", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-x86", "p-cpe:/a:debian:debian_linux:linux-config-5.10", "p-cpe:/a:debian:debian_linux:linux-cpupower", "p-cpe:/a:debian:debian_linux:linux-doc", "p-cpe:/a:debian:debian_linux:linux-doc-5.10", "p-cpe:/a:debian:debian_linux:linux-headers-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-686", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-cloud-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-cloud-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-common", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-common-rt", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-loongson-3", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-octeon", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rpi", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-s390x", "p-cpe:/a:debian:debian_linux:linux-headers-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-loongson-3", "p-cpe:/a:debian:debian_linux:linux-headers-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-octeon", "p-cpe:/a:debian:debian_linux:linux-headers-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-headers-rpi", "p-cpe:/a:debian:debian_linux:linux-headers-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-s390x", "p-cpe:/a:debian:debian_linux:linux-image-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-4kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-4kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-5kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-loongson-3", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-loongson-3-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-marvell", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-octeon", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-octeon-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-powerpc64le-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rpi", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rpi-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-s390x", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-s390x-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-armmp", "p-cpe:/a:debian:debian_linux:linux-image-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-loongson-3", "p-cpe:/a:debian:debian_linux:linux-image-loongson-3-dbg", "p-cpe:/a:debian:debian_linux:linux-image-marvell", "p-cpe:/a:debian:debian_linux:linux-image-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-image-octeon", "p-cpe:/a:debian:debian_linux:linux-image-octeon-dbg", "p-cpe:/a:debian:debian_linux:linux-image-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-image-powerpc64le-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rpi", "p-cpe:/a:debian:debian_linux:linux-image-rpi-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-rt-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-s390x", "p-cpe:/a:debian:debian_linux:linux-image-s390x-dbg", "p-cpe:/a:debian:debian_linux:linux-kbuild-5.10", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-perf", "p-cpe:/a:debian:debian_linux:linux-perf-5.10", "p-cpe:/a:debian:debian_linux:linux-source", "p-cpe:/a:debian:debian_linux:linux-source-5.10", "p-cpe:/a:debian:debian_linux:linux-support-5.10.0-8", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:speakup-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usbip", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-s390x-di", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-4978.NASL", "href": "https://www.tenable.com/plugins/nessus/153668", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-4978. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153668);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2020-3702\",\n \"CVE-2020-16119\",\n \"CVE-2021-3653\",\n \"CVE-2021-3656\",\n \"CVE-2021-3679\",\n \"CVE-2021-3732\",\n \"CVE-2021-3739\",\n \"CVE-2021-3743\",\n \"CVE-2021-3753\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38166\",\n \"CVE-2021-38199\",\n \"CVE-2021-40490\",\n \"CVE-2021-41073\"\n );\n\n script_name(english:\"Debian DSA-4978-1 : linux - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-4978 advisory.\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP\n socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux\n kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to\n improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for\n a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon\n Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon\n Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W,\n MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds\n write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without\n the CAP_SYS_ADMIN capability. (CVE-2021-38166)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2021/dsa-4978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-16119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-3702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37576\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-40490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-41073\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/linux\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 5.10.46-5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41073\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3656\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hyperv-daemons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-config-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-cpupower\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-cloud-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-cloud-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-4kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-5kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-loongson-3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-octeon-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-powerpc64le-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rpi-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-loongson-3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-octeon-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-powerpc64le-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rpi-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-kbuild-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-5.10.0-8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:speakup-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usbip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'bpftool', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'dasd-extra-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'dasd-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'efi-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fancontrol-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'hyperv-daemons', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'hypervisor-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ipv6-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jffs2-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'libcpupower-dev', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'libcpupower1', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-arm', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-s390', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-x86', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-config-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-cpupower', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-doc', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-doc-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-4kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-4kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-5kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-686', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-686-pae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-amd64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-arm64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-armmp-lpae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-cloud-amd64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-cloud-arm64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-common', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-common-rt', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-loongson-3', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-marvell', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-octeon', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-powerpc64le', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rpi', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rt-686-pae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rt-amd64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rt-arm64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rt-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-s390x', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-armmp-lpae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-loongson-3', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-marvell', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-octeon', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-powerpc64le', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-rpi', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-rt-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-s390x', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-4kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-4kc-malta-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-4kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-4kc-malta-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-5kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-5kc-malta-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-686-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-686-pae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-686-pae-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-686-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-amd64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-arm64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-armmp-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-armmp-lpae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-armmp-lpae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-cloud-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-cloud-amd64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-cloud-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-cloud-arm64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-loongson-3', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-loongson-3-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-marvell', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-marvell-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-octeon', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-octeon-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-powerpc64le', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-powerpc64le-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rpi', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rpi-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-686-pae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-686-pae-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-amd64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-arm64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-armmp-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-s390x', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-s390x-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5kc-malta-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-686-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-686-pae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-amd64-signed-template', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-arm64-signed-template', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-lpae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-lpae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-cloud-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-cloud-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-i386-signed-template', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-loongson-3', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-loongson-3-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-marvell', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-marvell-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-octeon', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-octeon-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-powerpc64le', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-powerpc64le-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rpi', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rpi-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-686-pae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-armmp-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-s390x', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-s390x-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-kbuild-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-libc-dev', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-perf', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-perf-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-source', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-source-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-support-5.10.0-8', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'rtc-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'serial-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'speakup-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usbip', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'affs-modules-5.10.0-8-4kc-malta-di / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T16:29:09", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5096-1 advisory.\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability. (CVE-2021-38166)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd. (CVE-2021-38202)\n\n - btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info. (CVE-2021-38203)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-30T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5096-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3612", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-38160", "CVE-2021-38166", "CVE-2021-38199", "CVE-2021-38201", "CVE-2021-38202", "CVE-2021-38203", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-40490", "CVE-2021-41073"], "modified": "2021-09-30T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-headers-5.13.0-1014", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-tools-5.13.0-1014", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04c"], "id": "UBUNTU_USN-5096-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153789", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5096-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153789);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/30\");\n\n script_cve_id(\n \"CVE-2021-3612\",\n \"CVE-2021-3679\",\n \"CVE-2021-3732\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38166\",\n \"CVE-2021-38199\",\n \"CVE-2021-38201\",\n \"CVE-2021-38202\",\n \"CVE-2021-38203\",\n \"CVE-2021-38204\",\n \"CVE-2021-38205\",\n \"CVE-2021-40490\",\n \"CVE-2021-41073\"\n );\n script_xref(name:\"USN\", value:\"5096-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5096-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5096-1 advisory.\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions\n before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the\n system or possibly escalate their privileges on the system. The highest threat from this vulnerability is\n to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds\n write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without\n the CAP_SYS_ADMIN capability. (CVE-2021-38166)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service\n (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of\n service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used\n for nfsd. (CVE-2021-38202)\n\n - btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via\n processes that trigger allocation of new system chunks during times when there is a shortage of free space\n in the system space_info. (CVE-2021-38203)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5096-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-headers-5.13.0-1014\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-tools-5.13.0-1014\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04c\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3612', 'CVE-2021-3679', 'CVE-2021-3732', 'CVE-2021-34556', 'CVE-2021-35477', 'CVE-2021-37159', 'CVE-2021-38160', 'CVE-2021-38166', 'CVE-2021-38199', 'CVE-2021-38201', 'CVE-2021-38202', 'CVE-2021-38203', 'CVE-2021-38204', 'CVE-2021-38205', 'CVE-2021-40490', 'CVE-2021-41073');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5096-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04c', 'pkgver': '5.13.0.1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04c', 'pkgver': '5.13.0.1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04c', 'pkgver': '5.13.0.1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.13-headers-5.13.0-1014', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.13-tools-5.13.0-1014', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.13-tools-host', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04c', 'pkgver': '5.13.0.1014.18'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-buildinfo-5.13.0-1014-oem / linux-headers-5.13.0-1014-oem / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-25T22:38:33", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-204573007References: Upstream kernel (CVE-2021-1048)\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.\n This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space (CVE-2021-22555)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. (CVE-2021-33909)\n\n - net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls. (CVE-2021-38209)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.0 : kernel (EulerOS-SA-2021-2818)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-25045", "CVE-2020-36385", "CVE-2021-1048", "CVE-2021-21781", "CVE-2021-22555", "CVE-2021-33624", "CVE-2021-33909", "CVE-2021-34693", "CVE-2021-3600", "CVE-2021-3609", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38209", "CVE-2021-40490"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2021-2818.NASL", "href": "https://www.tenable.com/plugins/nessus/156347", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156347);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-25045\",\n \"CVE-2020-36385\",\n \"CVE-2021-1048\",\n \"CVE-2021-3600\",\n \"CVE-2021-3609\",\n \"CVE-2021-3679\",\n \"CVE-2021-3753\",\n \"CVE-2021-21781\",\n \"CVE-2021-22555\",\n \"CVE-2021-33624\",\n \"CVE-2021-33909\",\n \"CVE-2021-34693\",\n \"CVE-2021-37159\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38209\",\n \"CVE-2021-40490\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0350\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.0 : kernel (EulerOS-SA-2021-2818)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free,\n related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-\n free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is\n called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-204573007References: Upstream kernel (CVE-2021-1048)\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66\n and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read\n the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's\n memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222\n 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.\n This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name\n space (CVE-2021-22555)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer\n allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an\n unprivileged user, aka CID-8cae8cd89f05. (CVE-2021-33909)\n\n - net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from\n kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in\n any net namespace because these changes are leaked into all other net namespaces. This is related to the\n NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls. (CVE-2021-38209)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2818\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b28a6b50\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Netfilter x_tables Heap OOB Write Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-tools-libs-devel-4.19.36-vhulk1907.1.0.h1101\",\n \"perf-4.19.36-vhulk1907.1.0.h1101\",\n \"python-perf-4.19.36-vhulk1907.1.0.h1101\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T21:16:33", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476 (CVE-2021-0605)\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.\n This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space (CVE-2021-22555)\n\n - An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations. (CVE-2021-29155)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel. (CVE-2021-31829)\n\n - An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi- device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. (CVE-2021-31916)\n\n - The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value. (CVE-2021-33033)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.\n (CVE-2021-33200)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. (CVE-2021-33909)\n\n - The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in the upstream kernel in commit 9b00f1b78809 ('bpf: Fix truncation handling for mod32 dst reg wrt zero') and in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101. (CVE-2021-3444)\n\n - net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-02-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : kernel (EulerOS-SA-2022-1070)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-25045", "CVE-2020-36385", "CVE-2021-0605", "CVE-2021-3444", "CVE-2021-3600", "CVE-2021-3609", "CVE-2021-3679", "CVE-2021-3753", "CVE-2021-21781", "CVE-2021-22555", "CVE-2021-29155", "CVE-2021-31829", "CVE-2021-31916", "CVE-2021-33033", "CVE-2021-33200", "CVE-2021-33624", "CVE-2021-33909", "CVE-2021-34693", "CVE-2021-37159", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-source", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2022-1070.NASL", "href": "https://www.tenable.com/plugins/nessus/158016", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158016);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\n \"CVE-2019-25045\",\n \"CVE-2020-36385\",\n \"CVE-2021-0605\",\n \"CVE-2021-3444\",\n \"CVE-2021-3600\",\n \"CVE-2021-3609\",\n \"CVE-2021-3679\",\n \"CVE-2021-3753\",\n \"CVE-2021-21781\",\n \"CVE-2021-22555\",\n \"CVE-2021-29155\",\n \"CVE-2021-31829\",\n \"CVE-2021-31916\",\n \"CVE-2021-33033\",\n \"CVE-2021-33200\",\n \"CVE-2021-33624\",\n \"CVE-2021-33909\",\n \"CVE-2021-34693\",\n \"CVE-2021-37159\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0350\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : kernel (EulerOS-SA-2022-1070)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free,\n related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-\n free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is\n called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This\n could lead to local information disclosure in the kernel with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476\n (CVE-2021-0605)\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66\n and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read\n the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's\n memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222\n 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.\n This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name\n space (CVE-2021-22555)\n\n - An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable\n out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre\n mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer\n arithmetic operations, the pointer modification performed by the first operation is not correctly\n accounted for when restricting subsequent operations. (CVE-2021-29155)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading\n to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not\n protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized\n data that might represent sensitive information previously operated on by the kernel. (CVE-2021-31829)\n\n - An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-\n device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with\n special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or\n a leak of internal kernel information. The highest threat from this vulnerability is to system\n availability. (CVE-2021-31916)\n\n - The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because\n the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads\n to writing an arbitrary value. (CVE-2021-33033)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic\n operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel\n memory, leading to local privilege escalation to root. In particular, there is a corner case where the off\n reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.\n (CVE-2021-33200)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer\n allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an\n unprivileged user, aka CID-8cae8cd89f05. (CVE-2021-33909)\n\n - The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when\n the source register was known to be 0. A local attacker with the ability to load bpf programs could use\n this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and\n possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in\n the upstream kernel in commit 9b00f1b78809 ('bpf: Fix truncation handling for mod32 dst reg wrt zero') and\n in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101. (CVE-2021-3444)\n\n - net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from\n kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1070\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1a24f539\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Netfilter x_tables Heap OOB Write Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bpftool-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-source-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-12T15:35:27", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2843 advisory.\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)\n\n - In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References:\n Upstream kernel (CVE-2021-0920)\n\n - A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.\n (CVE-2021-20317)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (CVE-2021-22543)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the int_ctl field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7. (CVE-2021-3653)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - inflect is vulnerable to Inefficient Regular Expression Complexity (CVE-2021-3820)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.\n (CVE-2021-42008)\n\n - The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. (CVE-2021-42739)\n\n - An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-12-17T00:00:00", "type": "nessus", "title": "Debian DLA-2843-1 : linux - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-0920", "CVE-2021-20317", "CVE-2021-20321", "CVE-2021-20322", "CVE-2021-22543", "CVE-2021-3612", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-3753", "CVE-2021-3760", "CVE-2021-3816", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-3820", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-40490", "CVE-2021-41864", "CVE-2021-42008", "CVE-2021-4273", "CVE-2021-42739", "CVE-2021-43389"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:hyperv-daemons", "p-cpe:/a:debian:debian_linux:libcpupower-dev", "p-cpe:/a:debian:debian_linux:libcpupower1", "p-cpe:/a:debian:debian_linux:libusbip-dev", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-6-arm", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-6-x86", "p-cpe:/a:debian:debian_linux:linux-cpupower", "p-cpe:/a:debian:debian_linux:linux-doc-4.9", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-686", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-armel", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-armhf", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-common", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-common-rt", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-arm64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-marvell", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-kbuild-4.9", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-4.9", "p-cpe:/a:debian:debian_linux:linux-perf-4.9", "p-cpe:/a:debian:debian_linux:linux-source-4.9", "p-cpe:/a:debian:debian_linux:linux-support-4.9.0-14", "p-cpe:/a:debian:debian_linux:usbip", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2843.NASL", "href": "https://www.tenable.com/plugins/nessus/156163", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2843. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156163);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2020-3702\",\n \"CVE-2020-16119\",\n \"CVE-2021-0920\",\n \"CVE-2021-3612\",\n \"CVE-2021-3653\",\n \"CVE-2021-3655\",\n \"CVE-2021-3679\",\n \"CVE-2021-3732\",\n \"CVE-2021-3753\",\n \"CVE-2021-3760\",\n \"CVE-2021-3816\",\n \"CVE-2021-3820\",\n \"CVE-2021-4273\",\n \"CVE-2021-20317\",\n \"CVE-2021-20321\",\n \"CVE-2021-20322\",\n \"CVE-2021-22543\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38198\",\n \"CVE-2021-38199\",\n \"CVE-2021-38204\",\n \"CVE-2021-38205\",\n \"CVE-2021-40490\",\n \"CVE-2021-41864\",\n \"CVE-2021-42008\",\n \"CVE-2021-42739\",\n \"CVE-2021-43389\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"Debian DLA-2843-1 : linux - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2843 advisory.\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP\n socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux\n kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to\n improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for\n a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon\n Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon\n Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W,\n MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)\n\n - In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This\n could lead to local escalation of privilege with System execution privileges needed. User interaction is\n not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References:\n Upstream kernel (CVE-2021-0920)\n\n - A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the\n timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user\n privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.\n (CVE-2021-20317)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass\n RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users\n with the ability to start and control a VM to read/write random pages of memory and can result in local\n privilege escalation. (CVE-2021-22543)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions\n before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the\n system or possibly escalate their privileges on the system. The highest threat from this vulnerability is\n to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when\n processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested\n guest (L2). Due to improper validation of the int_ctl field, this issue could allow a malicious L1 to\n enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest\n would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak\n of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to\n 5.14-rc7. (CVE-2021-3653)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access\n permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - inflect is vulnerable to Inefficient Regular Expression Complexity (CVE-2021-3820)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab\n out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.\n (CVE-2021-42008)\n\n - The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to\n drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt\n mishandles bounds checking. (CVE-2021-42739)\n\n - An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in\n the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-16119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-3702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-0920\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-20317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-20321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-20322\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-22543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3655\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37159\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3760\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38204\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-40490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-41864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-42008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-42739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-43389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/linux\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 4.9.290-1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3653\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hyperv-daemons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libusbip-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-6-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-6-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-cpupower\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-armel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-armhf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-kbuild-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-4.9.0-14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usbip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'hyperv-daemons', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'libcpupower-dev', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'libcpupower1', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'libusbip-dev', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-compiler-gcc-6-arm', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-compiler-gcc-6-x86', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-cpupower', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-doc-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-686', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-686-pae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-arm64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-armel', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-armhf', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-i386', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-arm64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-armmp', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-armmp-lpae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-common', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-common-rt', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-marvell', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-rt-686-pae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-rt-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-686', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-686-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-686-pae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-686-pae-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-amd64-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-arm64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-arm64-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-armmp', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-armmp-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-armmp-lpae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-armmp-lpae-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-marvell', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-marvell-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-rt-686-pae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-rt-686-pae-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-rt-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-rt-amd64-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-kbuild-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-libc-dev', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-manual-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-perf-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-source-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-support-4.9.0-14', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'usbip', 'reference': '4.9.290-1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hyperv-daemons / libcpupower-dev / libcpupower1 / libusbip-dev / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cloudfoundry": [{"lastseen": "2021-11-26T21:44:28", "description": "## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 18.04\n\n## Description\n\nSeveral security issues were fixed in the Linux kernel.\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk\n\ndiscovered that the BPF verifier in the Linux kernel missed possible\n\nmispredicted branches due to type confusion, allowing a side-channel\n\nattack. An attacker could use this to expose sensitive information.\n\n(CVE-2021-33624)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not\n\nproperly keep track of per-cpu ring buffer state. A privileged attacker\n\ncould use this to cause a denial of service. (CVE-2021-3679)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC\n\nsystems in the Linux kernel did not properly validate RTAS arguments in\n\nsome situations. An attacker in a guest vm could use this to cause a denial\n\nof service (host OS crash) or possibly execute arbitrary code.\n\n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux\n\nkernel did not properly validate input lengths in some situations. A local\n\nattacker could possibly use this to cause a denial of service (system\n\ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the\n\nLinux kernel did not properly order connection setup operations. An\n\nattacker controlling a remote NFS server could use this to cause a denial\n\nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux\n\nkernel did not properly handle device removal events. A physically\n\nproximate attacker could use this to cause a denial of service (system\n\ncrash). (CVE-2021-38204)\n\nCVEs contained in this USN include: CVE-2021-38160, CVE-2021-33624, CVE-2021-3679, CVE-2021-37576, CVE-2021-38199, CVE-2021-38204.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Bionic Stemcells \n * 1.x versions prior to 1.33\n * All other stemcells not listed.\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Bionic Stemcells \n * Upgrade 1.x versions to 1.33 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n\n## References\n\n * [USN Notice](<https://ubuntu.com/security/notices/USN-5091-1>)\n * [CVE-2021-38160](<https://people.canonical.com/~ubuntu-security/cve/CVE-2021-38160>)\n * [CVE-2021-33624](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-33624.html>)\n * [CVE-2021-3679](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3679.html>)\n * [CVE-2021-37576](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-37576.html>)\n * [CVE-2021-38199](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-38199.html>)\n * [CVE-2021-38204](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-38204.html>)\n\n## History\n\n2021-10-04: Initial vulnerability report published.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-04T00:00:00", "type": "cloudfoundry", "title": "USN-5091-1: Linux kernel vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33624", "CVE-2021-3679", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38204"], "modified": "2021-10-04T00:00:00", "id": "CFOUNDRY:F80B396F2BC116F4085AD8234E752ED0", "href": "https://www.cloudfoundry.org/blog/usn-5091-1-linux-kernel-vulnerabilities/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-21T07:40:27", "description": "## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 16.04\n * Canonical Ubuntu 18.04\n\n## Description\n\nSeveral security issues were fixed in the Linux kernel.\n\nCVEs contained in this USN include: CVE-2021-38199, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2019-19449, CVE-2020-36322, CVE-2020-36385, CVE-2021-3655.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Bionic Stemcells \n * 1.x versions prior to 1.41\n * All other stemcells not listed.\n * cflinuxfs3 \n * All versions prior to 0.265.0\n * CF Deployment \n * All versions prior to 17.1.0\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Bionic Stemcells \n * Upgrade 1.x versions to 1.41 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n * cflinuxfs3 \n * Upgrade all versions to 0.265.0 or greater\n * CF Deployment \n * Upgrade all versions to 17.1.0 or greater\n\n## References\n\n * [USN Notice](<https://ubuntu.com/security/notices/USN-5136-1>)\n * [CVE-2021-38199](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-38199.html>)\n * [CVE-2021-3743](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3743.html>)\n * [CVE-2021-3753](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3753.html>)\n * [CVE-2021-3759](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3759.html>)\n * [CVE-2019-19449](<https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19449.html>)\n * [CVE-2020-36322](<https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-36322.html>)\n * [CVE-2020-36385](<https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-36385.html>)\n * [CVE-2021-3655](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3655.html>)\n\n## History\n\n2022-01-20: Initial vulnerability report published.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2022-01-20T00:00:00", "type": "cloudfoundry", "title": "USN-5136-1: Linux kernel vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19449", "CVE-2020-36322", "CVE-2020-36385", "CVE-2021-3655", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-3759", "CVE-2021-38199"], "modified": "2022-01-20T00:00:00", "id": "CFOUNDRY:82DF14FC7487619119F0BE4E5983B231", "href": "https://www.cloudfoundry.org/blog/usn-5136-1-linux-kernel-vulnerabilities/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2022-05-24T17:25:53", "description": "**Issue Overview:**\n\nAmazon Linux has been made aware of a potential Branch Target Injection (BTI) issue (sometimes referred to as Spectre variant 2). This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient execution attacks do not have access to the data on the hosts they attempt to access (e.g. where privilege-level isolation is in place). For such attacks to succeed, actors need to be able to run code on the (virtual) machine hosting the data in which they are interested.\n\nTo mitigate this issue, Amazon Linux recommends that customers disable unprivileged eBPF. This configuration, having the unprivileged eBPF disabled, is the current default for most Linux distributions and as of this advisory, is also the default for all Amazon Linux kernels.\n\nSpecific mitigations for various CPUs are listed below.\n\nIntel CPUs: \nFor Intel CPUs, this applies to all instance types that have CPUs with eIBRS support. They are: \n*6i* (all sizes), c5d.metal, c5.metal, g4dn.metal, i3en.metal, m5*.metal, r5*.metal\n\nVectors outside of unprivileged eBPF are not currently known, and Intel recommends disabling unprivileged BPF, as mentioned above. However, optionally enabling \"spectre_v2=eibrs,lfence\" on Linux kernel command line on the instance types mentioned above, would provide additional protection.\n\nAMD CPUs: \nAs part of the investigation triggered by this issue, AMD now recommends using a different software mitigation inside the Linux kernel, which the Amazon Linux kernel is enabling by default. This means that the Linux kernel will use the generic retpoline software mitigation, instead of the specialized AMD one, on AMD instances (*5a*). This is done by default, and no administrator action is needed.\n\nARM CPUs: \nThe Amazon Linux kernel now enables, by default, a software mitigation for this issue, on all ARM-based EC2 instance types.\n\n \nA buffer overflow flaw in the Linux kernel BPF subsystem was found in the way users run BPF with long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2018-25020)\n\nA denial of service flaw was found in fuse_do_getattr in fs/fuse/dir.c in the kernel side of the FUSE filesystem in the Linux kernel. A local user could use this flaw to crash the system. (CVE-2020-36322)\n\nA flaw was found in the hanging of mounts in the Linux kernel's NFS4 subsystem where remote servers are unreachable for the client during migration of data from one server to another (during trunking detection). This flaw allows a remote NFS4 server (if the client is connected) to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-38199)\n\nAn unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-4197)\n\nNon-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure. (CVE-2022-0001)\n\nNon-transparent sharing of branch predictor within a context in some Intel(r) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\nA random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. (CVE-2022-0330)\n\nA stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. (CVE-2022-0435)\n\nA NULL pointer dereference was found in the Linux kernel's UDF file system functionality in the way the user triggers the udf_file_write_iter function for a malicious UDF image. This flaw allows a local user to crash the system. (CVE-2022-0617)\n\nA flaw was found in the Linux kernel. When an application tries to open a directory (using the O_DIRECTORY flag) in a mounted NFS filesystem, a lookup operation is performed. If the NFS server returns a file as a result of the lookup, the NFS filesystem returns an uninitialized file descriptor instead of the expected ENOTDIR value. This flaw leads to the kernel's data leak into the userspace. (CVE-2022-24448) \nReferences to CVE-2021-26401, CVE-2021-26341 and CVE-2022-23960 have been added after the original release of this advisory, however those vulnerabilities were fixed by the packages referenced by this advisory's initial release on 2022-03-07\n\nReferences to CVE-2022-0847 have been removed after the original release of this advisory, as we have determined that the code within kernel versions prior to 5.8 is not affected by CVE-2022-0847.\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 kernel-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-aarch64-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 perf-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 python-perf-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 python-perf-debuginfo-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.268-205.500.amzn2.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-205.500.amzn2.i686 \n \n src: \n \u00a0\u00a0\u00a0 kernel-4.14.268-205.500.amzn2.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 perf-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 python-perf-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 python-perf-debuginfo-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-livepatch-4.14.268-205.500-1.0-0.amzn2.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-07T23:32:00", "type": "amazon", "title": "Important: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25020", "CVE-2020-36322", "CVE-2021-26341", "CVE-2021-26401", "CVE-2021-38199", "CVE-2021-4197", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0330", "CVE-2022-0435", "CVE-2022-0617", "CVE-2022-0847", "CVE-2022-23960", "CVE-2022-24448"], "modified": "2022-05-23T21:55:00", "id": "ALAS2-2022-1761", "href": "https://alas.aws.amazon.com/AL2/ALAS-2022-1761.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-05-24T16:24:08", "description": "**Issue Overview:**\n\nAmazon Linux has been made aware of a potential Branch Target Injection (BTI) issue (sometimes referred to as Spectre variant 2). This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient execution attacks do not have access to the data on the hosts they attempt to access (e.g. where privilege-level isolation is in place). For such attacks to succeed, actors need to be able to run code on the (virtual) machine hosting the data in which they are interested.\n\nTo mitigate this issue, Amazon Linux recommends that customers disable unprivileged eBPF. This configuration, having the unprivileged eBPF disabled, is the current default for most Linux distributions and as of this advisory, is also the default for all Amazon Linux kernels.\n\nSpecific mitigations for various CPUs are listed below.\n\nIntel CPUs: \nFor Intel CPUs, this applies to all instance types that have CPUs with eIBRS support. They are: \n*6i* (all sizes), c5d.metal, c5.metal, g4dn.metal, i3en.metal, m5*.metal, r5*.metal\n\nVectors outside of unprivileged eBPF are not currently known, and Intel recommends disabling unprivileged BPF, as mentioned above. However, optionally enabling \"spectre_v2=eibrs,lfence\" on Linux kernel command line on the instance types mentioned above, would provide additional protection.\n\nAMD CPUs: \nAs part of the investigation triggered by this issue, AMD now recommends using a different software mitigation inside the Linux kernel, which the Amazon Linux kernel is enabling by default. This means that the Linux kernel will use the generic retpoline software mitigation, instead of the specialized AMD one, on AMD instances (*5a*). This is done by default, and no administrator action is needed.\n\nARM CPUs: \nThe Amazon Linux kernel now enables, by default, a software mitigation for this issue, on all ARM-based EC2 instance types.\n\n \nA buffer overflow flaw in the Linux kernel BPF subsystem was found in the way users run BPF with long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2018-25020)\n\nA denial of service flaw was found in fuse_do_getattr in fs/fuse/dir.c in the kernel side of the FUSE filesystem in the Linux kernel. A local user could use this flaw to crash the system. (CVE-2020-36322)\n\nA flaw was found in the hanging of mounts in the Linux kernel's NFS4 subsystem where remote servers are unreachable for the client during migration of data from one server to another (during trunking detection). This flaw allows a remote NFS4 server (if the client is connected) to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-38199)\n\nAn unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-4197)\n\nNon-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure. (CVE-2022-0001)\n\nNon-transparent sharing of branch predictor within a context in some Intel(r) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\nA random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. (CVE-2022-0330)\n\nA stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. (CVE-2022-0435)\n\nA NULL pointer dereference was found in the Linux kernel's UDF file system functionality in the way the user triggers the udf_file_write_iter function for a malicious UDF image. This flaw allows a local user to crash the system. (CVE-2022-0617)\n\nA flaw was found in the Linux kernel. When an application tries to open a directory (using the O_DIRECTORY flag) in a mounted NFS filesystem, a lookup operation is performed. If the NFS server returns a file as a result of the lookup, the NFS filesystem returns an uninitialized file descriptor instead of the expected ENOTDIR value. This flaw leads to the kernel's data leak into the userspace. (CVE-2022-24448) \nReferences to CVE-2021-26401, CVE-2021-26341 and CVE-2022-23960 have been added after the original release of this advisory, however those vulnerabilities were fixed by the packages referenced by this advisory's initial release on 2022-03-07\n\nReferences to CVE-2022-0847 have been removed after the original release of this advisory, as we have determined that the code within kernel versions prior to 5.8 is not affected by CVE-2022-0847. \n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 perf-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-i686-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.268-139.500.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 kernel-4.14.268-139.500.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-tools-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.268-139.500.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-07T23:19:00", "type": "amazon", "title": "Important: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25020", "CVE-2020-36322", "CVE-2021-26341", "CVE-2021-26401", "CVE-2021-38199", "CVE-2021-4197", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0330", "CVE-2022-0435", "CVE-2022-0617", "CVE-2022-0847", "CVE-2022-23960", "CVE-2022-24448"], "modified": "2022-05-23T21:59:00", "id": "ALAS-2022-1571", "href": "https://alas.aws.amazon.com/ALAS-2022-1571.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "osv": [{"lastseen": "2022-07-21T08:22:08", "description": "\nSeveral vulnerabilities have been discovered in the Linux kernel\nthat may lead to a privilege escalation, denial of service or\ninformation leaks.\n\n\n* [CVE-2020-3702](https://security-tracker.debian.org/tracker/CVE-2020-3702)\nA flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n* [CVE-2020-16119](https://security-tracker.debian.org/tracker/CVE-2020-16119)\nHadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n* [CVE-2021-3653](https://security-tracker.debian.org/tracker/CVE-2021-3653)\nMaxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int\\_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt Controller)\n for the L2 guest. The L2 guest can take advantage of this flaw to\n write to a limited but still relatively large subset of the host\n physical memory.\n* [CVE-2021-3656](https://security-tracker.debian.org/tracker/CVE-2021-3656)\nMaxim Levitsky and Paolo Bonzini discovered a flaw in the KVM\n hypervisor implementation for AMD processors in the Linux kernel.\n Missing validation of the `virt\\_ext` VMCB field could allow a\n malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS\n (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances,\n the L2 guest is able to run VMLOAD/VMSAVE unintercepted and thus\n read/write portions of the host's physical memory.\n* [CVE-2021-3679](https://security-tracker.debian.org/tracker/CVE-2021-3679)\nA flaw in the Linux kernel tracing module functionality could allow\n a privileged local user (with CAP\\_SYS\\_ADMIN capability) to cause a\n denial of service (resource starvation).\n* [CVE-2021-3732](https://security-tracker.debian.org/tracker/CVE-2021-3732)\nAlois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n* [CVE-2021-3739](https://security-tracker.debian.org/tracker/CVE-2021-3739)\nA NULL pointer dereference flaw was found in the btrfs filesystem,\n allowing a local attacker with CAP\\_SYS\\_ADMIN capabilities to cause a\n denial of service.\n* [CVE-2021-3743](https://security-tracker.debian.org/tracker/CVE-2021-3743)\nAn out-of-bounds memory read was discovered in the Qualcomm IPC\n router protocol implementation, allowing to cause a denial of\n service or information leak.\n* [CVE-2021-3753](https://security-tracker.debian.org/tracker/CVE-2021-3753)\nMinh Yuan reported a race condition in the vt\\_k\\_ioctl in\n drivers/tty/vt/vt\\_ioctl.c, which may cause an out of bounds\n read in vt.\n* [CVE-2021-37576](https://security-tracker.debian.org/tracker/CVE-2021-37576)\nAlexey Kardashevskiy reported a buffer overflow in the KVM subsystem\n on the powerpc platform, which allows KVM guest OS users to cause\n memory corruption on the host.\n* [CVE-2021-38160](https://security-tracker.debian.org/tracker/CVE-2021-38160)\nA flaw in the virtio\\_console was discovered allowing data corruption\n or data loss by an untrusted device.\n* [CVE-2021-38166](https://security-tracker.debian.org/tracker/CVE-2021-38166)\nAn integer overflow flaw in the BPF subsystem could allow a local\n attacker to cause a denial of service or potentially the execution\n of arbitrary code. This flaw is mitigated by default in Debian as\n unprivileged calls to bpf() are disabled.\n* [CVE-2021-38199](https://security-tracker.debian.org/tracker/CVE-2021-38199)\nMichael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n* [CVE-2021-40490](https://security-tracker.debian.org/tracker/CVE-2021-40490)\nA race condition was discovered in the ext4 subsystem when writing\n to an inline\\_data file while its xattrs are changing. This could\n result in denial of service.\n* [CVE-2021-41073](https://security-tracker.debian.org/tracker/CVE-2021-41073)\nValentina Palmiotti discovered a flaw in io\\_uring allowing a local\n attacker to escalate privileges.\n\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 5.10.46-5. This update includes fixes for #993948 and #993978.\n\n\nWe recommend that you upgrade your linux packages.\n\n\nFor the detailed security status of linux please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/linux>\n\n\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-09-25T00:00:00", "type": "osv", "title": "linux - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-3653", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-3732", "CVE-2021-3739", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38166", "CVE-2021-38199", "CVE-2021-40490", "CVE-2021-41073"], "modified": "2022-07-21T05:50:50", "id": "OSV:DSA-4978-1", "href": "https://osv.dev/vulnerability/DSA-4978-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-21T08:14:49", "description": "\n[CVE-2021-3653](https://security-tracker.debian.org/tracker/CVE-2021-3653) [CVE-2021-3655](https://security-tracker.debian.org/tracker/CVE-2021-3655) [CVE-2021-3679](https://security-tracker.debian.org/tracker/CVE-2021-3679) [CVE-2021-3732](https://security-tracker.debian.org/tracker/CVE-2021-3732)\n[CVE-2021-3753](https://security-tracker.debian.org/tracker/CVE-2021-3753) [CVE-2021-3760](https://security-tracker.debian.org/tracker/CVE-2021-3760) [CVE-2021-20317](https://security-tracker.debian.org/tracker/CVE-2021-20317) [CVE-2021-20321](https://security-tracker.debian.org/tracker/CVE-2021-20321)\n[CVE-2021-20322](https://security-tracker.debian.org/tracker/CVE-2021-20322) [CVE-2021-22543](https://security-tracker.debian.org/tracker/CVE-2021-22543) [CVE-2021-37159](https://security-tracker.debian.org/tracker/CVE-2021-37159) [CVE-2021-38160](https://security-tracker.debian.org/tracker/CVE-2021-38160)\n[CVE-2021-38198](https://security-tracker.debian.org/tracker/CVE-2021-38198) [CVE-2021-38199](https://security-tracker.debian.org/tracker/CVE-2021-38199) [CVE-2021-38204](https://security-tracker.debian.org/tracker/CVE-2021-38204) [CVE-2021-38205](https://security-tracker.debian.org/tracker/CVE-2021-38205)\n[CVE-2021-40490](https://security-tracker.debian.org/tracker/CVE-2021-40490) [CVE-2021-41864](https://security-tracker.debian.org/tracker/CVE-2021-41864) [CVE-2021-42008](https://security-tracker.debian.org/tracker/CVE-2021-42008) [CVE-2021-42739](https://security-tracker.debian.org/tracker/CVE-2021-42739)\n[CVE-2021-43389](https://security-tracker.debian.org/tracker/CVE-2021-43389)\n\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service, or information\nleaks.\n\n\n* [CVE-2020-3702](https://security-tracker.debian.org/tracker/CVE-2020-3702)\nA flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n* [CVE-2020-16119](https://security-tracker.debian.org/tracker/CVE-2020-16119)\nHadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n* [CVE-2021-0920](https://security-tracker.debian.org/tracker/CVE-2021-0920)\nA race condition was discovered in the local sockets (AF\\_UNIX)\n subsystem, which could lead to a use-after-free. A local user\n could exploit this for denial of service (memory corruption or\n crash), or possibly for privilege escalation.\n* [CVE-2021-3612](https://security-tracker.debian.org/tracker/CVE-2021-3612)\nMurray McAllister reported a flaw in the joystick input subsystem.\n A local user permitted to access a joystick device could exploit\n this to read and write out-of-bounds in the kernel, which could\n be used for privilege escalation.\n* [CVE-2021-3653](https://security-tracker.debian.org/tracker/CVE-2021-3653)\nMaxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int\\_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt\n Controller) for the L2 guest. The L2 guest can take advantage of\n this flaw to write to a limited but still relatively large subset\n of the host physical memory.\n* [CVE-2021-3655](https://security-tracker.debian.org/tracker/CVE-2021-3655)\nIlja Van Sprundel and Marcelo Ricardo Leitner found multiple flaws\n in the SCTP implementation, where missing validation could lead to\n an out-of-bounds read. On a system using SCTP, a networked\n attacker could exploit these to cause a denial of service (crash).\n* [CVE-2021-3679](https://security-tracker.debian.org/tracker/CVE-2021-3679)\nA flaw in the Linux kernel tracing module functionality could\n allow a privileged local user (with CAP\\_SYS\\_ADMIN capability) to\n cause a denial of service (resource starvation).\n* [CVE-2021-3732](https://security-tracker.debian.org/tracker/CVE-2021-3732)\nAlois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n* [CVE-2021-3753](https://security-tracker.debian.org/tracker/CVE-2021-3753)\nMinh Yuan reported a race condition in the vt\\_k\\_ioctl in\n drivers/tty/vt/vt\\_ioctl.c, which may cause an out of bounds read\n in vt.\n* [CVE-2021-3760](https://security-tracker.debian.org/tracker/CVE-2021-3760)\nLin Horse reported a flaw in the NCI (NFC Controller Interface)\n driver, which could lead to a use-after-free.\n\n\nHowever, this driver is not included in the binary packages\n provided by Debian.\n* [CVE-2021-20317](https://security-tracker.debian.org/tracker/CVE-2021-20317)\nIt was discovered that the timer queue structure could become\n corrupt, leading to waiting tasks never being woken up. A local\n user with certain privileges could exploit this to cause a denial\n of service (system hang).\n* [CVE-2021-20321](https://security-tracker.debian.org/tracker/CVE-2021-20321)\nA race condition was discovered in the overlayfs filesystem\n driver. A local user with access to an overlayfs mount and to its\n underlying upper directory could exploit this for privilege\n escalation.\n* [CVE-2021-20322](https://security-tracker.debian.org/tracker/CVE-2021-20322)\nAn information leak was discovered in the IPv4 implementation. A\n remote attacker could exploit this to quickly discover which UDP\n ports a system is using, making it easier for them to carry out a\n DNS poisoning attack against that system.\n* [CVE-2021-22543](https://security-tracker.debian.org/tracker/CVE-2021-22543)\nDavid Stevens discovered a flaw in how the KVM hypervisor maps\n host memory into a guest. A local user permitted to access\n /dev/kvm could use this to cause certain pages to be freed when\n they should not, leading to a use-after-free. This could be used\n to cause a denial of service (crash or memory corruption) or\n possibly for privilege escalation.\n* [CVE-2021-37159](https://security-tracker.debian.org/tracker/CVE-2021-37159)\nA flaw was discovered in the hso driver for Option mobile\n broadband modems. An error during initialisation could lead to a\n double-free or use-after-free. An attacker able to plug in USB\n devices could use this to cause a denial of service (crash or\n memory corruption) or possibly to run arbitrary code.\n* [CVE-2021-38160](https://security-tracker.debian.org/tracker/CVE-2021-38160)\nA flaw in the virtio\\_console was discovered allowing data\n corruption or data loss by an untrusted device.\n* [CVE-2021-38198](https://security-tracker.debian.org/tracker/CVE-2021-38198)\nA flaw was discovered in the KVM implementation for x86\n processors, that could result in virtual memory protection within\n a guest not being applied correctly. When shadow page tables are\n used - i.e. for nested virtualisation, or on CPUs lacking the EPT\n or NPT feature - a user of the guest OS might be able to exploit\n this for denial of service or privilege escalation within the\n guest.\n* [CVE-2021-38199](https://security-tracker.debian.org/tracker/CVE-2021-38199)\nMichael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n* [CVE-2021-38204](https://security-tracker.debian.org/tracker/CVE-2021-38204)\nA flaw was discovered in the max4321-hcd USB host controller\n driver, which could lead to a use-after-free.\n\n\nHowever, this driver is not included in the binary packages\n provided by Debian.\n* [CVE-2021-38205](https://security-tracker.debian.org/tracker/CVE-2021-38205)\nAn information leak was discovered in the xilinx\\_emaclite network\n driver. On a custom kernel where this driver is enabled and used,\n this might make it easier to exploit other kernel bugs.\n* [CVE-2021-40490](https://security-tracker.debian.org/tracker/CVE-2021-40490)\nA race condition was discovered in the ext4 subsystem when writing\n to an inline\\_data file while its xattrs are changing. This could\n result in denial of service.\n* [CVE-2021-41864](https://security-tracker.debian.org/tracker/CVE-2021-41864)\nAn integer overflow was discovered in the Extended BPF (eBPF)\n subsystem. A local user could exploit this for denial of service\n (memory corruption or crash), or possibly for privilege\n escalation.\n\n\nThis can be mitigated by setting sysctl\n kernel.unprivileged\\_bpf\\_disabled=1, which disables eBPF use by\n unprivileged users.\n* [CVE-2021-42008](https://security-tracker.debian.org/tracker/CVE-2021-42008)\nA heap buffer overflow was discovered in the 6pack serial port\n network driver. A local user with CAP\\_NET\\_ADMIN capability could\n exploit this for denial of service (memory corruption or crash), or\n possibly for privilege escalation.\n* [CVE-2021-42739](https://security-tracker.debian.org/tracker/CVE-2021-42739)\nA heap buffer overflow was discovered in the firedtv driver for\n FireWire-connected DVB receivers. A local user with access to a\n firedtv device could exploit this for denial of service (memory\n corruption or crash), or possibly for privilege escalation.\n* [CVE-2021-43389](https://security-tracker.debian.org/tracker/CVE-2021-43389)\nThe Active Defense Lab of Venustech discovered a flaw in the CMTP\n subsystem as used by Bluetooth, which could lead to an\n out-of-bounds read and object type confusion. A local user with\n CAP\\_NET\\_ADMIN capability in the initial user namespace could\n exploit this for denial of service (memory corruption or crash),\n or possibly for privilege escalation.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n4.9.290-1.\n\n\nWe recommend that you upgrade your linux packages.\n\n\nFor the detailed security status of linux please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/linux>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-16T00:00:00", "type": "osv", "title": "linux - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-0920", "CVE-2021-20317", "CVE-2021-20321", "CVE-2021-20322", "CVE-2021-22543", "CVE-2021-3612", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-3753", "CVE-2021-3760", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-40490", "CVE-2021-41864", "CVE-2021-42008", "CVE-2021-42739", "CVE-2021-43389"], "modified": "2022-07-21T05:53:58", "id": "OSV:DLA-2843-1", "href": "https://osv.dev/vulnerability/DLA-2843-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-05T05:19:41", "description": "\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\n\n* [CVE-2020-3702](https://security-tracker.debian.org/tracker/CVE-2020-3702)\nA flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n* [CVE-2020-16119](https://security-tracker.debian.org/tracker/CVE-2020-16119)\nHadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n* [CVE-2021-3444](https://security-tracker.debian.org/tracker/CVE-2021-3444)\n, [CVE-2021-3600](https://security-tracker.debian.org/tracker/CVE-2021-3600)\n\n\nTwo flaws were discovered in the Extended BPF (eBPF) verifier. A\n local user could exploit these to read and write arbitrary memory\n in the kernel, which could be used for privilege escalation.\n\n\nThis can be mitigated by setting sysctl\n kernel.unprivileged\\_bpf\\_disabled=1, which disables eBPF use by\n unprivileged users.\n* [CVE-2021-3612](https://security-tracker.debian.org/tracker/CVE-2021-3612)\nMurray McAllister reported a flaw in the joystick input subsystem.\n A local user permitted to access a joystick device could exploit\n this to read and write out-of-bounds in the kernel, which could\n be used for privilege escalation.\n* [CVE-2021-3653](https://security-tracker.debian.org/tracker/CVE-2021-3653)\nMaxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int\\_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt\n Controller) for the L2 guest. The L2 guest can take advantage of\n this flaw to write to a limited but still relatively large subset\n of the host physical memory.\n* [CVE-2021-3655](https://security-tracker.debian.org/tracker/CVE-2021-3655)\nIlja Van Sprundel and Marcelo Ricardo Leitner found multiple flaws\n in the SCTP implementation, where missing validation could lead to\n an out-of-bounds read. On a system using SCTP, a networked\n attacker could exploit these to cause a denial of service (crash).\n* [CVE-2021-3656](https://security-tracker.debian.org/tracker/CVE-2021-3656)\nMaxim Levitsky and Paolo Bonzini discovered a flaw in the KVM\n hypervisor implementation for AMD processors in the Linux\n kernel. Missing validation of the `virt\\_ext` VMCB field could\n allow a malicious L1 guest to disable both VMLOAD/VMSAVE\n intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. Under\n these circumstances, the L2 guest is able to run VMLOAD/VMSAVE\n unintercepted and thus read/write portions of the host's physical\n memory.\n* [CVE-2021-3679](https://security-tracker.debian.org/tracker/CVE-2021-3679)\nA flaw in the Linux kernel tracing module functionality could\n allow a privileged local user (with CAP\\_SYS\\_ADMIN capability) to\n cause a denial of service (resource starvation).\n* [CVE-2021-3732](https://security-tracker.debian.org/tracker/CVE-2021-3732)\nAlois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n* [CVE-2021-3743](https://security-tracker.debian.org/tracker/CVE-2021-3743)\nAn out-of-bounds memory read was discovered in the Qualcomm IPC\n router protocol implementation, allowing to cause a denial of\n service or information leak.\n* [CVE-2021-3753](https://security-tracker.debian.org/tracker/CVE-2021-3753)\nMinh Yuan reported a race condition in the vt\\_k\\_ioctl in\n drivers/tty/vt/vt\\_ioctl.c, which may cause an out of bounds read\n in vt.\n* [CVE-2021-22543](https://security-tracker.debian.org/tracker/CVE-2021-22543)\nDavid Stevens discovered a flaw in how the KVM hypervisor maps\n host memory into a guest. A local user permitted to access\n /dev/kvm could use this to cause certain pages to be freed when\n they should not, leading to a use-after-free. This could be used\n to cause a denial of service (crash or memory corruption) or\n possibly for privilege escalation.\n* [CVE-2021-33624](https://security-tracker.debian.org/tracker/CVE-2021-33624)\n, [CVE-2021-34556](https://security-tracker.debian.org/tracker/CVE-2021-34556), [CVE-2021-35477](https://security-tracker.debian.org/tracker/CVE-2021-35477)\n\n\nMultiple researchers discovered flaws in the Extended BPF (eBPF)\n verifier's protections against information leaks through\n speculation execution. A local user could exploit these to read\n sensitive information.\n\n\nThis can be mitigated by setting sysctl\n kernel.unprivileged\\_bpf\\_disabled=1, which disables eBPF use by\n unprivileged users.\n* [CVE-2021-35039](https://security-tracker.debian.org/tracker/CVE-2021-35039)\nA flaw was discovered in module signature enforcement. A custom\n kernel with IMA enabled might have allowed loading unsigned kernel\n modules when it should not have.\n* [CVE-2021-37159](https://security-tracker.debian.org/tracker/CVE-2021-37159)\nA flaw was discovered in the hso driver for Option mobile\n broadband modems. An error during initialisation could lead to a\n double-free or use-after-free. An attacker able to plug in USB\n devices could use this to cause a denial of service (crash or\n memory corruption) or possibly to run arbitrary code.\n* [CVE-2021-38160](https://security-tracker.debian.org/tracker/CVE-2021-38160)\nA flaw in the virtio\\_console was discovered allowing data\n corruption or data loss by an untrusted device.\n* [CVE-2021-38198](https://security-tracker.debian.org/tracker/CVE-2021-38198)\nA flaw was discovered in the KVM implementation for x86\n processors, that could result in virtual memory protection within\n a guest not being applied correctly. When shadow page tables are\n used - i.e. for nested virtualisation, or on CPUs lacking the EPT\n or NPT feature - a user of the guest OS might be able to exploit\n this for denial of service or privilege escalation within the\n guest.\n* [CVE-2021-38199](https://security-tracker.debian.org/tracker/CVE-2021-38199)\nMichael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n* [CVE-2021-38205](https://security-tracker.debian.org/tracker/CVE-2021-38205)\nAn information leak was discovered in the xilinx\\_emaclite network\n driver. On a custom kernel where this driver is enabled and used,\n this might make it easier to exploit other kernel bugs.\n* [CVE-2021-40490](https://security-tracker.debian.org/tracker/CVE-2021-40490)\nA race condition was discovered in the ext4 subsystem when writing\n to an inline\\_data file while its xattrs are changing. This could\n result in denial of service.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n4.19.208-1~deb9u1.\n\n\nWe recommend that you upgrade your linux-4.19 packages.\n\n\nFor the detailed security status of linux-4.19 please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/linux-4.19>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-10-15T00:00:00", "type": "osv", "title": "linux-4.19 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-22543", "CVE-2021-33624", "CVE-2021-3444", "CVE-2021-34556", "CVE-2021-35039", "CVE-2021-35477", "CVE-2021-3600", "CVE-2021-3612", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-40490", "CVE-2021-42008", "CVE-2021-42252"], "modified": "2022-08-05T05:19:12", "id": "OSV:DLA-2785-1", "href": "https://osv.dev/vulnerability/DLA-2785-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2022-07-04T02:01:17", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4978-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 25, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3653 CVE-2021-3656 \n CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 \n CVE-2021-3753 CVE-2021-37576 CVE-2021-38160 CVE-2021-38166 \n CVE-2021-38199 CVE-2021-40490 CVE-2021-41073\nDebian Bug : 993948 993978\n\nSeveral vulnerabilities have been discovered in the Linux kernel\nthat may lead to a privilege escalation, denial of service or\ninformation leaks.\n\nCVE-2020-3702\n\n A flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n\nCVE-2020-16119\n\n Hadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n\nCVE-2021-3653\n\n Maxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt Controller)\n for the L2 guest. The L2 guest can take advantage of this flaw to\n write to a limited but still relatively large subset of the host\n physical memory.\n\nCVE-2021-3656\n\n Maxim Levitsky and Paolo Bonzini discovered a flaw in the KVM\n hypervisor implementation for AMD processors in the Linux kernel.\n Missing validation of the the `virt_ext` VMCB field could allow a\n malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS\n (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances,\n the L2 guest is able to run VMLOAD/VMSAVE unintercepted and thus\n read/write portions of the host's physical memory.\n\nCVE-2021-3679\n\n A flaw in the Linux kernel tracing module functionality could allow\n a privileged local user (with CAP_SYS_ADMIN capability) to cause a\n denial of service (resource starvation).\n\nCVE-2021-3732\n\n Alois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n\nCVE-2021-3739\n\n A NULL pointer dereference flaw was found in the btrfs filesystem,\n allowing a local attacker with CAP_SYS_ADMIN capabilities to cause a\n denial of service.\n\nCVE-2021-3743\n\n An out-of-bounds memory read was discovered in the Qualcomm IPC\n router protocol implementation, allowing to cause a denial of\n service or information leak.\n\nCVE-2021-3753\n\n Minh Yuan reported a race condition in the vt_k_ioctl in\n drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds\n read in vt.\n\nCVE-2021-37576\n\n Alexey Kardashevskiy reported a buffer overflow in the KVM subsystem\n on the powerpc platform, which allows KVM guest OS users to cause\n memory corruption on the host.\n\nCVE-2021-38160\n\n A flaw in the virtio_console was discovered allowing data corruption\n or data loss by an untrusted device.\n\nCVE-2021-38166\n\n An integer overflow flaw in the BPF subsystem could allow a local\n attacker to cause a denial of service or potentially the execution\n of arbitrary code. This flaw is mitigated by default in Debian as\n unprivileged calls to bpf() are disabled.\n\nCVE-2021-38199\n\n Michael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n\nCVE-2021-40490\n\n A race condition was discovered in the ext4 subsystem when writing\n to an inline_data file while its xattrs are changing. This could\n result in denial of service.\n\nCVE-2021-41073\n\n Valentina Palmiotti discovered a flaw in io_uring allowing a local\n attacker to escalate privileges.\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 5.10.46-5. This update includes fixes for #993948 and #993978.\n\nWe recommend that you upgrade your linux packages.\n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-09-25T08:09:05", "type": "debian", "title": "[SECURITY] [DSA 4978-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-3653", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-3732", "CVE-2021-3739", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38166", "CVE-2021-38199", "CVE-2021-40490", "CVE-2021-41073"], "modified": "2021-09-25T08:09:05", "id": "DEBIAN:DSA-4978-1:4EC47", "href": "https://lists.debian.org/debian-security-announce/2021/msg00163.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-28T08:50:23", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4978-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 25, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3653 CVE-2021-3656 \n CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 \n CVE-2021-3753 CVE-2021-37576 CVE-2021-38160 CVE-2021-38166 \n CVE-2021-38199 CVE-2021-40490 CVE-2021-41073\nDebian Bug : 993948 993978\n\nSeveral vulnerabilities have been discovered in the Linux kernel\nthat may lead to a privilege escalation, denial of service or\ninformation leaks.\n\nCVE-2020-3702\n\n A flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n\nCVE-2020-16119\n\n Hadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n\nCVE-2021-3653\n\n Maxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt Controller)\n for the L2 guest. The L2 guest can take advantage of this flaw to\n write to a limited but still relatively large subset of the host\n physical memory.\n\nCVE-2021-3656\n\n Maxim Levitsky and Paolo Bonzini discovered a flaw in the KVM\n hypervisor implementation for AMD processors in the Linux kernel.\n Missing validation of the the `virt_ext` VMCB field could allow a\n malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS\n (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances,\n the L2 guest is able to run VMLOAD/VMSAVE unintercepted and thus\n read/write portions of the host's physical memory.\n\nCVE-2021-3679\n\n A flaw in the Linux kernel tracing module functionality could allow\n a privileged local user (with CAP_SYS_ADMIN capability) to cause a\n denial of service (resource starvation).\n\nCVE-2021-3732\n\n Alois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n\nCVE-2021-3739\n\n A NULL pointer dereference flaw was found in the btrfs filesystem,\n allowing a local attacker with CAP_SYS_ADMIN capabilities to cause a\n denial of service.\n\nCVE-2021-3743\n\n An out-of-bounds memory read was discovered in the Qualcomm IPC\n router protocol implementation, allowing to cause a denial of\n service or information leak.\n\nCVE-2021-3753\n\n Minh Yuan reported a race condition in the vt_k_ioctl in\n drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds\n read in vt.\n\nCVE-2021-37576\n\n Alexey Kardashevskiy reported a buffer overflow in the KVM subsystem\n on the powerpc platform, which allows KVM guest OS users to cause\n memory corruption on the host.\n\nCVE-2021-38160\n\n A flaw in the virtio_console was discovered allowing data corruption\n or data loss by an untrusted device.\n\nCVE-2021-38166\n\n An integer overflow flaw in the BPF subsystem could allow a local\n attacker to cause a denial of service or potentially the execution\n of arbitrary code. This flaw is mitigated by default in Debian as\n unprivileged calls to bpf() are disabled.\n\nCVE-2021-38199\n\n Michael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n\nCVE-2021-40490\n\n A race condition was discovered in the ext4 subsystem when writing\n to an inline_data file while its xattrs are changing. This could\n result in denial of service.\n\nCVE-2021-41073\n\n Valentina Palmiotti discovered a flaw in io_uring allowing a local\n attacker to escalate privileges.\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 5.10.46-5. This update includes fixes for #993948 and #993978.\n\nWe recommend that you upgrade your linux packages.\n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-09-25T08:09:05", "type": "debian", "title": "[SECURITY] [DSA 4978-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-3653", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-3732", "CVE-2021-3739", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38166", "CVE-2021-38199", "CVE-2021-40490", "CVE-2021-41073"], "modified": "2021-09-25T08:09:05", "id": "DEBIAN:DSA-4978-1:98A5E", "href": "https://lists.debian.org/debian-security-announce/2021/msg00163.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-26T18:43:48", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2785-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Ben Hutchings\nOctober 15, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : linux-4.19\nVersion : 4.19.208-1~deb9u1\nCVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3444 CVE-2021-3600\n CVE-2021-3612 CVE-2021-3653 CVE-2021-3655 CVE-2021-3656\n CVE-2021-3679 CVE-2021-3732 CVE-2021-3743 CVE-2021-3753\n CVE-2021-22543 CVE-2021-33624 CVE-2021-34556 CVE-2021-35039\n CVE-2021-35477 CVE-2021-37159 CVE-2021-38160 CVE-2021-38198\n CVE-2021-38199 CVE-2021-38205 CVE-2021-40490\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2020-3702\n\n A flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n\nCVE-2020-16119\n\n Hadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n\nCVE-2021-3444, CVE-2021-3600\n\n Two flaws were discovered in the Extended BPF (eBPF) verifier. A\n local user could exploit these to read and write arbitrary memory\n in the kernel, which could be used for privilege escalation.\n\n This can be mitigated by setting sysctl\n kernel.unprivileged_bpf_disabled=1, which disables eBPF use by\n unprivileged users.\n\nCVE-2021-3612\n\n Murray McAllister reported a flaw in the joystick input subsystem.\n A local user permitted to access a joystick device could exploit\n this to read and write out-of-bounds in the kernel, which could\n be used for privilege escalation.\n\nCVE-2021-3653\n\n Maxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt\n Controller) for the L2 guest. The L2 guest can take advantage of\n this flaw to write to a limited but still relatively large subset\n of the host physical memory.\n\nCVE-2021-3655\n\n Ilja Van Sprundel and Marcelo Ricardo Leitner found multiple flaws\n in the SCTP implementation, where missing validation could lead to\n an out-of-bounds read. On a system using SCTP, a networked\n attacker could exploit these to cause a denial of service (crash).\n\nCVE-2021-3656\n\n Maxim Levitsky and Paolo Bonzini discovered a flaw in the KVM\n hypervisor implementation for AMD processors in the Linux\n kernel. Missing validation of the `virt_ext` VMCB field could\n allow a malicious L1 guest to disable both VMLOAD/VMSAVE\n intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. Under\n these circumstances, the L2 guest is able to run VMLOAD/VMSAVE\n unintercepted and thus read/write portions of the host's physical\n memory.\n\nCVE-2021-3679\n\n A flaw in the Linux kernel tracing module functionality could\n allow a privileged local user (with CAP_SYS_ADMIN capability) to\n cause a denial of service (resource starvation).\n\nCVE-2021-3732\n\n Alois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n\nCVE-2021-3743\n\n An out-of-bounds memory read was discovered in the Qualcomm IPC\n router protocol implementation, allowing to cause a denial of\n service or information leak.\n\nCVE-2021-3753\n\n Minh Yuan reported a race condition in the vt_k_ioctl in\n drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds read\n in vt.\n\nCVE-2021-22543\n\n David Stevens discovered a flaw in how the KVM hypervisor maps\n host memory into a guest. A local user permitted to access\n /dev/kvm could use this to cause certain pages to be freed when\n they should not, leading to a use-after-free. This could be used\n to cause a denial of service (crash or memory corruption) or\n possibly for privilege escalation.\n\nCVE-2021-33624, CVE-2021-34556, CVE-2021-35477\n\n Multiple researchers discovered flaws in the Extended BPF (eBPF)\n verifier's protections against information leaks through\n speculation execution. A local user could exploit these to read\n sensitive information.\n\n This can be mitigated by setting sysctl\n kernel.unprivileged_bpf_disabled=1, which disables eBPF use by\n unprivileged users.\n\nCVE-2021-35039\n\n A flaw was discovered in module signature enforcement. A custom\n kernel with IMA enabled might have allowed loading unsigned kernel\n modules when it should not have.\n\nCVE-2021-37159\n\n A flaw was discovered in the hso driver for Option mobile\n broadband modems. An error during initialisation could lead to a\n double-free or use-after-free. An attacker able to plug in USB\n devices could use this to cause a denial of service (crash or\n memory corruption) or possibly to run arbitrary code.\n\nCVE-2021-38160\n\n A flaw in the virtio_console was discovered allowing data\n corruption or data loss by an untrusted device.\n\nCVE-2021-38198\n\n A flaw was discovered in the KVM implementation for x86\n processors, that could result in virtual memory protection within\n a guest not being applied correctly. When shadow page tables are\n used - i.e. for nested virtualisation, or on CPUs lacking the EPT\n or NPT feature - a user of the guest OS might be able to exploit\n this for denial of service or privilege escalation within the\n guest.\n\nCVE-2021-38199\n\n Michael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n\nCVE-2021-38205\n\n An information leak was discovered in the xilinx_emaclite network\n driver. On a custom kernel where this driver is enabled and used,\n this might make it easier to exploit other kernel bugs.\n\nCVE-2021-40490\n\n A race condition was discovered in the ext4 subsystem when writing\n to an inline_data file while its xattrs are changing. This could\n result in denial of service.\n\nFor Debian 9 stretch, these problems have been fixed in version\n4.19.208-1~deb9u1.\n\nWe recommend that you upgrade your linux-4.19 packages.\n\nFor the detailed security status of linux-4.19 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux-4.19\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n-- \nBen Hutchings\nThe generation of random numbers is too important to be left to chance.\n - Robert Coveyou\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-10-15T21:50:44", "type": "debian", "title": "[SECURITY] [DLA 2785-1] linux-4.19 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-22543", "CVE-2021-33624", "CVE-2021-3444", "CVE-2021-34556", "CVE-2021-35039", "CVE-2021-35477", "CVE-2021-3600", "CVE-2021-3612", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-38205", "CVE-2021-40490"], "modified": "2021-10-15T21:50:44", "id": "DEBIAN:DLA-2785-1:A6280", "href": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-20T00:36:27", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2843-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Ben Hutchings\nDecember 16, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : linux\nVersion : 4.9.290-1\nCVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-0920 CVE-2021-3612 \n CVE-2021-3653 CVE-2021-3655 CVE-2021-3679 CVE-2021-3732 \n CVE-2021-3753 CVE-2021-3760 CVE-2021-20317 CVE-2021-20321 \n CVE-2021-20322 CVE-2021-22543 CVE-2021-37159 CVE-2021-38160 \n CVE-2021-38198 CVE-2021-38199 CVE-2021-38204 CVE-2021-38205 \n CVE-2021-40490 CVE-2021-41864 CVE-2021-42008 CVE-2021-42739 \n CVE-2021-43389\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service, or information\nleaks.\n\nCVE-2020-3702\n\n A flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n\nCVE-2020-16119\n\n Hadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n\nCVE-2021-0920\n\n A race condition was discovered in the local sockets (AF_UNIX)\n subsystem, which could lead to a use-after-free. A local user\n could exploit this for denial of service (memory corruption or\n crash), or possibly for privilege escalation.\n\nCVE-2021-3612\n\n Murray McAllister reported a flaw in the joystick input subsystem.\n A local user permitted to access a joystick device could exploit\n this to read and write out-of-bounds in the kernel, which could\n be used for privilege escalation.\n\nCVE-2021-3653\n\n Maxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt\n Controller) for the L2 guest. The L2 guest can take advantage of\n this flaw to write to a limited but still relatively large subset\n of the host physical memory.\n\nCVE-2021-3655\n\n Ilja Van Sprundel and Marcelo Ricardo Leitner found multiple flaws\n in the SCTP implementation, where missing validation could lead to\n an out-of-bounds read. On a system using SCTP, a networked\n attacker could exploit these to cause a denial of service (crash).\n\nCVE-2021-3679\n\n A flaw in the Linux kernel tracing module functionality could\n allow a privileged local user (with CAP_SYS_ADMIN capability) to\n cause a denial of service (resource starvation).\n\nCVE-2021-3732\n\n Alois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n\nCVE-2021-3753\n\n Minh Yuan reported a race condition in the vt_k_ioctl in\n drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds read\n in vt.\n\nCVE-2021-3760\n\n Lin Horse reported a flaw in the NCI (NFC Controller Interface)\n driver, which could lead to a use-after-free.\n\n However, this driver is not included in the binary packages\n provided by Debian.\n\nCVE-2021-20317\n\n It was discovered that the timer queue structure could become\n corrupt, leading to waiting tasks never being woken up. A local\n user with certain privileges could exploit this to cause a denial\n of service (system hang).\n\nCVE-2021-20321\n\n A race condition was discovered in the overlayfs filesystem\n driver. A local user with access to an overlayfs mount and to its\n underlying upper directory could exploit this for privilege\n escalation.\n\nCVE-2021-20322\n\n An information leak was discovered in the IPv4 implementation. A\n remote attacker could exploit this to quickly discover which UDP\n ports a system is using, making it easier for them to carry out a\n DNS poisoning attack against that system.\n\nCVE-2021-22543\n\n David Stevens discovered a flaw in how the KVM hypervisor maps\n host memory into a guest. A local user permitted to access\n /dev/kvm could use this to cause certain pages to be freed when\n they should not, leading to a use-after-free. This could be used\n to cause a denial of service (crash or memory corruption) or\n possibly for privilege escalation.\n\nCVE-2021-37159\n\n A flaw was discovered in the hso driver for Option mobile\n broadband modems. An error during initialisation could lead to a\n double-free or use-after-free. An attacker able to plug in USB\n devices could use this to cause a denial of service (crash or\n memory corruption) or possibly to run arbitrary code.\n\nCVE-2021-38160\n\n A flaw in the virtio_console was discovered allowing data\n corruption or data loss by an untrusted device.\n\nCVE-2021-38198\n\n A flaw was discovered in the KVM implementation for x86\n processors, that could result in virtual memory protection within\n a guest not being applied correctly. When shadow page tables are\n used - i.e. for nested virtualisation, or on CPUs lacking the EPT\n or NPT feature - a user of the guest OS might be able to exploit\n this for denial of service or privilege escalation within the\n guest.\n\nCVE-2021-38199\n\n Michael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n\nCVE-2021-38204\n\n A flaw was discovered in the max4321-hcd USB host controller\n driver, which could lead to a use-after-free.\n\n However, this driver is not included in the binary packages\n provided by Debian.\n\nCVE-2021-38205\n\n An information leak was discovered in the xilinx_emaclite network\n driver. On a custom kernel where this driver is enabled and used,\n this might make it easier to exploit other kernel bugs.\n\nCVE-2021-40490\n\n A race condition was discovered in the ext4 subsystem when writing\n to an inline_data file while its xattrs are changing. This could\n result in denial of service.\n\nCVE-2021-41864\n\n An integer overflow was discovered in the Extended BPF (eBPF)\n subsystem. A local user could exploit this for denial of service\n (memory corruption or crash), or possibly for privilege\n escalation.\n\n This can be mitigated by setting sysctl\n kernel.unprivileged_bpf_disabled=1, which disables eBPF use by\n unprivileged users.\n\nCVE-2021-42008\n\n A heap buffer overflow was discovered in the 6pack serial port\n network driver. A local user with CAP_NET_ADMIN capability could\n exploit this for denial of service (memory corruption or crash), or\n possibly for privilege escalation.\n\nCVE-2021-42739\n\n A heap buffer overflow was discovered in the firedtv driver for\n FireWire-connected DVB receivers. A local user with access to a\n firedtv device could exploit this for denial of service (memory\n corruption or crash), or possibly for privilege escalation.\n\nCVE-2021-43389\n\n The Active Defense Lab of Venustech discovered a flaw in the CMTP\n subsystem as used by Bluetooth, which could lead to an\n out-of-bounds read and object type confusion. A local user with\n CAP_NET_ADMIN capability in the initial user namespace could\n exploit this for denial of service (memory corruption or crash),\n or possibly for privilege escalation.\n\nFor Debian 9 stretch, these problems have been fixed in version\n4.9.290-1.\n\nWe recommend that you upgrade your linux packages.\n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n-- \nBen Hutchings\nHumans are not rational beings; they are rationalising beings.\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-16T21:27:40", "type": "debian", "title": "[SECURITY] [DLA 2843-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-0920", "CVE-2021-20317", "CVE-2021-20321", "CVE-2021-20322", "CVE-2021-22543", "CVE-2021-3612", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-3753", "CVE-2021-3760", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-40490", "CVE-2021-41864", "CVE-2021-42008", "CVE-2021-42739", "CVE-2021-43389"], "modified": "2021-12-16T21:27:40", "id": "DEBIAN:DLA-2843-1:AB8E9", "href": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
CVE-2021-38199
