fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
{"ubuntucve": [{"lastseen": "2022-02-18T11:31:13", "description": "fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect\nconnection-setup ordering, which allows operators of remote NFSv4 servers\nto cause a denial of service (hanging of mounts) by arranging for those\nservers to be unreachable during trunking detection.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-08T00:00:00", "type": "ubuntucve", "title": "CVE-2021-38199", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-08-08T00:00:00", "id": "UB:CVE-2021-38199", "href": "https://ubuntu.com/security/CVE-2021-38199", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "photon": [{"lastseen": "2022-05-12T17:55:55", "description": "Updates of ['linux'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-22T00:00:00", "type": "photon", "title": "Moderate Photon OS Security Update - PHSA-2021-0447", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-10-22T00:00:00", "id": "PHSA-2021-0447", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-447", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-12T18:14:12", "description": "Updates of ['linux', 'linux-esx', 'linux-aws', 'linux-secure'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-30T00:00:00", "type": "photon", "title": "Moderate Photon OS Security Update - PHSA-2021-0410", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-10-30T00:00:00", "id": "PHSA-2021-0410", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-410", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-12T18:41:56", "description": "Updates of ['linux-rt', 'linux-esx', 'linux', 'linux-secure', 'linux-aws'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-08-01T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2021-0278", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-26139", "CVE-2020-26147", "CVE-2020-26558", "CVE-2020-36311", "CVE-2021-33098", "CVE-2021-34693", "CVE-2021-35039", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38208"], "modified": "2021-08-01T00:00:00", "id": "PHSA-2021-0278", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-278", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "veracode": [{"lastseen": "2022-06-10T17:04:06", "description": "linux is vulnerable to denial of service. The vulnerability exists due to an incorrect connection-setup ordering in fs/nfs/nfs4client.c. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-09-30T13:39:21", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-12-21T14:07:44", "id": "VERACODE:32329", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-32329/summary", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2022-07-01T15:37:48", "description": "A flaw was found in the hanging of mounts in the Linux kernel's NFS4 subsystem where remote servers are unreachable for the client during migration of data from one server to another (during trunking detection). This flaw allows a remote NFS4 server (if the client is connected) to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.\n#### Mitigation\n\nIf not using NFS, then to mitigate this issue, prevent the module nfsv4 from being loaded. Please see <https://access.redhat.com/solutions/41278> for information on how to blacklist a kernel module to prevent it from loading automatically. \n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-10T21:21:30", "type": "redhatcve", "title": "CVE-2021-38199", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2022-07-01T12:36:06", "id": "RH:CVE-2021-38199", "href": "https://access.redhat.com/security/cve/cve-2021-38199", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T18:58:44", "description": "fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-08T20:15:00", "type": "cve", "title": "CVE-2021-38199", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199"], "modified": "2021-12-21T12:54:00", "cpe": ["cpe:/o:netapp:hci_bootstrap_os:-", "cpe:/o:debian:debian_linux:11.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/a:netapp:hci_management_node:-", "cpe:/a:netapp:solidfire:-", "cpe:/a:netapp:element_software:-"], "id": "CVE-2021-38199", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38199", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2022-01-04T10:38:33", "description": "Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-30T00:00:00", "type": "ubuntu", "title": "Linux kernel (Raspberry Pi) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-38160", "CVE-2021-38204", "CVE-2021-3679", "CVE-2021-33624"], "modified": "2021-09-30T00:00:00", "id": "USN-5091-2", "href": "https://ubuntu.com/security/notices/USN-5091-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T10:37:40", "description": "USN-5091-1 fixed vulnerabilities in Linux 5.4-based kernels. \nUnfortunately, for Linux kernels intended for use within Microsoft \nAzure environments, that update introduced a regression that could \ncause the kernel to fail to boot in large Azure instance types. \nThis update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-15T00:00:00", "type": "ubuntu", "title": "Linux kernel (Azure) regression", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-38160", "CVE-2021-38204", "CVE-2021-3679", "CVE-2021-37576", "CVE-2021-33624"], "modified": "2021-10-15T00:00:00", "id": "USN-5091-3", "href": "https://ubuntu.com/security/notices/USN-5091-3", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T10:38:00", "description": "Valentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nIt was discovered that the Linux kernel did not properly enforce certain \ntypes of entries in the Secure Boot Forbidden Signature Database (aka dbx) \nprotection mechanism. An attacker could use this to bypass UEFI Secure Boot \nrestrictions. (CVE-2020-26541)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly perform reference counting in some situations, \nleading to a use-after-free vulnerability. An attacker who could start and \ncontrol a VM could possibly use this to expose sensitive information or \nexecute arbitrary code. (CVE-2021-22543)\n\nMurray McAllister discovered that the joystick device interface in the \nLinux kernel did not properly validate data passed via an ioctl(). A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code on systems with a joystick device \nregistered. (CVE-2021-3612)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-06T00:00:00", "type": "ubuntu", "title": "Linux kernel (OEM) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-38160", "CVE-2021-41073", "CVE-2021-3612", "CVE-2021-22543", "CVE-2020-26541"], "modified": "2021-10-06T00:00:00", "id": "USN-5106-1", "href": "https://ubuntu.com/security/notices/USN-5106-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T10:38:51", "description": "Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-28T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-38160", "CVE-2021-38204", "CVE-2021-3679", "CVE-2021-37576", "CVE-2021-33624"], "modified": "2021-09-28T00:00:00", "id": "USN-5091-1", "href": "https://ubuntu.com/security/notices/USN-5091-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T10:36:45", "description": "It was discovered that the f2fs file system in the Linux kernel did not \nproperly validate metadata in some situations. An attacker could use this \nto construct a malicious f2fs image that, when mounted and operated on, \ncould cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2019-19449)\n\nIt was discovered that the Linux kernel did not properly enforce certain \ntypes of entries in the Secure Boot Forbidden Signature Database (aka dbx) \nprotection mechanism. An attacker could use this to bypass UEFI Secure Boot \nrestrictions. (CVE-2020-26541)\n\nIt was discovered that the KVM hypervisor implementation for AMD processors \nin the Linux kernel did not ensure enough processing time was given to \nperform cleanups of large SEV VMs. A local attacker could use this to cause \na denial of service (soft lockup). (CVE-2020-36311)\n\nIt was discovered that the KVM hypervisor implementation in the Linux \nkernel did not properly perform reference counting in some situations, \nleading to a use-after-free vulnerability. An attacker who could start and \ncontrol a VM could possibly use this to expose sensitive information or \nexecute arbitrary code. (CVE-2021-22543)\n\nMurray McAllister discovered that the joystick device interface in the \nLinux kernel did not properly validate data passed via an ioctl(). A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code on systems with a joystick device \nregistered. (CVE-2021-3612)\n\nIt was discovered that the Linux kernel did not properly account for the \nmemory usage of certain IPC objects. A local attacker could use this to \ncause a denial of service (memory exhaustion). (CVE-2021-3759)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Xilinx LL TEMAC device driver in the Linux \nkernel did not properly calculate the number of buffers to be used in \ncertain situations. A remote attacker could use this to cause a denial of \nservice (system crash). (CVE-2021-38207)\n\nIt was discovered that the ext4 file system in the Linux kernel contained a \nrace condition when writing xattrs to an inode. A local attacker could use \nthis to cause a denial of service or possibly gain administrative \nprivileges. (CVE-2021-40490)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-21T00:00:00", "type": "ubuntu", "title": "Linux kernel (Azure) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-3759", "CVE-2021-40490", "CVE-2020-36311", "CVE-2021-38207", "CVE-2019-19449", "CVE-2021-3612", "CVE-2021-22543", "CVE-2020-26541"], "modified": "2021-10-21T00:00:00", "id": "USN-5120-1", "href": "https://ubuntu.com/security/notices/USN-5120-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-09T11:44:12", "description": "It was discovered that the f2fs file system in the Linux kernel did not \nproperly validate metadata in some situations. An attacker could use this \nto construct a malicious f2fs image that, when mounted and operated on, \ncould cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2019-19449)\n\nIt was discovered that the FUSE user space file system implementation in \nthe Linux kernel did not properly handle bad inodes in some situations. A \nlocal attacker could possibly use this to cause a denial of service. \n(CVE-2020-36322)\n\nIt was discovered that the Infiniband RDMA userspace connection manager \nimplementation in the Linux kernel contained a race condition leading to a \nuse-after-free vulnerability. A local attacker could use this to cause a \ndenial of service (system crash) or possible execute arbitrary code. \n(CVE-2020-36385)\n\nIlja Van Sprundel discovered that the SCTP implementation in the Linux \nkernel did not properly perform size validations on incoming packets in \nsome situations. An attacker could possibly use this to expose sensitive \ninformation (kernel memory). (CVE-2021-3655)\n\nIt was discovered that the Qualcomm IPC Router protocol implementation in \nthe Linux kernel did not properly validate metadata in some situations. A \nlocal attacker could use this to cause a denial of service (system crash) \nor expose sensitive information. (CVE-2021-3743)\n\nIt was discovered that the virtual terminal (vt) device implementation in \nthe Linux kernel contained a race condition in its ioctl handling that led \nto an out-of-bounds read vulnerability. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-3753)\n\nIt was discovered that the Linux kernel did not properly account for the \nmemory usage of certain IPC objects. A local attacker could use this to \ncause a denial of service (memory exhaustion). (CVE-2021-3759)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Aspeed Low Pin Count (LPC) Bus Controller \nimplementation in the Linux kernel did not properly perform boundary checks \nin some situations, allowing out-of-bounds write access. A local attacker \ncould use this to cause a denial of service (system crash) or possibly \nexecute arbitrary code. In Ubuntu, this issue only affected systems running \narmhf kernels. (CVE-2021-42252)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-11-09T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3743", "CVE-2020-36322", "CVE-2021-42252", "CVE-2021-3753", "CVE-2021-3655", "CVE-2021-38199", "CVE-2021-3759", "CVE-2019-19449", "CVE-2020-36385"], "modified": "2021-11-09T00:00:00", "id": "USN-5136-1", "href": "https://ubuntu.com/security/notices/USN-5136-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-27T03:38:00", "description": "Valentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nBenedict Schlueter discovered that the BPF subsystem in the Linux kernel \ndid not properly protect against Speculative Store Bypass (SSB) side- \nchannel attacks in some situations. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-34556)\n\nPiotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not \nproperly protect against Speculative Store Bypass (SSB) side-channel \nattacks in some situations. A local attacker could possibly use this to \nexpose sensitive information. (CVE-2021-35477)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Option USB High Speed Mobile device driver in \nthe Linux kernel did not properly handle error conditions. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2021-37159)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Sun RPC implementation in the Linux kernel \ncontained an out-of-bounds access error. A remote attacker could possibly \nuse this to cause a denial of service (system crash). (CVE-2021-38201)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n\nIt was discovered that the Xilinx 10/100 Ethernet Lite device driver in the \nLinux kernel could report pointer addresses in some situations. An attacker \ncould use this information to ease the exploitation of another \nvulnerability. (CVE-2021-38205)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-28T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-38201", "CVE-2021-38205", "CVE-2021-41073", "CVE-2021-33624", "CVE-2021-37576", "CVE-2021-38204", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-3679", "CVE-2021-37159"], "modified": "2021-09-28T00:00:00", "id": "USN-5092-1", "href": "https://ubuntu.com/security/notices/USN-5092-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-27T03:36:52", "description": "USN-5092-2 fixed vulnerabilities in Linux 5.11-based kernels. \nUnfortunately, for Linux kernels intended for use within Microsoft \nAzure environments, that update introduced a regression that could \ncause the kernel to fail to boot in large Azure instance types. \nThis update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nValentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nBenedict Schlueter discovered that the BPF subsystem in the Linux kernel \ndid not properly protect against Speculative Store Bypass (SSB) side- \nchannel attacks in some situations. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-34556)\n\nPiotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not \nproperly protect against Speculative Store Bypass (SSB) side-channel \nattacks in some situations. A local attacker could possibly use this to \nexpose sensitive information. (CVE-2021-35477)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Option USB High Speed Mobile device driver in \nthe Linux kernel did not properly handle error conditions. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2021-37159)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Sun RPC implementation in the Linux kernel \ncontained an out-of-bounds access error. A remote attacker could possibly \nuse this to cause a denial of service (system crash). (CVE-2021-38201)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n\nIt was discovered that the Xilinx 10/100 Ethernet Lite device driver in the \nLinux kernel could report pointer addresses in some situations. An attacker \ncould use this information to ease the exploitation of another \nvulnerability. (CVE-2021-38205)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-18T00:00:00", "type": "ubuntu", "title": "Linux kernel (Azure) regression", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-38201", "CVE-2021-38205", "CVE-2021-41073", "CVE-2021-33624", "CVE-2021-37576", "CVE-2021-38204", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-3679", "CVE-2021-37159"], "modified": "2021-10-18T00:00:00", "id": "USN-5092-3", "href": "https://ubuntu.com/security/notices/USN-5092-3", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-27T03:37:50", "description": "Valentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk \ndiscovered that the BPF verifier in the Linux kernel missed possible \nmispredicted branches due to type confusion, allowing a side-channel \nattack. An attacker could use this to expose sensitive information. \n(CVE-2021-33624)\n\nBenedict Schlueter discovered that the BPF subsystem in the Linux kernel \ndid not properly protect against Speculative Store Bypass (SSB) side- \nchannel attacks in some situations. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-34556)\n\nPiotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not \nproperly protect against Speculative Store Bypass (SSB) side-channel \nattacks in some situations. A local attacker could possibly use this to \nexpose sensitive information. (CVE-2021-35477)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Option USB High Speed Mobile device driver in \nthe Linux kernel did not properly handle error conditions. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2021-37159)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC \nsystems in the Linux kernel did not properly validate RTAS arguments in \nsome situations. An attacker in a guest vm could use this to cause a denial \nof service (host OS crash) or possibly execute arbitrary code. \n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Sun RPC implementation in the Linux kernel \ncontained an out-of-bounds access error. A remote attacker could possibly \nuse this to cause a denial of service (system crash). (CVE-2021-38201)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n\nIt was discovered that the Xilinx 10/100 Ethernet Lite device driver in the \nLinux kernel could report pointer addresses in some situations. An attacker \ncould use this information to ease the exploitation of another \nvulnerability. (CVE-2021-38205)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-09-29T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-38201", "CVE-2021-38205", "CVE-2021-41073", "CVE-2021-33624", "CVE-2021-37576", "CVE-2021-38204", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-3679", "CVE-2021-37159"], "modified": "2021-09-29T00:00:00", "id": "USN-5092-2", "href": "https://ubuntu.com/security/notices/USN-5092-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-04T10:38:42", "description": "Valentina Palmiotti discovered that the io_uring subsystem in the Linux \nkernel could be coerced to free adjacent memory. A local attacker could use \nthis to execute arbitrary code. (CVE-2021-41073)\n\nBenedict Schlueter discovered that the BPF subsystem in the Linux kernel \ndid not properly protect against Speculative Store Bypass (SSB) side- \nchannel attacks in some situations. A local attacker could possibly use \nthis to expose sensitive information. (CVE-2021-34556)\n\nPiotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not \nproperly protect against Speculative Store Bypass (SSB) side-channel \nattacks in some situations. A local attacker could possibly use this to \nexpose sensitive information. (CVE-2021-35477)\n\nMurray McAllister discovered that the joystick device interface in the \nLinux kernel did not properly validate data passed via an ioctl(). A local \nattacker could use this to cause a denial of service (system crash) or \npossibly execute arbitrary code on systems with a joystick device \nregistered. (CVE-2021-3612)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not \nproperly keep track of per-cpu ring buffer state. A privileged attacker \ncould use this to cause a denial of service. (CVE-2021-3679)\n\nIt was discovered that the Option USB High Speed Mobile device driver in \nthe Linux kernel did not properly handle error conditions. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash) or possibly execute arbitrary code. (CVE-2021-37159)\n\nAlois Wohlschlager discovered that the overlay file system in the Linux \nkernel did not restrict private clones in some situations. An attacker \ncould use this to expose sensitive information. (CVE-2021-3732)\n\nIt was discovered that the Virtio console implementation in the Linux \nkernel did not properly validate input lengths in some situations. A local \nattacker could possibly use this to cause a denial of service (system \ncrash). (CVE-2021-38160)\n\nIt was discovered that the BPF subsystem in the Linux kernel contained an \ninteger overflow in its hash table implementation. A local attacker could \nuse this to cause a denial of service (system crash) or possibly execute \narbitrary code. (CVE-2021-38166)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the \nLinux kernel did not properly order connection setup operations. An \nattacker controlling a remote NFS server could use this to cause a denial \nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the Sun RPC implementation in the Linux kernel \ncontained an out-of-bounds access error. A remote attacker could possibly \nuse this to cause a denial of service (system crash). (CVE-2021-38201)\n\nIt was discovered that the NFS server implementation in the Linux kernel \ncontained an out-of-bounds read when the trace even framework is being used \nfor nfsd. A remote attacker could possibly use this to cause a denial of \nservice (system crash). (CVE-2021-38202)\n\nNaohiro Aota discovered that the btrfs file system in the Linux kernel \ncontained a race condition in situations that triggered allocations of new \nsystem chunks. A local attacker could possibly use this to cause a denial \nof service (deadlock). (CVE-2021-38203)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux \nkernel did not properly handle device removal events. A physically \nproximate attacker could use this to cause a denial of service (system \ncrash). (CVE-2021-38204)\n\nIt was discovered that the Xilinx 10/100 Ethernet Lite device driver in the \nLinux kernel could report pointer addresses in some situations. An attacker \ncould use this information to ease the exploitation of another \nvulnerability. (CVE-2021-38205)\n\nIt was discovered that the ext4 file system in the Linux kernel contained a \nrace condition when writing xattrs to an inode. A local attacker could use \nthis to cause a denial of service or possibly gain administrative \nprivileges. (CVE-2021-40490)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-09-29T00:00:00", "type": "ubuntu", "title": "Linux kernel (OEM) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-38199", "CVE-2021-3732", "CVE-2021-38160", "CVE-2021-38203", "CVE-2021-38204", "CVE-2021-3679", "CVE-2021-40490", "CVE-2021-38205", "CVE-2021-35477", "CVE-2021-37159", "CVE-2021-41073", "CVE-2021-34556", "CVE-2021-38166", "CVE-2021-3612", "CVE-2021-38201", "CVE-2021-38202"], "modified": "2021-09-29T00:00:00", "id": "USN-5096-1", "href": "https://ubuntu.com/security/notices/USN-5096-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-06-15T16:46:10", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5091-2 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-30T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5091-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-33624", "CVE-2021-3679", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38204"], "modified": "2021-09-30T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4-headers-5.4.0-1044", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4-tools-5.4.0-1044", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.4.0-1044", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.4.0-1044", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1044-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04-edge"], "id": "UBUNTU_USN-5091-2.NASL", "href": "https://www.tenable.com/plugins/nessus/153801", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5091-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153801);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/30\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38204\"\n );\n script_xref(name:\"USN\", value:\"5091-2\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-5091-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5091-2 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5091-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4-headers-5.4.0-1044\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4-tools-5.4.0-1044\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-headers-5.4.0-1044\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi-tools-5.4.0-1044\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1044-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2-hwe-18.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3679', 'CVE-2021-33624', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-38204');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5091-2');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-headers-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-headers-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-headers-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-image-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-image-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-image-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-modules-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-raspi-5.4-headers-5.4.0-1044', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-raspi-5.4-tools-5.4.0-1044', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-tools-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48~18.04.1'},\n {'osver': '18.04', 'pkgname': 'linux-tools-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.47'},\n {'osver': '18.04', 'pkgname': 'linux-tools-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.47'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi2', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi2-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-headers-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi2', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi2-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-image-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-raspi', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-headers-5.4.0-1044', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi-tools-5.4.0-1044', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-raspi2', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi2-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1044-raspi', 'pkgver': '5.4.0-1044.48'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi2', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi2-hwe-18.04', 'pkgver': '5.4.0.1044.79'},\n {'osver': '20.04', 'pkgname': 'linux-tools-raspi2-hwe-18.04-edge', 'pkgver': '5.4.0.1044.79'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-buildinfo-5.4.0-1044-raspi / linux-headers-5.4.0-1044-raspi / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:58", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-11-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-2636)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3753", "CVE-2021-38160", "CVE-2021-38199"], "modified": "2022-02-22T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-source", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2636.NASL", "href": "https://www.tenable.com/plugins/nessus/154812", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154812);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/22\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-3753\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : kernel (EulerOS-SA-2021-2636)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may\n cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl\n (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2636\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a35bcc9d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bpftool-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-source-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T20:25:20", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5106-1 advisory.\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (CVE-2021-22543)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-07T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5106-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-26541", "CVE-2021-22543", "CVE-2021-3612", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-41073"], "modified": "2021-10-07T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-headers-5.10.0-1049", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-5.10.0-1049", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.10.0-1049-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04b"], "id": "UBUNTU_USN-5106-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153908", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5106-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153908);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\n \"CVE-2020-26541\",\n \"CVE-2021-3612\",\n \"CVE-2021-22543\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-41073\"\n );\n script_xref(name:\"USN\", value:\"5106-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5106-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5106-1 advisory.\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database\n (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions\n before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the\n system or possibly escalate their privileges on the system. The highest threat from this vulnerability is\n to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass\n RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users\n with the ability to start and control a VM to read/write random pages of memory and can result in local\n privilege escalation. (CVE-2021-22543)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5106-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41073\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-headers-5.10.0-1049\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-5.10.0-1049\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.10.0-1049-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04b\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2020-26541', 'CVE-2021-3612', 'CVE-2021-22543', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-41073');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5106-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04-edge', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04b', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04-edge', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04b', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04-edge', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04b', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.10-headers-5.10.0-1049', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.10-tools-5.10.0-1049', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.10-tools-host', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.10.0-1049-oem', 'pkgver': '5.10.0-1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04-edge', 'pkgver': '5.10.0.1049.51'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04b', 'pkgver': '5.10.0.1049.51'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-buildinfo-5.10.0-1049-oem / linux-headers-5.10.0-1049-oem / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:08", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5091-1 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-28T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5091-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-33624", "CVE-2021-3679", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38204"], "modified": "2021-09-28T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.4.0-1057", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.4.0-1059", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-crashdump", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.4.0-1053", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.4.0-1053", "p-cpe:/a:canonical:ubuntu_linux:linux-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-headers-5.4.0-1053", "p-cpe:/a:canonical:ubuntu_linux:linux-gke-tools-5.4.0-1053", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-cloud-tools-5.4.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-headers-5.4.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-source-5.4.0", "p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-tools-5.4.0-1024", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.4.0-1047", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.4.0-1047", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.4.0-1055", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.4.0-1055", "p-cpe:/a:canonical:ubuntu_linux:linux-source", "p-cpe:/a:canonical:ubuntu_linux:linux-source-5.4.0", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1024-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1047-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1053-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1053-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1055-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1057-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1059-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop-5.4", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-osp1", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04-edge"], "id": "UBUNTU_USN-5091-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153769", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5091-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153769);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/28\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38204\"\n );\n script_xref(name:\"USN\", value:\"5091-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5091-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5091-1 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5091-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-5.4.0-1057\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.4.0-1059\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-crashdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-headers-5.4.0-1053\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-tools-5.4.0-1053\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-headers-5.4.0-1053\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gke-tools-5.4.0-1053\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-cloud-tools-5.4.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-headers-5.4.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-source-5.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-tools-5.4.0-1024\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-5.4.0-1047\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-5.4.0-1047\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-osp1-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-5.4.0-1055\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-5.4.0-1055\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-5.4.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1024-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1047-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1053-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1053-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1055-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1057-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-1059-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.4.0-88-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gke-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gkeop-5.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-osp1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-18.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-18.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3679', 'CVE-2021-33624', 'CVE-2021-37576', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-38204');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5091-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-aws-cloud-tools-5.4.0-1057', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-aws-headers-5.4.0-1057', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-aws-tools-5.4.0-1057', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-azure-cloud-tools-5.4.0-1059', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-azure-headers-5.4.0-1059', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-azure-tools-5.4.0-1059', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-88', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-common', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-crashdump', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-headers-5.4.0-1053', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-gcp-tools-5.4.0-1053', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-gke-headers-5.4.0-1053', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-gke-tools-5.4.0-1053', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-cloud-tools-5.4.0-1024', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-headers-5.4.0-1024', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-source-5.4.0', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-gkeop-tools-5.4.0-1024', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-88', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-headers-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-headers-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-headers-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-headers-kvm', 'pkgver': '5.4.0.1047.46'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-osp1', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oracle-lts-20.04', 'pkgver': '5.4.0.1055.55'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-image-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-image-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-image-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-image-kvm', 'pkgver': '5.4.0.1047.46'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-osp1', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle-lts-20.04', 'pkgver': '5.4.0.1055.55'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-kvm', 'pkgver': '5.4.0.1047.46'},\n {'osver': '20.04', 'pkgname': 'linux-kvm-headers-5.4.0-1047', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-kvm-tools-5.4.0-1047', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-libc-dev', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-oem', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-oem-osp1', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-oem-osp1-tools-host', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-oem-tools-host', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-headers-5.4.0-1055', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-lts-20.04', 'pkgver': '5.4.0.1055.55'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-tools-5.4.0-1055', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-source', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-source-5.4.0', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1024-gkeop', 'pkgver': '5.4.0-1024.25'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1047-kvm', 'pkgver': '5.4.0-1047.49'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1053-gcp', 'pkgver': '5.4.0-1053.57'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1053-gke', 'pkgver': '5.4.0-1053.56'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1055-oracle', 'pkgver': '5.4.0-1055.59'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1057-aws', 'pkgver': '5.4.0-1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-1059-azure', 'pkgver': '5.4.0-1059.62'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-88', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-88-generic', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-88-generic-lpae', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.4.0-88-lowlatency', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-aws-lts-20.04', 'pkgver': '5.4.0.1057.60'},\n {'osver': '20.04', 'pkgname': 'linux-tools-azure-lts-20.04', 'pkgver': '5.4.0.1059.57'},\n {'osver': '20.04', 'pkgname': 'linux-tools-common', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gcp-lts-20.04', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gke', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gke-5.4', 'pkgver': '5.4.0.1053.63'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gkeop', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-tools-gkeop-5.4', 'pkgver': '5.4.0.1024.27'},\n {'osver': '20.04', 'pkgname': 'linux-tools-host', 'pkgver': '5.4.0-88.99'},\n {'osver': '20.04', 'pkgname': 'linux-tools-kvm', 'pkgver': '5.4.0.1047.46'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-osp1', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oracle-lts-20.04', 'pkgver': '5.4.0.1055.55'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-virtual', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-18.04', 'pkgver': '5.4.0.88.92'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-18.04-edge', 'pkgver': '5.4.0.88.92'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws-cloud-tools-5.4.0-1057 / linux-aws-headers-5.4.0-1057 / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T17:00:12", "description": "The version of kernel installed on the remote host is prior to 5.4.141-67.229. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-006 advisory.\n\n - An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184. (CVE-2020-36311)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-36311", "CVE-2021-33624", "CVE-2021-3655", "CVE-2021-3679", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199"], "modified": "2022-06-07T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALASKERNEL-5_4-2022-006.NASL", "href": "https://www.tenable.com/plugins/nessus/160429", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.4-2022-006.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160429);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/07\");\n\n script_cve_id(\n \"CVE-2020-36311\",\n \"CVE-2021-3655\",\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-38160\",\n \"CVE-2021-38198\",\n \"CVE-2021-38199\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-006)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.4.141-67.229. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-006 advisory.\n\n - An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a\n denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering\n many encrypted regions), aka CID-7be74942f184. (CVE-2020-36311)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access\n permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-006.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-36311.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-33624.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3655.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3679.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38160.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38198.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38199.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2020-36311\", \"CVE-2021-3655\", \"CVE-2021-3679\", \"CVE-2021-33624\", \"CVE-2021-38160\", \"CVE-2021-38198\", \"CVE-2021-38199\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.4-2022-006\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-aarch64-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-x86_64-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.141-67.229.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.141-67.229.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.141-67.229.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T17:00:33", "description": "The version of kernel installed on the remote host is prior to 5.10.59-52.142. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-004 advisory.\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3655", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-38160", "CVE-2021-38199"], "modified": "2022-06-07T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-5.10.59-52.142", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALASKERNEL-5_10-2022-004.NASL", "href": "https://www.tenable.com/plugins/nessus/160434", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.10-2022-004.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160434);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/07\");\n\n script_cve_id(\n \"CVE-2021-3655\",\n \"CVE-2021-3679\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-004)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.10.59-52.142. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-004 advisory.\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-004.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-34556.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-35477.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3655.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3679.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-37159.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38160.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38199.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-5.10.59-52.142\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2021-3655\", \"CVE-2021-3679\", \"CVE-2021-34556\", \"CVE-2021-35477\", \"CVE-2021-37159\", \"CVE-2021-38160\", \"CVE-2021-38199\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.10-2022-004\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-aarch64-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-x86_64-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.59-52.142.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-livepatch-5.10.59-52.142-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.59-52.142.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.59-52.142.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:14:06", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.\n (CVE-2021-42008)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-12-31T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2934)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-20322", "CVE-2021-21781", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3753", "CVE-2021-38199", "CVE-2021-40490", "CVE-2021-42008"], "modified": "2021-12-31T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2934.NASL", "href": "https://www.tenable.com/plugins/nessus/156431", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156431);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/12/31\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-3753\",\n \"CVE-2021-20322\",\n \"CVE-2021-21781\",\n \"CVE-2021-37159\",\n \"CVE-2021-38199\",\n \"CVE-2021-40490\",\n \"CVE-2021-42008\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2934)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66\n and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read\n the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's\n memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222\n 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab\n out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.\n (CVE-2021-42008)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2934\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?32432ab9\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-42008\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"kernel-devel-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"kernel-headers-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"kernel-tools-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"kernel-tools-libs-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"perf-3.10.0-862.14.1.5.h641.eulerosv2r7\",\n \"python-perf-3.10.0-862.14.1.5.h641.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:50", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5120-1 advisory.\n\n - In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). (CVE-2019-19449)\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184. (CVE-2020-36311)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (CVE-2021-22543)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes. (CVE-2021-38207)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-22T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5120-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19449", "CVE-2020-26541", "CVE-2020-36311", "CVE-2021-22543", "CVE-2021-3612", "CVE-2021-3759", "CVE-2021-38199", "CVE-2021-38207", "CVE-2021-40490"], "modified": "2021-10-22T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-cloud-tools-5.8.0-1043", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-headers-5.8.0-1043", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-tools-5.8.0-1043", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.8.0-1043-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure"], "id": "UBUNTU_USN-5120-1.NASL", "href": "https://www.tenable.com/plugins/nessus/154338", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5120-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154338);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/22\");\n\n script_cve_id(\n \"CVE-2019-19449\",\n \"CVE-2020-26541\",\n \"CVE-2020-36311\",\n \"CVE-2021-3612\",\n \"CVE-2021-3759\",\n \"CVE-2021-22543\",\n \"CVE-2021-38199\",\n \"CVE-2021-38207\",\n \"CVE-2021-40490\"\n );\n script_xref(name:\"USN\", value:\"5120-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5120-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5120-1 advisory.\n\n - In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read\n access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in\n fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). (CVE-2019-19449)\n\n - The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database\n (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.\n (CVE-2020-26541)\n\n - An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a\n denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering\n many encrypted regions), aka CID-7be74942f184. (CVE-2020-36311)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions\n before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the\n system or possibly escalate their privileges on the system. The highest threat from this vulnerability is\n to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass\n RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users\n with the ability to start and control a VM to read/write random pages of memory and can result in local\n privilege escalation. (CVE-2021-22543)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to\n cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten\n minutes. (CVE-2021-38207)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5120-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3612\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-cloud-tools-5.8.0-1043\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-headers-5.8.0-1043\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8-tools-5.8.0-1043\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.8.0-1043-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2019-19449', 'CVE-2020-26541', 'CVE-2020-36311', 'CVE-2021-3612', 'CVE-2021-3759', 'CVE-2021-22543', 'CVE-2021-38199', 'CVE-2021-38207', 'CVE-2021-40490');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5120-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.8-cloud-tools-5.8.0-1043', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.8-headers-5.8.0-1043', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.8-tools-5.8.0-1043', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '5.8.0.1043.46~20.04.15'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.8.0-1043-azure', 'pkgver': '5.8.0-1043.46~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-azure', 'pkgver': '5.8.0.1043.46~20.04.15'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-azure / linux-azure-5.8-cloud-tools-5.8.0-1043 / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:11:41", "description": "The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5136-1 advisory.\n\n - In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). (CVE-2019-19449)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. (CVE-2020-36322)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-11-09T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5136-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19449", "CVE-2020-36322", "CVE-2020-36385", "CVE-2021-28950", "CVE-2021-3655", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-3759", "CVE-2021-38199", "CVE-2021-42252"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-cloud-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-cloud-tools-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-headers-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-tools-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-4.15.0-1126", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-crashdump", "p-cpe:/a:canonical:ubuntu_linux:linux-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-headers-4.15.0-1030", "p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-tools-4.15.0-1030", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-headers-4.15.0-1111", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-tools-4.15.0-1111", "p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-cloud-tools-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-tools-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-4.15.0-1102", "p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-4.15.0-1102", "p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-4.15.0-1083", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-4.15.0-1083", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-headers-4.15.0-1098", "p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-tools-4.15.0-1098", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-headers-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-tools-4.15.0-1115", "p-cpe:/a:canonical:ubuntu_linux:linux-source", "p-cpe:/a:canonical:ubuntu_linux:linux-source-4.15.0", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1030-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1083-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1098-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1102-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1111-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1115-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1115-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1126-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-18.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04-edge"], "id": "UBUNTU_USN-5136-1.NASL", "href": "https://www.tenable.com/plugins/nessus/154972", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5136-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154972);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2019-19449\",\n \"CVE-2020-36322\",\n \"CVE-2020-36385\",\n \"CVE-2021-3655\",\n \"CVE-2021-3743\",\n \"CVE-2021-3753\",\n \"CVE-2021-3759\",\n \"CVE-2021-38199\",\n \"CVE-2021-42252\"\n );\n script_xref(name:\"USN\", value:\"5136-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5136-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5136-1 advisory.\n\n - In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read\n access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in\n fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). (CVE-2019-19449)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka\n CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system\n crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as\n CVE-2021-28950. (CVE-2020-36322)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-\n free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is\n called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5136-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-36385\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-42252\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-cloud-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-cloud-tools-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-headers-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15-tools-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-4.15.0-1126\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-crashdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-headers-4.15.0-1030\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-dell300x-tools-4.15.0-1030\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-headers-4.15.0-1111\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15-tools-4.15.0-1111\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-cloud-tools-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-tools-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-4.15.0-1102\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-4.15.0-1102\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-headers-4.15.0-1083\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-tools-4.15.0-1083\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-headers-4.15.0-1098\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-raspi2-tools-4.15.0-1098\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-signed-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-headers-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-snapdragon-tools-4.15.0-1115\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-4.15.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1030-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1083-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1098-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1102-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1111-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1115-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1115-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-1126-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.15.0-162-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-gcp-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-lts-18.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-16.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-16.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2022 Canonical, Inc. / NASL script (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2019-19449', 'CVE-2020-36322', 'CVE-2020-36385', 'CVE-2021-3655', 'CVE-2021-3743', 'CVE-2021-3753', 'CVE-2021-3759', 'CVE-2021-38199');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5136-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'linux-aws-edge', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-aws-headers-4.15.0-1115', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-aws-hwe-cloud-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-aws-hwe-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-azure-cloud-tools-4.15.0-1126', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-azure-headers-4.15.0-1126', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-azure-tools-4.15.0-1126', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-buildinfo-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-162', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-headers-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-headers-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-headers-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-headers-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-headers-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-headers-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-hwe-cloud-tools-4.15.0-162', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-hwe-tools-4.15.0-162', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-image-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-image-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-image-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-image-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-modules-extra-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-oracle-headers-4.15.0-1083', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-oracle-tools-4.15.0-1083', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-signed-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-signed-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-signed-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-image-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-signed-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-source-4.15.0', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-162-generic', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170~16.04.1'},\n {'osver': '16.04', 'pkgname': 'linux-tools-aws-hwe', 'pkgver': '4.15.0.1115.105'},\n {'osver': '16.04', 'pkgname': 'linux-tools-azure', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-tools-azure-edge', 'pkgver': '4.15.0.1126.117'},\n {'osver': '16.04', 'pkgname': 'linux-tools-generic-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-oem', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-oracle', 'pkgver': '4.15.0.1083.71'},\n {'osver': '16.04', 'pkgname': 'linux-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-virtual-hwe-16.04', 'pkgver': '4.15.0.162.155'},\n {'osver': '16.04', 'pkgname': 'linux-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.155'},\n {'osver': '18.04', 'pkgname': 'linux-aws-cloud-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-aws-headers-4.15.0-1115', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-aws-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-azure-4.15-cloud-tools-4.15.0-1126', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-azure-4.15-headers-4.15.0-1126', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-azure-4.15-tools-4.15.0-1126', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-buildinfo-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-162', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-common', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-crashdump', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-dell300x', 'pkgver': '4.15.0.1030.32'},\n {'osver': '18.04', 'pkgname': 'linux-dell300x-headers-4.15.0-1030', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-dell300x-tools-4.15.0-1030', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-4.15-headers-4.15.0-1111', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-4.15-tools-4.15.0-1111', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-162', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-headers-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-headers-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-headers-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-headers-dell300x', 'pkgver': '4.15.0.1030.32'},\n {'osver': '18.04', 'pkgname': 'linux-headers-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-kvm', 'pkgver': '4.15.0.1102.98'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-headers-raspi2', 'pkgver': '4.15.0.1098.96'},\n {'osver': '18.04', 'pkgname': 'linux-headers-snapdragon', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-headers-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-image-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-image-dell300x', 'pkgver': '4.15.0.1030.32'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-extra-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-kvm', 'pkgver': '4.15.0.1102.98'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-image-raspi2', 'pkgver': '4.15.0.1098.96'},\n {'osver': '18.04', 'pkgname': 'linux-image-snapdragon', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-unsigned-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-image-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-kvm', 'pkgver': '4.15.0.1102.98'},\n {'osver': '18.04', 'pkgname': 'linux-kvm-headers-4.15.0-1102', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-kvm-tools-4.15.0-1102', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-libc-dev', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-modules-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-modules-extra-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-headers-4.15.0-1083', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-oracle-tools-4.15.0-1083', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-raspi2', 'pkgver': '4.15.0.1098.96'},\n {'osver': '18.04', 'pkgname': 'linux-raspi2-headers-4.15.0-1098', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-raspi2-tools-4.15.0-1098', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-signed-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-signed-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-image-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-signed-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-signed-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon-headers-4.15.0-1115', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-snapdragon-tools-4.15.0-1115', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-source', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-source-4.15.0', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1030-dell300x', 'pkgver': '4.15.0-1030.35'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1083-oracle', 'pkgver': '4.15.0-1083.91'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1098-raspi2', 'pkgver': '4.15.0-1098.104'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1102-kvm', 'pkgver': '4.15.0-1102.104'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1111-gcp', 'pkgver': '4.15.0-1111.125'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1115-aws', 'pkgver': '4.15.0-1115.122'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1115-snapdragon', 'pkgver': '4.15.0-1115.124'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-1126-azure', 'pkgver': '4.15.0-1126.139'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-162', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-162-generic', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-162-generic-lpae', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-4.15.0-162-lowlatency', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-aws-lts-18.04', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-tools-azure-lts-18.04', 'pkgver': '4.15.0.1126.99'},\n {'osver': '18.04', 'pkgname': 'linux-tools-common', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-dell300x', 'pkgver': '4.15.0.1030.32'},\n {'osver': '18.04', 'pkgname': 'linux-tools-gcp-lts-18.04', 'pkgver': '4.15.0.1111.130'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-generic-lpae-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-host', 'pkgver': '4.15.0-162.170'},\n {'osver': '18.04', 'pkgname': 'linux-tools-kvm', 'pkgver': '4.15.0.1102.98'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-lowlatency-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-oracle-lts-18.04', 'pkgver': '4.15.0.1083.93'},\n {'osver': '18.04', 'pkgname': 'linux-tools-raspi2', 'pkgver': '4.15.0.1098.96'},\n {'osver': '18.04', 'pkgname': 'linux-tools-snapdragon', 'pkgver': '4.15.0.1115.118'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-tools-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-virtual', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-virtual-hwe-16.04', 'pkgver': '4.15.0.162.151'},\n {'osver': '18.04', 'pkgname': 'linux-virtual-hwe-16.04-edge', 'pkgver': '4.15.0.162.151'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws-cloud-tools-4.15.0-1115 / linux-aws-edge / etc');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-15T20:25:04", "description": "The remote Ubuntu 20.04 LTS / 21.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5092-2 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-30T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5092-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-33624", "CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38201", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-41073"], "modified": "2021-09-30T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.04", "p-cpe:/a:canonical:ubuntu_linux:linux-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-cloud-tools-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-headers-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-tools-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.11.0-1017", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-5.11.0-37", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-headers-5.11.0-37", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-source-5.11.0", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-5.11.0-37", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-headers-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-tools-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1017-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1019-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04-edge"], "id": "UBUNTU_USN-5092-2.NASL", "href": "https://www.tenable.com/plugins/nessus/153799", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5092-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153799);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/30\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38201\",\n \"CVE-2021-38204\",\n \"CVE-2021-38205\",\n \"CVE-2021-41073\"\n );\n script_xref(name:\"USN\", value:\"5092-2\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 21.04 : Linux kernel vulnerabilities (USN-5092-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 21.04 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the USN-5092-2 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service\n (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5092-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-cloud-tools-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-headers-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11-tools-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-cloud-tools-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-headers-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-azure-tools-5.11.0-1017\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-5.11.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-cloud-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-headers-5.11.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-source-5.11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-5.11.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-headers-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11-tools-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1017-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1019-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-azure-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-64k-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lpae-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oracle-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-hwe-20.04-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-hwe-20.04-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04|21\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 21.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3679', 'CVE-2021-33624', 'CVE-2021-34556', 'CVE-2021-35477', 'CVE-2021-37159', 'CVE-2021-37576', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-38201', 'CVE-2021-38204', 'CVE-2021-38205', 'CVE-2021-41073');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5092-2');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-azure-5.11-cloud-tools-5.11.0-1017', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.11-headers-5.11.0-1017', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-5.11-tools-5.11.0-1017', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-64k-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-headers-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-64k-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oracle', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oracle-edge', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-headers-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-cloud-tools-5.11.0-37', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-cloud-tools-common', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-headers-5.11.0-37', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-source-5.11.0', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-tools-5.11.0-37', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-tools-common', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-hwe-5.11-tools-host', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-extra-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-64k-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-image-oracle-edge', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-image-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-oracle', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-5.11-headers-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-5.11-tools-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-oracle-edge', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1019-oracle', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-37-generic', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-37-generic-64k', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-37-generic-lpae', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-37-lowlatency', 'pkgver': '5.11.0-37.41~20.04.2'},\n {'osver': '20.04', 'pkgname': 'linux-tools-azure-edge', 'pkgver': '5.11.0.1017.18~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-64k-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-64k-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-generic-lpae-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-lowlatency-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oracle', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oracle-edge', 'pkgver': '5.11.0.1019.20~20.04.12'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-tools-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-20.04', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '20.04', 'pkgname': 'linux-virtual-hwe-20.04-edge', 'pkgver': '5.11.0.37.41~20.04.16'},\n {'osver': '21.04', 'pkgname': 'linux-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-azure-cloud-tools-5.11.0-1017', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-azure-headers-5.11.0-1017', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-azure-tools-5.11.0-1017', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-buildinfo-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-cloud-tools-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-headers-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-headers-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-image-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-image-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-image-unsigned-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-modules-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-modules-extra-azure', 'pkgver': '5.11.0.1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-tools-5.11.0-1017-azure', 'pkgver': '5.11.0-1017.18'},\n {'osver': '21.04', 'pkgname': 'linux-tools-azure', 'pkgver': '5.11.0.1017.18'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-azure / linux-azure-5.11-cloud-tools-5.11.0-1017 / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T22:14:47", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5092-1 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-28T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5092-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-33624", "CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38201", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-41073"], "modified": "2021-09-28T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-cloud-tools-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-headers-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-tools-5.11.0-1019", "p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-edge", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1019-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-edge"], "id": "UBUNTU_USN-5092-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153770", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5092-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153770);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/28\");\n\n script_cve_id(\n \"CVE-2021-3679\",\n \"CVE-2021-33624\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38201\",\n \"CVE-2021-38204\",\n \"CVE-2021-38205\",\n \"CVE-2021-41073\"\n );\n script_xref(name:\"USN\", value:\"5092-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-5092-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5092-1 advisory.\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service\n (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5092-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/06/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-cloud-tools-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-headers-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11-tools-5.11.0-1019\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws-edge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.11.0-1019-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws-edge\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3679', 'CVE-2021-33624', 'CVE-2021-34556', 'CVE-2021-35477', 'CVE-2021-37159', 'CVE-2021-37576', 'CVE-2021-38160', 'CVE-2021-38199', 'CVE-2021-38201', 'CVE-2021-38204', 'CVE-2021-38205', 'CVE-2021-41073');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5092-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-aws-5.11-cloud-tools-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-aws-5.11-headers-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-aws-5.11-tools-5.11.0-1019', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-cloud-tools-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-headers-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-headers-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-image-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-modules-extra-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.11.0-1019-aws', 'pkgver': '5.11.0-1019.20~20.04.1'},\n {'osver': '20.04', 'pkgname': 'linux-tools-aws', 'pkgver': '5.11.0.1019.20~20.04.18'},\n {'osver': '20.04', 'pkgname': 'linux-tools-aws-edge', 'pkgver': '5.11.0.1019.20~20.04.18'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws / linux-aws-5.11-cloud-tools-5.11.0-1019 / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T16:47:57", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes. (CVE-2021-38207)\n\n - net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call. (CVE-2021-38208)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2688)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3655", "CVE-2021-3659", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38205", "CVE-2021-38207", "CVE-2021-38208"], "modified": "2021-11-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2688.NASL", "href": "https://www.tenable.com/plugins/nessus/155261", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155261);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/11\");\n\n script_cve_id(\n \"CVE-2021-3655\",\n \"CVE-2021-3659\",\n \"CVE-2021-3679\",\n \"CVE-2021-3743\",\n \"CVE-2021-3753\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38205\",\n \"CVE-2021-38207\",\n \"CVE-2021-38208\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2688)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to\n cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten\n minutes. (CVE-2021-38207)\n\n - net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial\n of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure\n of a bind call. (CVE-2021-38208)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2688\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d2ef017d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.19.90-vhulk2103.1.0.h584.eulerosv2r9\",\n \"kernel-tools-4.19.90-vhulk2103.1.0.h584.eulerosv2r9\",\n \"kernel-tools-libs-4.19.90-vhulk2103.1.0.h584.eulerosv2r9\",\n \"python3-perf-4.19.90-vhulk2103.1.0.h584.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:59", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the 'int_ctl' field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7. (CVE-2021-3653)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call. (CVE-2021-38208)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2713)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3656", "CVE-2021-3659", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3743", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-38205", "CVE-2021-38208"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2021-2713.NASL", "href": "https://www.tenable.com/plugins/nessus/155119", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155119);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2021-3653\",\n \"CVE-2021-3655\",\n \"CVE-2021-3656\",\n \"CVE-2021-3659\",\n \"CVE-2021-3679\",\n \"CVE-2021-3743\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38198\",\n \"CVE-2021-38199\",\n \"CVE-2021-38205\",\n \"CVE-2021-38208\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : kernel (EulerOS-SA-2021-2713)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when\n processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested\n guest (L2). Due to improper validation of the 'int_ctl' field, this issue could allow a malicious L1 to\n enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest\n would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak\n of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to\n 5.14-rc7. (CVE-2021-3653)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access\n permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial\n of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure\n of a bind call. (CVE-2021-38208)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2713\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?65b91eef\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3656\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.18.0-147.5.1.6.h579.eulerosv2r9\",\n \"kernel-tools-4.18.0-147.5.1.6.h579.eulerosv2r9\",\n \"kernel-tools-libs-4.18.0-147.5.1.6.h579.eulerosv2r9\",\n \"python3-perf-4.18.0-147.5.1.6.h579.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:18:19", "description": "The version of kernel installed on the remote host is prior to 4.14.268-139.500. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1571 advisory.\n\n - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.\n (CVE-2018-25020)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. (CVE-2020-36322)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)\n\n - An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. (CVE-2022-24448)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-08T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2022-1571)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-25020", "CVE-2020-36322", "CVE-2021-26341", "CVE-2021-26401", "CVE-2021-28950", "CVE-2021-38199", "CVE-2021-4197", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0330", "CVE-2022-0435", "CVE-2022-0617", "CVE-2022-0847", "CVE-2022-23960", "CVE-2022-24448"], "modified": "2022-04-26T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2022-1571.NASL", "href": "https://www.tenable.com/plugins/nessus/158697", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1571.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158697);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/26\");\n\n script_cve_id(\n \"CVE-2018-25020\",\n \"CVE-2020-36322\",\n \"CVE-2021-4197\",\n \"CVE-2021-26341\",\n \"CVE-2021-26401\",\n \"CVE-2021-38199\",\n \"CVE-2022-0001\",\n \"CVE-2022-0002\",\n \"CVE-2022-0330\",\n \"CVE-2022-0435\",\n \"CVE-2022-0617\",\n \"CVE-2022-0847\",\n \"CVE-2022-23960\",\n \"CVE-2022-24448\"\n );\n script_xref(name:\"ALAS\", value:\"2022-1571\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2022-1571)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.268-139.500. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS-2022-1571 advisory.\n\n - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an\n instruction sequence where inner instructions require substantial expansions into multiple BPF\n instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.\n (CVE-2018-25020)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka\n CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system\n crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as\n CVE-2021-28950. (CVE-2020-36322)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way\n user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw\n to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)\n\n - An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the\n O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a\n regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file\n descriptor. (CVE-2022-24448)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2022-1571.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2018-25020.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-36322.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38199.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4197.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0330.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0435.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0617.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0847.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-24448.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0435\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Dirty Pipe Local Privilege Escalation via CVE-2022-0847');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2018-25020\", \"CVE-2020-36322\", \"CVE-2021-4197\", \"CVE-2021-38199\", \"CVE-2022-0001\", \"CVE-2022-0002\", \"CVE-2022-0330\", \"CVE-2022-0435\", \"CVE-2022-0617\", \"CVE-2022-0847\", \"CVE-2022-24448\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALAS-2022-1571\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-i686-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.268-139.500.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.268-139.500.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:10:17", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4978 advisory.\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability. (CVE-2021-38166)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-09-25T00:00:00", "type": "nessus", "title": "Debian DSA-4978-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-3653", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-3732", "CVE-2021-3739", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38166", "CVE-2021-38199", "CVE-2021-40490", "CVE-2021-41073"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:bpftool", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:hyperv-daemons", "p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:libcpupower-dev", "p-cpe:/a:debian:debian_linux:libcpupower1", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-arm", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-s390", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-x86", "p-cpe:/a:debian:debian_linux:linux-config-5.10", "p-cpe:/a:debian:debian_linux:linux-cpupower", "p-cpe:/a:debian:debian_linux:linux-doc", "p-cpe:/a:debian:debian_linux:linux-doc-5.10", "p-cpe:/a:debian:debian_linux:linux-headers-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-686", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-cloud-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-cloud-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-common", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-common-rt", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-loongson-3", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-octeon", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rpi", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-s390x", "p-cpe:/a:debian:debian_linux:linux-headers-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-loongson-3", "p-cpe:/a:debian:debian_linux:linux-headers-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-octeon", "p-cpe:/a:debian:debian_linux:linux-headers-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-headers-rpi", "p-cpe:/a:debian:debian_linux:linux-headers-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-s390x", "p-cpe:/a:debian:debian_linux:linux-image-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-4kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-4kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-5kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-loongson-3", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-loongson-3-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-marvell", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-octeon", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-octeon-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-powerpc64le-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rpi", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rpi-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-s390x", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-s390x-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-armmp", "p-cpe:/a:debian:debian_linux:linux-image-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-loongson-3", "p-cpe:/a:debian:debian_linux:linux-image-loongson-3-dbg", "p-cpe:/a:debian:debian_linux:linux-image-marvell", "p-cpe:/a:debian:debian_linux:linux-image-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-image-octeon", "p-cpe:/a:debian:debian_linux:linux-image-octeon-dbg", "p-cpe:/a:debian:debian_linux:linux-image-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-image-powerpc64le-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rpi", "p-cpe:/a:debian:debian_linux:linux-image-rpi-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-rt-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-s390x", "p-cpe:/a:debian:debian_linux:linux-image-s390x-dbg", "p-cpe:/a:debian:debian_linux:linux-kbuild-5.10", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-perf", "p-cpe:/a:debian:debian_linux:linux-perf-5.10", "p-cpe:/a:debian:debian_linux:linux-source", "p-cpe:/a:debian:debian_linux:linux-source-5.10", "p-cpe:/a:debian:debian_linux:linux-support-5.10.0-8", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:speakup-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-s390x-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-armmp-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-marvell-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usbip", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-4kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-5kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-loongson-3-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-octeon-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-powerpc64le-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-s390x-di", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-4978.NASL", "href": "https://www.tenable.com/plugins/nessus/153668", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-4978. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153668);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2020-3702\",\n \"CVE-2020-16119\",\n \"CVE-2021-3653\",\n \"CVE-2021-3656\",\n \"CVE-2021-3679\",\n \"CVE-2021-3732\",\n \"CVE-2021-3739\",\n \"CVE-2021-3743\",\n \"CVE-2021-3753\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38166\",\n \"CVE-2021-38199\",\n \"CVE-2021-40490\",\n \"CVE-2021-41073\"\n );\n\n script_name(english:\"Debian DSA-4978-1 : linux - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-4978 advisory.\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP\n socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux\n kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to\n improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for\n a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon\n Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon\n Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W,\n MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds\n write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without\n the CAP_SYS_ADMIN capability. (CVE-2021-38166)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993948\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2021/dsa-4978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-16119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-3702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37576\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-40490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-41073\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/linux\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 5.10.46-5.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-41073\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3656\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hyperv-daemons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-config-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-cpupower\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-cloud-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-cloud-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-8-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-4kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-5kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-686-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-cloud-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-loongson-3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-octeon-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-powerpc64le-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rpi-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-rt-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-8-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-loongson-3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-octeon-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-powerpc64le-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rpi-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-kbuild-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-5.10.0-8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:speakup-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usbip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-8-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'bpftool', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'dasd-extra-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'dasd-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'efi-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fancontrol-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'hyperv-daemons', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'hypervisor-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ipv6-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jffs2-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'libcpupower-dev', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'libcpupower1', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-arm', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-s390', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-x86', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-config-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-cpupower', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-doc', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-doc-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-4kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-4kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-5kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-686', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-686-pae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-amd64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-arm64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-armmp-lpae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-cloud-amd64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-cloud-arm64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-common', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-common-rt', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-loongson-3', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-marvell', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-octeon', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-powerpc64le', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rpi', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rt-686-pae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rt-amd64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rt-arm64', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-rt-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-8-s390x', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-5kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-armmp-lpae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-loongson-3', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-marvell', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-octeon', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-powerpc64le', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-rpi', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-rt-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-headers-s390x', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-4kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-4kc-malta-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-4kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-4kc-malta-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-5kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-5kc-malta-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-686-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-686-pae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-686-pae-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-686-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-amd64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-arm64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-armmp-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-armmp-lpae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-armmp-lpae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-cloud-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-cloud-amd64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-cloud-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-cloud-arm64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-loongson-3', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-loongson-3-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-marvell', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-marvell-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-octeon', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-octeon-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-powerpc64le', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-powerpc64le-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rpi', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rpi-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-686-pae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-686-pae-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-amd64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-arm64-unsigned', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-rt-armmp-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-s390x', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-8-s390x-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5kc-malta', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-5kc-malta-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-686-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-686-pae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-amd64-signed-template', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-arm64-signed-template', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-lpae', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-lpae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-cloud-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-cloud-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-i386-signed-template', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-loongson-3', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-loongson-3-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-marvell', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-marvell-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-octeon', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-octeon-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-powerpc64le', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-powerpc64le-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rpi', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rpi-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-686-pae-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-amd64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-arm64-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-armmp', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-rt-armmp-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-s390x', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-image-s390x-dbg', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-kbuild-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-libc-dev', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-perf', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-perf-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-source', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-source-5.10', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'linux-support-5.10.0-8', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'rtc-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'serial-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'speakup-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-armmp-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-marvell-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'usbip', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-4kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-5kc-malta-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-loongson-3-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-octeon-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-powerpc64le-di', 'reference': '5.10.46-5'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-8-s390x-di', 'reference': '5.10.46-5'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'affs-modules-5.10.0-8-4kc-malta-di / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T18:17:40", "description": "The version of kernel installed on the remote host is prior to 4.14.268-205.500. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1761 advisory.\n\n - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.\n (CVE-2018-25020)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. (CVE-2020-36322)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)\n\n - An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. (CVE-2022-24448)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-03-08T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2022-1761)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-25020", "CVE-2020-36322", "CVE-2021-26341", "CVE-2021-26401", "CVE-2021-28950", "CVE-2021-38199", "CVE-2021-4197", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0330", "CVE-2022-0435", "CVE-2022-0617", "CVE-2022-0847", "CVE-2022-23960", "CVE-2022-24448"], "modified": "2022-04-26T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-4.14.268-205.500", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1761.NASL", "href": "https://www.tenable.com/plugins/nessus/158720", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1761.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158720);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/26\");\n\n script_cve_id(\n \"CVE-2018-25020\",\n \"CVE-2020-36322\",\n \"CVE-2021-4197\",\n \"CVE-2021-26341\",\n \"CVE-2021-26401\",\n \"CVE-2021-38199\",\n \"CVE-2022-0001\",\n \"CVE-2022-0002\",\n \"CVE-2022-0330\",\n \"CVE-2022-0435\",\n \"CVE-2022-0617\",\n \"CVE-2022-0847\",\n \"CVE-2022-23960\",\n \"CVE-2022-24448\"\n );\n script_xref(name:\"ALAS\", value:\"2022-1761\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/16\");\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2022-1761)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.268-205.500. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2022-1761 advisory.\n\n - The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an\n instruction sequence where inner instructions require substantial expansions into multiple BPF\n instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c.\n (CVE-2018-25020)\n\n - An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka\n CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system\n crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as\n CVE-2021-28950. (CVE-2020-36322)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way\n user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw\n to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)\n\n - An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the\n O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a\n regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file\n descriptor. (CVE-2022-24448)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1761.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2018-25020.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-36322.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-38199.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-4197.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0330.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0435.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0617.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0847.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-24448.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0435\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Dirty Pipe Local Privilege Escalation via CVE-2022-0847');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-4.14.268-205.500\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2018-25020\", \"CVE-2020-36322\", \"CVE-2021-4197\", \"CVE-2021-38199\", \"CVE-2022-0001\", \"CVE-2022-0002\", \"CVE-2022-0330\", \"CVE-2022-0435\", \"CVE-2022-0617\", \"CVE-2022-0847\", \"CVE-2022-24448\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALAS-2022-1761\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-aarch64-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-205.500.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-livepatch-4.14.268-205.500-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.268-205.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.268-205.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}", "cvss": {"score": 9, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-06-15T20:25:44", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5096-1 advisory.\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability. (CVE-2021-38166)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd. (CVE-2021-38202)\n\n - btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info. (CVE-2021-38203)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-09-30T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5096-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-34556", "CVE-2021-35477", "CVE-2021-3612", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-38160", "CVE-2021-38166", "CVE-2021-38199", "CVE-2021-38201", "CVE-2021-38202", "CVE-2021-38203", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-40490", "CVE-2021-41073"], "modified": "2021-09-30T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-headers-5.13.0-1014", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-tools-5.13.0-1014", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1014-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04c"], "id": "UBUNTU_USN-5096-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153789", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5096-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153789);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/30\");\n\n script_cve_id(\n \"CVE-2021-3612\",\n \"CVE-2021-3679\",\n \"CVE-2021-3732\",\n \"CVE-2021-34556\",\n \"CVE-2021-35477\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38166\",\n \"CVE-2021-38199\",\n \"CVE-2021-38201\",\n \"CVE-2021-38202\",\n \"CVE-2021-38203\",\n \"CVE-2021-38204\",\n \"CVE-2021-38205\",\n \"CVE-2021-40490\",\n \"CVE-2021-41073\"\n );\n script_xref(name:\"USN\", value:\"5096-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5096-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5096-1 advisory.\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions\n before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the\n system or possibly escalate their privileges on the system. The highest threat from this vulnerability is\n to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects\n the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)\n\n - In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from\n kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store\n operation does not necessarily occur before a store operation that has an attacker-controlled value.\n (CVE-2021-35477)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds\n write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without\n the CAP_SYS_ADMIN capability. (CVE-2021-38166)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service\n (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.\n (CVE-2021-38201)\n\n - fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of\n service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used\n for nfsd. (CVE-2021-38202)\n\n - btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via\n processes that trigger allocation of new system chunks during times when there is a shortage of free space\n in the system space_info. (CVE-2021-38203)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain\n privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by\n using /proc//maps for exploitation. (CVE-2021-41073)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5096-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-headers-5.13.0-1014\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-tools-5.13.0-1014\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.13.0-1014-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04c\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2021-3612', 'CVE-2021-3679', 'CVE-2021-3732', 'CVE-2021-34556', 'CVE-2021-35477', 'CVE-2021-37159', 'CVE-2021-38160', 'CVE-2021-38166', 'CVE-2021-38199', 'CVE-2021-38201', 'CVE-2021-38202', 'CVE-2021-38203', 'CVE-2021-38204', 'CVE-2021-38205', 'CVE-2021-40490', 'CVE-2021-41073');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5096-1');\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04c', 'pkgver': '5.13.0.1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04c', 'pkgver': '5.13.0.1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04c', 'pkgver': '5.13.0.1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.13-headers-5.13.0-1014', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.13-tools-5.13.0-1014', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.13-tools-host', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.13.0-1014-oem', 'pkgver': '5.13.0-1014.18'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04c', 'pkgver': '5.13.0.1014.18'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-buildinfo-5.13.0-1014-oem / linux-headers-5.13.0-1014-oem / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-25T22:38:33", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-204573007References: Upstream kernel (CVE-2021-1048)\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.\n This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space (CVE-2021-22555)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. (CVE-2021-33909)\n\n - net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls. (CVE-2021-38209)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-12-29T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.0 : kernel (EulerOS-SA-2021-2818)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-25045", "CVE-2020-36385", "CVE-2021-1048", "CVE-2021-21781", "CVE-2021-22555", "CVE-2021-33624", "CVE-2021-33909", "CVE-2021-34693", "CVE-2021-3600", "CVE-2021-3609", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38209", "CVE-2021-40490"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2021-2818.NASL", "href": "https://www.tenable.com/plugins/nessus/156347", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156347);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-25045\",\n \"CVE-2020-36385\",\n \"CVE-2021-1048\",\n \"CVE-2021-3600\",\n \"CVE-2021-3609\",\n \"CVE-2021-3679\",\n \"CVE-2021-3753\",\n \"CVE-2021-21781\",\n \"CVE-2021-22555\",\n \"CVE-2021-33624\",\n \"CVE-2021-33909\",\n \"CVE-2021-34693\",\n \"CVE-2021-37159\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\",\n \"CVE-2021-38209\",\n \"CVE-2021-40490\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0350\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.0 : kernel (EulerOS-SA-2021-2818)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free,\n related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-\n free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is\n called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-204573007References: Upstream kernel (CVE-2021-1048)\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66\n and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read\n the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's\n memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222\n 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.\n This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name\n space (CVE-2021-22555)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer\n allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an\n unprivileged user, aka CID-8cae8cd89f05. (CVE-2021-33909)\n\n - net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from\n kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in\n any net namespace because these changes are leaked into all other net namespaces. This is related to the\n NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls. (CVE-2021-38209)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-2818\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b28a6b50\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Netfilter x_tables Heap OOB Write Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h1101\",\n \"kernel-tools-libs-devel-4.19.36-vhulk1907.1.0.h1101\",\n \"perf-4.19.36-vhulk1907.1.0.h1101\",\n \"python-perf-4.19.36-vhulk1907.1.0.h1101\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-14T21:16:33", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after- free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476 (CVE-2021-0605)\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.\n This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space (CVE-2021-22555)\n\n - An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations. (CVE-2021-29155)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel. (CVE-2021-31829)\n\n - An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi- device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. (CVE-2021-31916)\n\n - The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value. (CVE-2021-33033)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.\n (CVE-2021-33200)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. (CVE-2021-33909)\n\n - The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in the upstream kernel in commit 9b00f1b78809 ('bpf: Fix truncation handling for mod32 dst reg wrt zero') and in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101. (CVE-2021-3444)\n\n - net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-02-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : kernel (EulerOS-SA-2022-1070)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-25045", "CVE-2020-36385", "CVE-2021-0605", "CVE-2021-3444", "CVE-2021-3600", "CVE-2021-3609", "CVE-2021-3679", "CVE-2021-3753", "CVE-2021-21781", "CVE-2021-22555", "CVE-2021-29155", "CVE-2021-31829", "CVE-2021-31916", "CVE-2021-33033", "CVE-2021-33200", "CVE-2021-33624", "CVE-2021-33909", "CVE-2021-34693", "CVE-2021-37159", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-source", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2022-1070.NASL", "href": "https://www.tenable.com/plugins/nessus/158016", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158016);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\n \"CVE-2019-25045\",\n \"CVE-2020-36385\",\n \"CVE-2021-0605\",\n \"CVE-2021-3444\",\n \"CVE-2021-3600\",\n \"CVE-2021-3609\",\n \"CVE-2021-3679\",\n \"CVE-2021-3753\",\n \"CVE-2021-21781\",\n \"CVE-2021-22555\",\n \"CVE-2021-29155\",\n \"CVE-2021-31829\",\n \"CVE-2021-31916\",\n \"CVE-2021-33033\",\n \"CVE-2021-33200\",\n \"CVE-2021-33624\",\n \"CVE-2021-33909\",\n \"CVE-2021-34693\",\n \"CVE-2021-37159\",\n \"CVE-2021-37576\",\n \"CVE-2021-38160\",\n \"CVE-2021-38199\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0350\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : kernel (EulerOS-SA-2022-1070)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free,\n related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)\n\n - An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-\n free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is\n called, aka CID-f5449e74802c. (CVE-2020-36385)\n\n - In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This\n could lead to local information disclosure in the kernel with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476\n (CVE-2021-0605)\n\n - An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66\n and v5.4.54. The latest version (5.11-rc4) seems to still be vulnerable. A userland application can read\n the contents of the sigpage, which can leak kernel memory contents. An attacker can read a process's\n memory at a specific offset to trigger this vulnerability. This was fixed in kernel releases: 4.14.222\n 4.19.177 5.4.99 5.10.17 5.11 (CVE-2021-21781)\n\n - A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c.\n This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name\n space (CVE-2021-22555)\n\n - An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable\n out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre\n mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer\n arithmetic operations, the pointer modification performed by the first operation is not correctly\n accounted for when restricting subsequent operations. (CVE-2021-29155)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading\n to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not\n protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized\n data that might represent sensitive information previously operated on by the kernel. (CVE-2021-31829)\n\n - An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-\n device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with\n special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or\n a leak of internal kernel information. The highest threat from this vulnerability is to system\n availability. (CVE-2021-31916)\n\n - The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because\n the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads\n to writing an arbitrary value. (CVE-2021-33033)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic\n operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel\n memory, leading to local privilege escalation to root. In particular, there is a corner case where the off\n reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.\n (CVE-2021-33200)\n\n - In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because\n of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a\n side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)\n\n - fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer\n allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an\n unprivileged user, aka CID-8cae8cd89f05. (CVE-2021-33909)\n\n - The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when\n the source register was known to be 0. A local attacker with the ability to load bpf programs could use\n this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and\n possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in\n the upstream kernel in commit 9b00f1b78809 ('bpf: Fix truncation handling for mod32 dst reg wrt zero') and\n in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101. (CVE-2021-3444)\n\n - net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from\n kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest\n OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1070\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1a24f539\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Netfilter x_tables Heap OOB Write Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bpftool-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-devel-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-headers-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-source-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-tools-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"kernel-tools-libs-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"python-perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\",\n \"python3-perf-4.19.36-vhulk1907.1.0.h1103.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-08T15:30:27", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2843 advisory.\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)\n\n - In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References:\n Upstream kernel (CVE-2021-0920)\n\n - A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.\n (CVE-2021-20317)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. (CVE-2021-22543)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the int_ctl field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7. (CVE-2021-3653)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - inflect is vulnerable to Inefficient Regular Expression Complexity (CVE-2021-3820)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer). (CVE-2021-38205)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)\n\n - The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.\n (CVE-2021-42008)\n\n - The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. (CVE-2021-42739)\n\n - An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-12-17T00:00:00", "type": "nessus", "title": "Debian DLA-2843-1 : linux - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-0920", "CVE-2021-20317", "CVE-2021-20321", "CVE-2021-20322", "CVE-2021-22543", "CVE-2021-3612", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-3753", "CVE-2021-3760", "CVE-2021-3816", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-3820", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-40490", "CVE-2021-41864", "CVE-2021-42008", "CVE-2021-4273", "CVE-2021-42739", "CVE-2021-43389"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:hyperv-daemons", "p-cpe:/a:debian:debian_linux:libcpupower-dev", "p-cpe:/a:debian:debian_linux:libcpupower1", "p-cpe:/a:debian:debian_linux:libusbip-dev", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-6-arm", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-6-x86", "p-cpe:/a:debian:debian_linux:linux-cpupower", "p-cpe:/a:debian:debian_linux:linux-doc-4.9", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-686", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-armel", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-armhf", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-common", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-common-rt", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-arm64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-marvell", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-kbuild-4.9", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-4.9", "p-cpe:/a:debian:debian_linux:linux-perf-4.9", "p-cpe:/a:debian:debian_linux:linux-source-4.9", "p-cpe:/a:debian:debian_linux:linux-support-4.9.0-14", "p-cpe:/a:debian:debian_linux:usbip", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2843.NASL", "href": "https://www.tenable.com/plugins/nessus/156163", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2843. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(156163);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2020-3702\",\n \"CVE-2020-16119\",\n \"CVE-2021-0920\",\n \"CVE-2021-3612\",\n \"CVE-2021-3653\",\n \"CVE-2021-3655\",\n \"CVE-2021-3679\",\n \"CVE-2021-3732\",\n \"CVE-2021-3753\",\n \"CVE-2021-3760\",\n \"CVE-2021-3816\",\n \"CVE-2021-3820\",\n \"CVE-2021-4273\",\n \"CVE-2021-20317\",\n \"CVE-2021-20321\",\n \"CVE-2021-20322\",\n \"CVE-2021-22543\",\n \"CVE-2021-37159\",\n \"CVE-2021-38160\",\n \"CVE-2021-38198\",\n \"CVE-2021-38199\",\n \"CVE-2021-38204\",\n \"CVE-2021-38205\",\n \"CVE-2021-40490\",\n \"CVE-2021-41864\",\n \"CVE-2021-42008\",\n \"CVE-2021-42739\",\n \"CVE-2021-43389\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"Debian DLA-2843-1 : linux - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2843 advisory.\n\n - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP\n socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux\n kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.\n (CVE-2020-16119)\n\n - u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to\n improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for\n a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon\n Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon\n Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W,\n MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)\n\n - In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This\n could lead to local escalation of privilege with System execution privileges needed. User interaction is\n not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References:\n Upstream kernel (CVE-2021-0920)\n\n - A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the\n timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user\n privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.\n (CVE-2021-20317)\n\n - An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass\n RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users\n with the ability to start and control a VM to read/write random pages of memory and can result in local\n privilege escalation. (CVE-2021-22543)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions\n before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the\n system or possibly escalate their privileges on the system. The highest threat from this vulnerability is\n to confidentiality, integrity, as well as system availability. (CVE-2021-3612)\n\n - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when\n processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested\n guest (L2). Due to improper validation of the int_ctl field, this issue could allow a malicious L1 to\n enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest\n would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak\n of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to\n 5.14-rc7. (CVE-2021-3653)\n\n - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on\n inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)\n\n - A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was\n found in the way user uses trace ring buffer in a specific way. Only privileged local users (with\n CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.\n (CVE-2021-3679)\n\n - hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev\n without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.\n (CVE-2021-37159)\n\n - ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss\n can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:\n the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the\n length validation was added solely for robustness in the face of anomalous host OS behavior.\n (CVE-2021-38160)\n\n - arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access\n permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)\n\n - fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which\n allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for\n those servers to be unreachable during trunking detection. (CVE-2021-38199)\n\n - inflect is vulnerable to Inefficient Regular Expression Complexity (CVE-2021-3820)\n\n - drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to\n cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain\n situations. (CVE-2021-38204)\n\n - drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for\n attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM\n pointer). (CVE-2021-38205)\n\n - A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in\n the Linux kernel through 5.13.13. (CVE-2021-40490)\n\n - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows\n unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds\n write. (CVE-2021-41864)\n\n - The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab\n out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.\n (CVE-2021-42008)\n\n - The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to\n drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt\n mishandles bounds checking. (CVE-2021-42739)\n\n - An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in\n the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-16119\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-3702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-0920\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-20317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-20321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-20322\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-22543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3612\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3655\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-37159\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3732\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3760\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38160\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38204\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-38205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-40490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-41864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-42008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4273\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-42739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-43389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/linux\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 4.9.290-1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-38160\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-3653\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/12/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hyperv-daemons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libusbip-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-6-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-6-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-cpupower\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-armel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-armhf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.9.0-14-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.9.0-14-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-kbuild-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-4.9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-4.9.0-14\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usbip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'hyperv-daemons', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'libcpupower-dev', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'libcpupower1', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'libusbip-dev', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-compiler-gcc-6-arm', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-compiler-gcc-6-x86', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-cpupower', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-doc-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-686', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-686-pae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-arm64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-armel', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-armhf', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-all-i386', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-arm64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-armmp', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-armmp-lpae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-common', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-common-rt', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-marvell', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-rt-686-pae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-headers-4.9.0-14-rt-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-686', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-686-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-686-pae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-686-pae-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-amd64-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-arm64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-arm64-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-armmp', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-armmp-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-armmp-lpae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-armmp-lpae-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-marvell', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-marvell-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-rt-686-pae', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-rt-686-pae-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-rt-amd64', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-image-4.9.0-14-rt-amd64-dbg', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-kbuild-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-libc-dev', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-manual-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-perf-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-source-4.9', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'linux-support-4.9.0-14', 'reference': '4.9.290-1'},\n {'release': '9.0', 'prefix': 'usbip', 'reference': '4.9.290-1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hyperv-daemons / libcpupower-dev / libcpupower1 / libusbip-dev / etc');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cloudfoundry": [{"lastseen": "2021-11-26T21:44:28", "description": "## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 18.04\n\n## Description\n\nSeveral security issues were fixed in the Linux kernel.\n\nOfek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk\n\ndiscovered that the BPF verifier in the Linux kernel missed possible\n\nmispredicted branches due to type confusion, allowing a side-channel\n\nattack. An attacker could use this to expose sensitive information.\n\n(CVE-2021-33624)\n\nIt was discovered that the tracing subsystem in the Linux kernel did not\n\nproperly keep track of per-cpu ring buffer state. A privileged attacker\n\ncould use this to cause a denial of service. (CVE-2021-3679)\n\nAlexey Kardashevskiy discovered that the KVM implementation for PowerPC\n\nsystems in the Linux kernel did not properly validate RTAS arguments in\n\nsome situations. An attacker in a guest vm could use this to cause a denial\n\nof service (host OS crash) or possibly execute arbitrary code.\n\n(CVE-2021-37576)\n\nIt was discovered that the Virtio console implementation in the Linux\n\nkernel did not properly validate input lengths in some situations. A local\n\nattacker could possibly use this to cause a denial of service (system\n\ncrash). (CVE-2021-38160)\n\nMichael Wakabayashi discovered that the NFSv4 client implementation in the\n\nLinux kernel did not properly order connection setup operations. An\n\nattacker controlling a remote NFS server could use this to cause a denial\n\nof service on the client. (CVE-2021-38199)\n\nIt was discovered that the MAX-3421 host USB device driver in the Linux\n\nkernel did not properly handle device removal events. A physically\n\nproximate attacker could use this to cause a denial of service (system\n\ncrash). (CVE-2021-38204)\n\nCVEs contained in this USN include: CVE-2021-38160, CVE-2021-33624, CVE-2021-3679, CVE-2021-37576, CVE-2021-38199, CVE-2021-38204.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Bionic Stemcells \n * 1.x versions prior to 1.33\n * All other stemcells not listed.\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Bionic Stemcells \n * Upgrade 1.x versions to 1.33 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n\n## References\n\n * [USN Notice](<https://ubuntu.com/security/notices/USN-5091-1>)\n * [CVE-2021-38160](<https://people.canonical.com/~ubuntu-security/cve/CVE-2021-38160>)\n * [CVE-2021-33624](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-33624.html>)\n * [CVE-2021-3679](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3679.html>)\n * [CVE-2021-37576](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-37576.html>)\n * [CVE-2021-38199](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-38199.html>)\n * [CVE-2021-38204](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-38204.html>)\n\n## History\n\n2021-10-04: Initial vulnerability report published.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-10-04T00:00:00", "type": "cloudfoundry", "title": "USN-5091-1: Linux kernel vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-33624", "CVE-2021-3679", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38199", "CVE-2021-38204"], "modified": "2021-10-04T00:00:00", "id": "CFOUNDRY:F80B396F2BC116F4085AD8234E752ED0", "href": "https://www.cloudfoundry.org/blog/usn-5091-1-linux-kernel-vulnerabilities/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-21T07:40:27", "description": "## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 16.04\n * Canonical Ubuntu 18.04\n\n## Description\n\nSeveral security issues were fixed in the Linux kernel.\n\nCVEs contained in this USN include: CVE-2021-38199, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2019-19449, CVE-2020-36322, CVE-2020-36385, CVE-2021-3655.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Bionic Stemcells \n * 1.x versions prior to 1.41\n * All other stemcells not listed.\n * cflinuxfs3 \n * All versions prior to 0.265.0\n * CF Deployment \n * All versions prior to 17.1.0\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Bionic Stemcells \n * Upgrade 1.x versions to 1.41 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n * cflinuxfs3 \n * Upgrade all versions to 0.265.0 or greater\n * CF Deployment \n * Upgrade all versions to 17.1.0 or greater\n\n## References\n\n * [USN Notice](<https://ubuntu.com/security/notices/USN-5136-1>)\n * [CVE-2021-38199](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-38199.html>)\n * [CVE-2021-3743](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3743.html>)\n * [CVE-2021-3753](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3753.html>)\n * [CVE-2021-3759](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3759.html>)\n * [CVE-2019-19449](<https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19449.html>)\n * [CVE-2020-36322](<https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-36322.html>)\n * [CVE-2020-36385](<https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-36385.html>)\n * [CVE-2021-3655](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3655.html>)\n\n## History\n\n2022-01-20: Initial vulnerability report published.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2022-01-20T00:00:00", "type": "cloudfoundry", "title": "USN-5136-1: Linux kernel vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19449", "CVE-2020-36322", "CVE-2020-36385", "CVE-2021-3655", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-3759", "CVE-2021-38199"], "modified": "2022-01-20T00:00:00", "id": "CFOUNDRY:82DF14FC7487619119F0BE4E5983B231", "href": "https://www.cloudfoundry.org/blog/usn-5136-1-linux-kernel-vulnerabilities/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2022-05-24T17:25:53", "description": "**Issue Overview:**\n\nAmazon Linux has been made aware of a potential Branch Target Injection (BTI) issue (sometimes referred to as Spectre variant 2). This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient execution attacks do not have access to the data on the hosts they attempt to access (e.g. where privilege-level isolation is in place). For such attacks to succeed, actors need to be able to run code on the (virtual) machine hosting the data in which they are interested.\n\nTo mitigate this issue, Amazon Linux recommends that customers disable unprivileged eBPF. This configuration, having the unprivileged eBPF disabled, is the current default for most Linux distributions and as of this advisory, is also the default for all Amazon Linux kernels.\n\nSpecific mitigations for various CPUs are listed below.\n\nIntel CPUs: \nFor Intel CPUs, this applies to all instance types that have CPUs with eIBRS support. They are: \n*6i* (all sizes), c5d.metal, c5.metal, g4dn.metal, i3en.metal, m5*.metal, r5*.metal\n\nVectors outside of unprivileged eBPF are not currently known, and Intel recommends disabling unprivileged BPF, as mentioned above. However, optionally enabling \"spectre_v2=eibrs,lfence\" on Linux kernel command line on the instance types mentioned above, would provide additional protection.\n\nAMD CPUs: \nAs part of the investigation triggered by this issue, AMD now recommends using a different software mitigation inside the Linux kernel, which the Amazon Linux kernel is enabling by default. This means that the Linux kernel will use the generic retpoline software mitigation, instead of the specialized AMD one, on AMD instances (*5a*). This is done by default, and no administrator action is needed.\n\nARM CPUs: \nThe Amazon Linux kernel now enables, by default, a software mitigation for this issue, on all ARM-based EC2 instance types.\n\n \nA buffer overflow flaw in the Linux kernel BPF subsystem was found in the way users run BPF with long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2018-25020)\n\nA denial of service flaw was found in fuse_do_getattr in fs/fuse/dir.c in the kernel side of the FUSE filesystem in the Linux kernel. A local user could use this flaw to crash the system. (CVE-2020-36322)\n\nA flaw was found in the hanging of mounts in the Linux kernel's NFS4 subsystem where remote servers are unreachable for the client during migration of data from one server to another (during trunking detection). This flaw allows a remote NFS4 server (if the client is connected) to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-38199)\n\nAn unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-4197)\n\nNon-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure. (CVE-2022-0001)\n\nNon-transparent sharing of branch predictor within a context in some Intel(r) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\nA random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. (CVE-2022-0330)\n\nA stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. (CVE-2022-0435)\n\nA NULL pointer dereference was found in the Linux kernel's UDF file system functionality in the way the user triggers the udf_file_write_iter function for a malicious UDF image. This flaw allows a local user to crash the system. (CVE-2022-0617)\n\nA flaw was found in the Linux kernel. When an application tries to open a directory (using the O_DIRECTORY flag) in a mounted NFS filesystem, a lookup operation is performed. If the NFS server returns a file as a result of the lookup, the NFS filesystem returns an uninitialized file descriptor instead of the expected ENOTDIR value. This flaw leads to the kernel's data leak into the userspace. (CVE-2022-24448) \nReferences to CVE-2021-26401, CVE-2021-26341 and CVE-2022-23960 have been added after the original release of this advisory, however those vulnerabilities were fixed by the packages referenced by this advisory's initial release on 2022-03-07\n\nReferences to CVE-2022-0847 have been removed after the original release of this advisory, as we have determined that the code within kernel versions prior to 5.8 is not affected by CVE-2022-0847.\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 kernel-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-aarch64-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 perf-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 python-perf-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 python-perf-debuginfo-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.268-205.500.amzn2.aarch64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.268-205.500.amzn2.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-205.500.amzn2.i686 \n \n src: \n \u00a0\u00a0\u00a0 kernel-4.14.268-205.500.amzn2.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 perf-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 python-perf-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 python-perf-debuginfo-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.268-205.500.amzn2.x86_64 \n \u00a0\u00a0\u00a0 kernel-livepatch-4.14.268-205.500-1.0-0.amzn2.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-07T23:32:00", "type": "amazon", "title": "Important: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25020", "CVE-2020-36322", "CVE-2021-26341", "CVE-2021-26401", "CVE-2021-38199", "CVE-2021-4197", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0330", "CVE-2022-0435", "CVE-2022-0617", "CVE-2022-0847", "CVE-2022-23960", "CVE-2022-24448"], "modified": "2022-05-23T21:55:00", "id": "ALAS2-2022-1761", "href": "https://alas.aws.amazon.com/AL2/ALAS-2022-1761.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-05-24T16:24:08", "description": "**Issue Overview:**\n\nAmazon Linux has been made aware of a potential Branch Target Injection (BTI) issue (sometimes referred to as Spectre variant 2). This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an indirect branch prediction. Generally, actors who attempt transient execution attacks do not have access to the data on the hosts they attempt to access (e.g. where privilege-level isolation is in place). For such attacks to succeed, actors need to be able to run code on the (virtual) machine hosting the data in which they are interested.\n\nTo mitigate this issue, Amazon Linux recommends that customers disable unprivileged eBPF. This configuration, having the unprivileged eBPF disabled, is the current default for most Linux distributions and as of this advisory, is also the default for all Amazon Linux kernels.\n\nSpecific mitigations for various CPUs are listed below.\n\nIntel CPUs: \nFor Intel CPUs, this applies to all instance types that have CPUs with eIBRS support. They are: \n*6i* (all sizes), c5d.metal, c5.metal, g4dn.metal, i3en.metal, m5*.metal, r5*.metal\n\nVectors outside of unprivileged eBPF are not currently known, and Intel recommends disabling unprivileged BPF, as mentioned above. However, optionally enabling \"spectre_v2=eibrs,lfence\" on Linux kernel command line on the instance types mentioned above, would provide additional protection.\n\nAMD CPUs: \nAs part of the investigation triggered by this issue, AMD now recommends using a different software mitigation inside the Linux kernel, which the Amazon Linux kernel is enabling by default. This means that the Linux kernel will use the generic retpoline software mitigation, instead of the specialized AMD one, on AMD instances (*5a*). This is done by default, and no administrator action is needed.\n\nARM CPUs: \nThe Amazon Linux kernel now enables, by default, a software mitigation for this issue, on all ARM-based EC2 instance types.\n\n \nA buffer overflow flaw in the Linux kernel BPF subsystem was found in the way users run BPF with long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2018-25020)\n\nA denial of service flaw was found in fuse_do_getattr in fs/fuse/dir.c in the kernel side of the FUSE filesystem in the Linux kernel. A local user could use this flaw to crash the system. (CVE-2020-36322)\n\nA flaw was found in the hanging of mounts in the Linux kernel's NFS4 subsystem where remote servers are unreachable for the client during migration of data from one server to another (during trunking detection). This flaw allows a remote NFS4 server (if the client is connected) to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-38199)\n\nAn unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-4197)\n\nNon-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure. (CVE-2022-0001)\n\nNon-transparent sharing of branch predictor within a context in some Intel(r) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\nA random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. (CVE-2022-0330)\n\nA stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. (CVE-2022-0435)\n\nA NULL pointer dereference was found in the Linux kernel's UDF file system functionality in the way the user triggers the udf_file_write_iter function for a malicious UDF image. This flaw allows a local user to crash the system. (CVE-2022-0617)\n\nA flaw was found in the Linux kernel. When an application tries to open a directory (using the O_DIRECTORY flag) in a mounted NFS filesystem, a lookup operation is performed. If the NFS server returns a file as a result of the lookup, the NFS filesystem returns an uninitialized file descriptor instead of the expected ENOTDIR value. This flaw leads to the kernel's data leak into the userspace. (CVE-2022-24448) \nReferences to CVE-2021-26401, CVE-2021-26341 and CVE-2022-23960 have been added after the original release of this advisory, however those vulnerabilities were fixed by the packages referenced by this advisory's initial release on 2022-03-07\n\nReferences to CVE-2022-0847 have been removed after the original release of this advisory, as we have determined that the code within kernel versions prior to 5.8 is not affected by CVE-2022-0847. \n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 perf-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-i686-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-4.14.268-139.500.amzn1.i686 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.268-139.500.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 kernel-4.14.268-139.500.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 kernel-tools-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-headers-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-debuginfo-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-debuginfo-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-tools-devel-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-debuginfo-common-x86_64-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 perf-4.14.268-139.500.amzn1.x86_64 \n \u00a0\u00a0\u00a0 kernel-devel-4.14.268-139.500.amzn1.x86_64 \n \n \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-07T23:19:00", "type": "amazon", "title": "Important: kernel", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25020", "CVE-2020-36322", "CVE-2021-26341", "CVE-2021-26401", "CVE-2021-38199", "CVE-2021-4197", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0330", "CVE-2022-0435", "CVE-2022-0617", "CVE-2022-0847", "CVE-2022-23960", "CVE-2022-24448"], "modified": "2022-05-23T21:59:00", "id": "ALAS-2022-1571", "href": "https://alas.aws.amazon.com/ALAS-2022-1571.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2021-11-28T08:50:23", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4978-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 25, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3653 CVE-2021-3656 \n CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 \n CVE-2021-3753 CVE-2021-37576 CVE-2021-38160 CVE-2021-38166 \n CVE-2021-38199 CVE-2021-40490 CVE-2021-41073\nDebian Bug : 993948 993978\n\nSeveral vulnerabilities have been discovered in the Linux kernel\nthat may lead to a privilege escalation, denial of service or\ninformation leaks.\n\nCVE-2020-3702\n\n A flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n\nCVE-2020-16119\n\n Hadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n\nCVE-2021-3653\n\n Maxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt Controller)\n for the L2 guest. The L2 guest can take advantage of this flaw to\n write to a limited but still relatively large subset of the host\n physical memory.\n\nCVE-2021-3656\n\n Maxim Levitsky and Paolo Bonzini discovered a flaw in the KVM\n hypervisor implementation for AMD processors in the Linux kernel.\n Missing validation of the the `virt_ext` VMCB field could allow a\n malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS\n (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances,\n the L2 guest is able to run VMLOAD/VMSAVE unintercepted and thus\n read/write portions of the host's physical memory.\n\nCVE-2021-3679\n\n A flaw in the Linux kernel tracing module functionality could allow\n a privileged local user (with CAP_SYS_ADMIN capability) to cause a\n denial of service (resource starvation).\n\nCVE-2021-3732\n\n Alois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n\nCVE-2021-3739\n\n A NULL pointer dereference flaw was found in the btrfs filesystem,\n allowing a local attacker with CAP_SYS_ADMIN capabilities to cause a\n denial of service.\n\nCVE-2021-3743\n\n An out-of-bounds memory read was discovered in the Qualcomm IPC\n router protocol implementation, allowing to cause a denial of\n service or information leak.\n\nCVE-2021-3753\n\n Minh Yuan reported a race condition in the vt_k_ioctl in\n drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds\n read in vt.\n\nCVE-2021-37576\n\n Alexey Kardashevskiy reported a buffer overflow in the KVM subsystem\n on the powerpc platform, which allows KVM guest OS users to cause\n memory corruption on the host.\n\nCVE-2021-38160\n\n A flaw in the virtio_console was discovered allowing data corruption\n or data loss by an untrusted device.\n\nCVE-2021-38166\n\n An integer overflow flaw in the BPF subsystem could allow a local\n attacker to cause a denial of service or potentially the execution\n of arbitrary code. This flaw is mitigated by default in Debian as\n unprivileged calls to bpf() are disabled.\n\nCVE-2021-38199\n\n Michael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n\nCVE-2021-40490\n\n A race condition was discovered in the ext4 subsystem when writing\n to an inline_data file while its xattrs are changing. This could\n result in denial of service.\n\nCVE-2021-41073\n\n Valentina Palmiotti discovered a flaw in io_uring allowing a local\n attacker to escalate privileges.\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 5.10.46-5. This update includes fixes for #993948 and #993978.\n\nWe recommend that you upgrade your linux packages.\n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-09-25T08:09:05", "type": "debian", "title": "[SECURITY] [DSA 4978-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-3653", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-3732", "CVE-2021-3739", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38166", "CVE-2021-38199", "CVE-2021-40490", "CVE-2021-41073"], "modified": "2021-09-25T08:09:05", "id": "DEBIAN:DSA-4978-1:98A5E", "href": "https://lists.debian.org/debian-security-announce/2021/msg00163.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-04T02:01:17", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4978-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 25, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3653 CVE-2021-3656 \n CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 \n CVE-2021-3753 CVE-2021-37576 CVE-2021-38160 CVE-2021-38166 \n CVE-2021-38199 CVE-2021-40490 CVE-2021-41073\nDebian Bug : 993948 993978\n\nSeveral vulnerabilities have been discovered in the Linux kernel\nthat may lead to a privilege escalation, denial of service or\ninformation leaks.\n\nCVE-2020-3702\n\n A flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n\nCVE-2020-16119\n\n Hadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n\nCVE-2021-3653\n\n Maxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt Controller)\n for the L2 guest. The L2 guest can take advantage of this flaw to\n write to a limited but still relatively large subset of the host\n physical memory.\n\nCVE-2021-3656\n\n Maxim Levitsky and Paolo Bonzini discovered a flaw in the KVM\n hypervisor implementation for AMD processors in the Linux kernel.\n Missing validation of the the `virt_ext` VMCB field could allow a\n malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS\n (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances,\n the L2 guest is able to run VMLOAD/VMSAVE unintercepted and thus\n read/write portions of the host's physical memory.\n\nCVE-2021-3679\n\n A flaw in the Linux kernel tracing module functionality could allow\n a privileged local user (with CAP_SYS_ADMIN capability) to cause a\n denial of service (resource starvation).\n\nCVE-2021-3732\n\n Alois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n\nCVE-2021-3739\n\n A NULL pointer dereference flaw was found in the btrfs filesystem,\n allowing a local attacker with CAP_SYS_ADMIN capabilities to cause a\n denial of service.\n\nCVE-2021-3743\n\n An out-of-bounds memory read was discovered in the Qualcomm IPC\n router protocol implementation, allowing to cause a denial of\n service or information leak.\n\nCVE-2021-3753\n\n Minh Yuan reported a race condition in the vt_k_ioctl in\n drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds\n read in vt.\n\nCVE-2021-37576\n\n Alexey Kardashevskiy reported a buffer overflow in the KVM subsystem\n on the powerpc platform, which allows KVM guest OS users to cause\n memory corruption on the host.\n\nCVE-2021-38160\n\n A flaw in the virtio_console was discovered allowing data corruption\n or data loss by an untrusted device.\n\nCVE-2021-38166\n\n An integer overflow flaw in the BPF subsystem could allow a local\n attacker to cause a denial of service or potentially the execution\n of arbitrary code. This flaw is mitigated by default in Debian as\n unprivileged calls to bpf() are disabled.\n\nCVE-2021-38199\n\n Michael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n\nCVE-2021-40490\n\n A race condition was discovered in the ext4 subsystem when writing\n to an inline_data file while its xattrs are changing. This could\n result in denial of service.\n\nCVE-2021-41073\n\n Valentina Palmiotti discovered a flaw in io_uring allowing a local\n attacker to escalate privileges.\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 5.10.46-5. This update includes fixes for #993948 and #993978.\n\nWe recommend that you upgrade your linux packages.\n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-09-25T08:09:05", "type": "debian", "title": "[SECURITY] [DSA 4978-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-3653", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-3732", "CVE-2021-3739", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-37576", "CVE-2021-38160", "CVE-2021-38166", "CVE-2021-38199", "CVE-2021-40490", "CVE-2021-41073"], "modified": "2021-09-25T08:09:05", "id": "DEBIAN:DSA-4978-1:4EC47", "href": "https://lists.debian.org/debian-security-announce/2021/msg00163.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-26T18:43:48", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2785-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Ben Hutchings\nOctober 15, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : linux-4.19\nVersion : 4.19.208-1~deb9u1\nCVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3444 CVE-2021-3600\n CVE-2021-3612 CVE-2021-3653 CVE-2021-3655 CVE-2021-3656\n CVE-2021-3679 CVE-2021-3732 CVE-2021-3743 CVE-2021-3753\n CVE-2021-22543 CVE-2021-33624 CVE-2021-34556 CVE-2021-35039\n CVE-2021-35477 CVE-2021-37159 CVE-2021-38160 CVE-2021-38198\n CVE-2021-38199 CVE-2021-38205 CVE-2021-40490\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\nCVE-2020-3702\n\n A flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n\nCVE-2020-16119\n\n Hadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n\nCVE-2021-3444, CVE-2021-3600\n\n Two flaws were discovered in the Extended BPF (eBPF) verifier. A\n local user could exploit these to read and write arbitrary memory\n in the kernel, which could be used for privilege escalation.\n\n This can be mitigated by setting sysctl\n kernel.unprivileged_bpf_disabled=1, which disables eBPF use by\n unprivileged users.\n\nCVE-2021-3612\n\n Murray McAllister reported a flaw in the joystick input subsystem.\n A local user permitted to access a joystick device could exploit\n this to read and write out-of-bounds in the kernel, which could\n be used for privilege escalation.\n\nCVE-2021-3653\n\n Maxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt\n Controller) for the L2 guest. The L2 guest can take advantage of\n this flaw to write to a limited but still relatively large subset\n of the host physical memory.\n\nCVE-2021-3655\n\n Ilja Van Sprundel and Marcelo Ricardo Leitner found multiple flaws\n in the SCTP implementation, where missing validation could lead to\n an out-of-bounds read. On a system using SCTP, a networked\n attacker could exploit these to cause a denial of service (crash).\n\nCVE-2021-3656\n\n Maxim Levitsky and Paolo Bonzini discovered a flaw in the KVM\n hypervisor implementation for AMD processors in the Linux\n kernel. Missing validation of the `virt_ext` VMCB field could\n allow a malicious L1 guest to disable both VMLOAD/VMSAVE\n intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. Under\n these circumstances, the L2 guest is able to run VMLOAD/VMSAVE\n unintercepted and thus read/write portions of the host's physical\n memory.\n\nCVE-2021-3679\n\n A flaw in the Linux kernel tracing module functionality could\n allow a privileged local user (with CAP_SYS_ADMIN capability) to\n cause a denial of service (resource starvation).\n\nCVE-2021-3732\n\n Alois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n\nCVE-2021-3743\n\n An out-of-bounds memory read was discovered in the Qualcomm IPC\n router protocol implementation, allowing to cause a denial of\n service or information leak.\n\nCVE-2021-3753\n\n Minh Yuan reported a race condition in the vt_k_ioctl in\n drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds read\n in vt.\n\nCVE-2021-22543\n\n David Stevens discovered a flaw in how the KVM hypervisor maps\n host memory into a guest. A local user permitted to access\n /dev/kvm could use this to cause certain pages to be freed when\n they should not, leading to a use-after-free. This could be used\n to cause a denial of service (crash or memory corruption) or\n possibly for privilege escalation.\n\nCVE-2021-33624, CVE-2021-34556, CVE-2021-35477\n\n Multiple researchers discovered flaws in the Extended BPF (eBPF)\n verifier's protections against information leaks through\n speculation execution. A local user could exploit these to read\n sensitive information.\n\n This can be mitigated by setting sysctl\n kernel.unprivileged_bpf_disabled=1, which disables eBPF use by\n unprivileged users.\n\nCVE-2021-35039\n\n A flaw was discovered in module signature enforcement. A custom\n kernel with IMA enabled might have allowed loading unsigned kernel\n modules when it should not have.\n\nCVE-2021-37159\n\n A flaw was discovered in the hso driver for Option mobile\n broadband modems. An error during initialisation could lead to a\n double-free or use-after-free. An attacker able to plug in USB\n devices could use this to cause a denial of service (crash or\n memory corruption) or possibly to run arbitrary code.\n\nCVE-2021-38160\n\n A flaw in the virtio_console was discovered allowing data\n corruption or data loss by an untrusted device.\n\nCVE-2021-38198\n\n A flaw was discovered in the KVM implementation for x86\n processors, that could result in virtual memory protection within\n a guest not being applied correctly. When shadow page tables are\n used - i.e. for nested virtualisation, or on CPUs lacking the EPT\n or NPT feature - a user of the guest OS might be able to exploit\n this for denial of service or privilege escalation within the\n guest.\n\nCVE-2021-38199\n\n Michael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n\nCVE-2021-38205\n\n An information leak was discovered in the xilinx_emaclite network\n driver. On a custom kernel where this driver is enabled and used,\n this might make it easier to exploit other kernel bugs.\n\nCVE-2021-40490\n\n A race condition was discovered in the ext4 subsystem when writing\n to an inline_data file while its xattrs are changing. This could\n result in denial of service.\n\nFor Debian 9 stretch, these problems have been fixed in version\n4.19.208-1~deb9u1.\n\nWe recommend that you upgrade your linux-4.19 packages.\n\nFor the detailed security status of linux-4.19 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux-4.19\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n-- \nBen Hutchings\nThe generation of random numbers is too important to be left to chance.\n - Robert Coveyou\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-10-15T21:50:44", "type": "debian", "title": "[SECURITY] [DLA 2785-1] linux-4.19 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-22543", "CVE-2021-33624", "CVE-2021-3444", "CVE-2021-34556", "CVE-2021-35039", "CVE-2021-35477", "CVE-2021-3600", "CVE-2021-3612", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3656", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-3743", "CVE-2021-3753", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-38205", "CVE-2021-40490"], "modified": "2021-10-15T21:50:44", "id": "DEBIAN:DLA-2785-1:A6280", "href": "https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-20T00:36:27", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2843-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Ben Hutchings\nDecember 16, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : linux\nVersion : 4.9.290-1\nCVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-0920 CVE-2021-3612 \n CVE-2021-3653 CVE-2021-3655 CVE-2021-3679 CVE-2021-3732 \n CVE-2021-3753 CVE-2021-3760 CVE-2021-20317 CVE-2021-20321 \n CVE-2021-20322 CVE-2021-22543 CVE-2021-37159 CVE-2021-38160 \n CVE-2021-38198 CVE-2021-38199 CVE-2021-38204 CVE-2021-38205 \n CVE-2021-40490 CVE-2021-41864 CVE-2021-42008 CVE-2021-42739 \n CVE-2021-43389\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service, or information\nleaks.\n\nCVE-2020-3702\n\n A flaw was found in the driver for Atheros IEEE 802.11n family of\n chipsets (ath9k) allowing information disclosure.\n\nCVE-2020-16119\n\n Hadar Manor reported a use-after-free in the DCCP protocol\n implementation in the Linux kernel. A local attacker can take\n advantage of this flaw to cause a denial of service or potentially\n to execute arbitrary code.\n\nCVE-2021-0920\n\n A race condition was discovered in the local sockets (AF_UNIX)\n subsystem, which could lead to a use-after-free. A local user\n could exploit this for denial of service (memory corruption or\n crash), or possibly for privilege escalation.\n\nCVE-2021-3612\n\n Murray McAllister reported a flaw in the joystick input subsystem.\n A local user permitted to access a joystick device could exploit\n this to read and write out-of-bounds in the kernel, which could\n be used for privilege escalation.\n\nCVE-2021-3653\n\n Maxim Levitsky discovered a vulnerability in the KVM hypervisor\n implementation for AMD processors in the Linux kernel: Missing\n validation of the `int_ctl` VMCB field could allow a malicious L1\n guest to enable AVIC support (Advanced Virtual Interrupt\n Controller) for the L2 guest. The L2 guest can take advantage of\n this flaw to write to a limited but still relatively large subset\n of the host physical memory.\n\nCVE-2021-3655\n\n Ilja Van Sprundel and Marcelo Ricardo Leitner found multiple flaws\n in the SCTP implementation, where missing validation could lead to\n an out-of-bounds read. On a system using SCTP, a networked\n attacker could exploit these to cause a denial of service (crash).\n\nCVE-2021-3679\n\n A flaw in the Linux kernel tracing module functionality could\n allow a privileged local user (with CAP_SYS_ADMIN capability) to\n cause a denial of service (resource starvation).\n\nCVE-2021-3732\n\n Alois Wohlschlager reported a flaw in the implementation of the\n overlayfs subsystem, allowing a local attacker with privileges to\n mount a filesystem to reveal files hidden in the original mount.\n\nCVE-2021-3753\n\n Minh Yuan reported a race condition in the vt_k_ioctl in\n drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds read\n in vt.\n\nCVE-2021-3760\n\n Lin Horse reported a flaw in the NCI (NFC Controller Interface)\n driver, which could lead to a use-after-free.\n\n However, this driver is not included in the binary packages\n provided by Debian.\n\nCVE-2021-20317\n\n It was discovered that the timer queue structure could become\n corrupt, leading to waiting tasks never being woken up. A local\n user with certain privileges could exploit this to cause a denial\n of service (system hang).\n\nCVE-2021-20321\n\n A race condition was discovered in the overlayfs filesystem\n driver. A local user with access to an overlayfs mount and to its\n underlying upper directory could exploit this for privilege\n escalation.\n\nCVE-2021-20322\n\n An information leak was discovered in the IPv4 implementation. A\n remote attacker could exploit this to quickly discover which UDP\n ports a system is using, making it easier for them to carry out a\n DNS poisoning attack against that system.\n\nCVE-2021-22543\n\n David Stevens discovered a flaw in how the KVM hypervisor maps\n host memory into a guest. A local user permitted to access\n /dev/kvm could use this to cause certain pages to be freed when\n they should not, leading to a use-after-free. This could be used\n to cause a denial of service (crash or memory corruption) or\n possibly for privilege escalation.\n\nCVE-2021-37159\n\n A flaw was discovered in the hso driver for Option mobile\n broadband modems. An error during initialisation could lead to a\n double-free or use-after-free. An attacker able to plug in USB\n devices could use this to cause a denial of service (crash or\n memory corruption) or possibly to run arbitrary code.\n\nCVE-2021-38160\n\n A flaw in the virtio_console was discovered allowing data\n corruption or data loss by an untrusted device.\n\nCVE-2021-38198\n\n A flaw was discovered in the KVM implementation for x86\n processors, that could result in virtual memory protection within\n a guest not being applied correctly. When shadow page tables are\n used - i.e. for nested virtualisation, or on CPUs lacking the EPT\n or NPT feature - a user of the guest OS might be able to exploit\n this for denial of service or privilege escalation within the\n guest.\n\nCVE-2021-38199\n\n Michael Wakabayashi reported a flaw in the NFSv4 client\n implementation, where incorrect connection setup ordering allows\n operations of a remote NFSv4 server to cause a denial of service.\n\nCVE-2021-38204\n\n A flaw was discovered in the max4321-hcd USB host controller\n driver, which could lead to a use-after-free.\n\n However, this driver is not included in the binary packages\n provided by Debian.\n\nCVE-2021-38205\n\n An information leak was discovered in the xilinx_emaclite network\n driver. On a custom kernel where this driver is enabled and used,\n this might make it easier to exploit other kernel bugs.\n\nCVE-2021-40490\n\n A race condition was discovered in the ext4 subsystem when writing\n to an inline_data file while its xattrs are changing. This could\n result in denial of service.\n\nCVE-2021-41864\n\n An integer overflow was discovered in the Extended BPF (eBPF)\n subsystem. A local user could exploit this for denial of service\n (memory corruption or crash), or possibly for privilege\n escalation.\n\n This can be mitigated by setting sysctl\n kernel.unprivileged_bpf_disabled=1, which disables eBPF use by\n unprivileged users.\n\nCVE-2021-42008\n\n A heap buffer overflow was discovered in the 6pack serial port\n network driver. A local user with CAP_NET_ADMIN capability could\n exploit this for denial of service (memory corruption or crash), or\n possibly for privilege escalation.\n\nCVE-2021-42739\n\n A heap buffer overflow was discovered in the firedtv driver for\n FireWire-connected DVB receivers. A local user with access to a\n firedtv device could exploit this for denial of service (memory\n corruption or crash), or possibly for privilege escalation.\n\nCVE-2021-43389\n\n The Active Defense Lab of Venustech discovered a flaw in the CMTP\n subsystem as used by Bluetooth, which could lead to an\n out-of-bounds read and object type confusion. A local user with\n CAP_NET_ADMIN capability in the initial user namespace could\n exploit this for denial of service (memory corruption or crash),\n or possibly for privilege escalation.\n\nFor Debian 9 stretch, these problems have been fixed in version\n4.9.290-1.\n\nWe recommend that you upgrade your linux packages.\n\nFor the detailed security status of linux please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n\n-- \nBen Hutchings\nHumans are not rational beings; they are rationalising beings.\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-16T21:27:40", "type": "debian", "title": "[SECURITY] [DLA 2843-1] linux security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16119", "CVE-2020-3702", "CVE-2021-0920", "CVE-2021-20317", "CVE-2021-20321", "CVE-2021-20322", "CVE-2021-22543", "CVE-2021-3612", "CVE-2021-3653", "CVE-2021-3655", "CVE-2021-3679", "CVE-2021-37159", "CVE-2021-3732", "CVE-2021-3753", "CVE-2021-3760", "CVE-2021-38160", "CVE-2021-38198", "CVE-2021-38199", "CVE-2021-38204", "CVE-2021-38205", "CVE-2021-40490", "CVE-2021-41864", "CVE-2021-42008", "CVE-2021-42739", "CVE-2021-43389"], "modified": "2021-12-16T21:27:40", "id": "DEBIAN:DLA-2843-1:AB8E9", "href": "https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2022-04-25T16:17:48", "description": "[4.14.35-2047.512.6.el7]\n- Revert 'rds/ib: recover rds connection from stuck rx path' (Rohit Nair) [Orabug: 34039271] \n- uek-rpm: update kABI lists for new symbols (Saeed Mirzamohammadi) [Orabug: 33993774]\n[4.14.35-2047.512.5]\n- netfilter: nf_tables: initialize registers in nft_do_chain() (Pablo Neira Ayuso) [Orabug: 34012925] {CVE-2022-1016}\n- rds: Fix incorrect initialization order (Hakon Bugge) [Orabug: 33923372] \n- btrfs: unlock newly allocated extent buffer after error (Qu Wenruo) [Orabug: 33997138] {CVE-2021-4149}\n- sr9700: sanity check for packet length (Oliver Neukum) [Orabug: 33962706] {CVE-2022-26966}\n[4.14.35-2047.512.4]\n- Linux 4.14.265 (Greg Kroah-Hartman) \n- ext4: fix error handling in ext4_restore_inline_data() (Ritesh Harjani) \n- EDAC/xgene: Fix deferred probing (Sergey Shtylyov) \n- EDAC/altera: Fix deferred probing (Sergey Shtylyov) \n- rtc: cmos: Evaluate century appropriate (Riwen Lu) \n- selftests: futex: Use variable MAKE instead of make (Muhammad Usama Anjum) \n- nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. (Dai Ngo) \n- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (John Meneghini) \n- ASoC: fsl: Add missing error handling in pcm030_fabric_probe (Miaoqian Lin) \n- drm/i915/overlay: Prevent divide by zero bugs in scaling (Dan Carpenter) \n- net: macsec: Verify that send_sci is on when setting Tx sci explicitly (Lior Nahmanson) \n- net: ieee802154: Return meaningful error codes from the netlink helpers (Miquel Raynal) \n- net: ieee802154: ca8210: Stop leaking skb's (Miquel Raynal) \n- spi: meson-spicc: add IRQ check in meson_spicc_probe (Miaoqian Lin) \n- spi: mediatek: Avoid NULL pointer crash in interrupt (Benjamin Gaignard) \n- spi: bcm-qspi: check for valid cs before applying chip select (Kamal Dasu) \n- iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() (Joerg Roedel) \n- iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (Guoqing Jiang) \n- RDMA/mlx4: Don't continue event handler after memory allocation failure (Leon Romanovsky) \n- block: bio-integrity: Advance seed correctly for larger interval sizes (Martin K. Petersen) \n- drm/nouveau: fix off by one in BIOS boundary checking (Nick Lopez) \n- ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() (Mark Brown) \n- ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() (Mark Brown) \n- ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() (Mark Brown) \n- audit: improve audit queue handling when 'audit=1' on cmdline (Paul Moore) \n- af_packet: fix data-race in packet_setsockopt / packet_setsockopt (Eric Dumazet) \n- rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (Eric Dumazet) \n- net: amd-xgbe: Fix skb data length underflow (Shyam Sundar S K) \n- net: amd-xgbe: ensure to reset the tx_timer_active flag (Raju Rangoju) \n- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (Georgi Valkov) \n- netfilter: nat: limit port clash resolution attempts (Florian Westphal) \n- netfilter: nat: remove l4 protocol port rovers (Florian Westphal) \n- bpf: fix truncated jump targets on heavy expansions (Daniel Borkmann) \n- ipv4: raw: lock the socket in raw_bind() (Eric Dumazet) \n- yam: fix a memory leak in yam_siocdevprivate() (Hangyu Hua) \n- ibmvnic: don't spin in tasklet (Sukadev Bhattiprolu) \n- drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (Jose Exposito) \n- drm/msm: Fix wrong size calculation (Xianting Tian) \n- net-procfs: show net devices bound packet types (Jianguo Wu) \n- NFSv4: nfs_atomic_open() can race when looking up a non-regular file (Trond Myklebust) \n- NFSv4: Handle case where the lookup of a directory fails (Trond Myklebust) \n- hwmon: (lm90) Reduce maximum conversion rate for G781 (Guenter Roeck) \n- ping: fix the sk_bound_dev_if match in ping_lookup (Xin Long) \n- net: fix information leakage in /proc/net/ptype (Saeed Mirzamohammadi) \n- ipv6_tunnel: Rate limit warning messages (Ido Schimmel) \n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (John Meneghini) \n- rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev (Matthias Kaehlcke) \n- rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (Sujit Kautkar) \n- i40e: fix unsigned stat widths (Joe Damato) \n- i40e: Increase delay to 1 s after global EMP reset (Jedrzej Jagielski) \n- lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() (Christophe Leroy) \n- powerpc/32: Fix boot failure with GCC latent entropy plugin (Christophe Leroy) \n- net: sfp: ignore disabled SFP node (Marek Behun) \n- usb: typec: tcpm: Do not disconnect while receiving VBUS off (Badhri Jagan Sridharan) \n- USB: core: Fix hang in usb_kill_urb by adding memory barriers (Alan Stern) \n- usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS (Pavankumar Kondeti) \n- usb: common: ulpi: Fix crash in ulpi_match() (Jon Hunter) \n- usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge (Alan Stern) \n- tty: Add support for Brainboxes UC cards. (Cameron Williams) \n- tty: n_gsm: fix SW flow control encoding/handling (daniel.starke@siemens.com) \n- serial: stm32: fix software flow control transfer (Valentin Caron) \n- netfilter: nft_payload: do not update layer 4 checksum when mangling fragments (Pablo Neira Ayuso) \n- PM: wakeup: simplify the output logic of pm_show_wakelocks() (Greg Kroah-Hartman) \n- scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices (Steffen Maier) \n- s390/hypfs: include z/VM guests with access control group set (Vasily Gorbik) \n- Bluetooth: refactor malicious adv data check (Brian Gix) \n- Linux 4.14.264 (Greg Kroah-Hartman) \n- can: bcm: fix UAF of bcm op (Ziyang Xuan) \n- Linux 4.14.263 (Greg Kroah-Hartman) \n- gianfar: fix jumbo packets+napi+rx overrun crash (Michael Braun) \n- gianfar: simplify FCS handling and fix memory leak (Andy Spencer) \n- drm/ttm/nouveau: don't call tt destroy callback on alloc failure. (Dave Airlie) \n- mips,s390,sh,sparc: gup: Work around the 'COW can break either way' issue (Ben Hutchings) \n- lib82596: Fix IRQ check in sni_82596_probe (Miaoqian Lin) \n- scripts/dtc: dtx_diff: remove broken example from help text (Matthias Schiffer) \n- bcmgenet: add WOL IRQ check (Sergey Shtylyov) \n- net_sched: restore 'mpu xxx' handling (Kevin Bracey) \n- dmaengine: at_xdmac: Fix at_xdmac_lld struct definition (Tudor Ambarus) \n- dmaengine: at_xdmac: Fix lld view setting (Tudor Ambarus) \n- dmaengine: at_xdmac: Print debug message after realeasing the lock (Tudor Ambarus) \n- dmaengine: at_xdmac: Don't start transactions at tx_submit level (Tudor Ambarus) \n- libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() (Guillaume Nault) \n- netns: add schedule point in ops_exit_list() (Eric Dumazet) \n- net: axienet: fix number of TX ring slots for available check (Robert Hancock) \n- net: axienet: Wait for PhyRstCmplt after core reset (Robert Hancock) \n- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (Eric Dumazet) \n- parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries (Miaoqian Lin) \n- net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module (Tobias Waldekranz) \n- powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses (Tobias Waldekranz) \n- powerpc/cell: Fix clang -Wimplicit-fallthrough warning (Anders Roxell) \n- RDMA/rxe: Fix a typo in opcode name (Chengguang Xu) \n- RDMA/hns: Modify the mapping attribute of doorbell to device (Yixing Liu) \n- Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization (Lukas Bulwahn) \n- firmware: Update Kconfig help text for Google firmware (Ben Hutchings) \n- drm/radeon: fix error handling in radeon_driver_open_kms (Christian Konig) \n- crypto: stm32/crc32 - Fix kernel BUG triggered in probe() (Marek Vasut) \n- ext4: don't use the orphan list when migrating an inode (Theodore Ts'o) \n- ext4: Fix BUG_ON in ext4_bread when write quota data (Ye Bin) \n- ext4: set csum seed in tmp inode while migrating to extents (Luis Henriques) \n- ext4: make sure quota gets properly shutdown on error (Jan Kara) \n- iwlwifi: mvm: Increase the scan timeout guard to 30 seconds (Ilan Peer) \n- cputime, cpuacct: Include guest time in user time in cpuacct.stat (Andrey Ryabinin) \n- serial: Fix incorrect rs485 polarity on uart open (Lukas Wunner) \n- ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers (Petr Cvachoucek) \n- power: bq25890: Enable continuous conversion for ADC at charging (Yauhen Kharuzhy) \n- ASoC: mediatek: mt8173: fix device_node leak (Tzung-Bi Shih) \n- scsi: sr: Don't use GFP_DMA (Christoph Hellwig) \n- MIPS: Octeon: Fix build errors using clang (Tianjia Zhang) \n- i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters (Lakshmi Sowjanya D) \n- MIPS: OCTEON: add put_device() after of_find_device_by_node() (Ye Guojin) \n- ALSA: seq: Set upper limit of processed events (Takashi Iwai) \n- w1: Misuse of get_user()/put_user() reported by sparse (Christophe Leroy) \n- i2c: mpc: Correct I2C reset procedure (Joakim Tjernlund) \n- powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING (Michael Ellerman) \n- i2c: i801: Don't silently correct invalid transfer size (Heiner Kallweit) \n- powerpc/watchdog: Fix missed watchdog reset due to memory ordering race (Nicholas Piggin) \n- powerpc/btext: add missing of_node_put (Julia Lawall) \n- powerpc/cell: add missing of_node_put (Julia Lawall) \n- powerpc/powernv: add missing of_node_put (Julia Lawall) \n- powerpc/6xx: add missing of_node_put (Julia Lawall) \n- parisc: Avoid calling faulthandler_disabled() twice (John David Anglin) \n- serial: core: Keep mctrl register state and cached copy in sync (Lukas Wunner) \n- serial: pl010: Drop CR register reset on set_termios (Lukas Wunner) \n- net: phy: marvell: configure RGMII delays for 88E1118 (Russell King (Oracle)) \n- dm space map common: add bounds check to sm_ll_lookup_bitmap() (Joe Thornber) \n- dm btree: add a defensive bounds check to insert_at() (Joe Thornber) \n- mac80211: allow non-standard VHT MCS-10/11 (Ping-Ke Shih) \n- net: mdio: Demote probed message to debug print (Florian Fainelli) \n- btrfs: remove BUG_ON(!eie) in find_parent_nodes (Josef Bacik) \n- btrfs: remove BUG_ON() in find_parent_nodes() (Josef Bacik) \n- ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 (Kirill A. Shutemov) \n- ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() (Rafael J. Wysocki) \n- ACPICA: Utilities: Avoid deleting the same object twice in a row (Rafael J. Wysocki) \n- ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions (Mark Langsdorf) \n- jffs2: GC deadlock reading a page that is used in jffs2_write_begin() (Kyeong Yoo) \n- um: registers: Rename function names to avoid conflicts and build problems (Randy Dunlap) \n- iwlwifi: remove module loading failure message (Johannes Berg) \n- iwlwifi: fix leaks/bad data after failed firmware load (Johannes Berg) \n- ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream (Zekun Shen) \n- usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 (Kai-Heng Feng) \n- arm64: tegra: Adjust length of CCPLEX cluster MMIO region (Thierry Reding) \n- mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO (Ulf Hansson) \n- media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() (Zhou Qingyang) \n- media: igorplugusb: receiver overflow should be reported (Sean Young) \n- bpf: Do not WARN in bpf_warn_invalid_xdp_action() (Paolo Abeni) \n- net: bonding: debug: avoid printing debug logs when bond is not notifying peers (Suresh Kumar) \n- ath10k: Fix tx hanging (Sebastian Gottschall) \n- iwlwifi: mvm: synchronize with FW after multicast commands (Johannes Berg) \n- media: m920x: don't use stack on USB reads (Mauro Carvalho Chehab) \n- media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() (Zhou Qingyang) \n- media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. (James Hilliard) \n- floppy: Add max size check for user space request (Xiongwei Song) \n- usb: uhci: add aspeed ast2600 uhci support (Neal Liu) \n- mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (Zekun Shen) \n- HSI: core: Fix return freed object in hsi_new_client (Chengfeng Ye) \n- gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use (Hans de Goede) \n- drm/bridge: megachips: Ensure both bridges are probed before registration (Martyn Welch) \n- mlxsw: pci: Add shutdown method in PCI driver (Danielle Ratson) \n- media: b2c2: Add missing check in flexcop_pci_isr: (Zheyu Ma) \n- HID: apple: Do not reset quirks when the Fn key is not found (Jose Exposito) \n- usb: gadget: f_fs: Use stream_open() for endpoint files (Pavankumar Kondeti) \n- drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR (Ben Skeggs) \n- ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply (Zekun Shen) \n- fs: dlm: filter user dlm messages for kernel locks (Alexander Aring) \n- Bluetooth: Fix debugfs entry leak in hci_register_dev() (Wei Yongjun) \n- RDMA/cxgb4: Set queue pair state when being queried (Kamal Heib) \n- mips: bcm63xx: add support for clk_set_parent() (Randy Dunlap) \n- mips: lantiq: add support for clk_set_parent() (Randy Dunlap) \n- misc: lattice-ecp3-config: Fix task hung when firmware load failed (Wei Yongjun) \n- ASoC: samsung: idma: Check of ioremap return value (Jiasheng Jiang) \n- iommu/iova: Fix race between FQ timeout and teardown (Xiongfeng Wang) \n- dmaengine: pxa/mmp: stop referencing config->slave_id (Arnd Bergmann) \n- RDMA/core: Let ib_find_gid() continue search even after empty entry (Avihai Horon) \n- scsi: ufs: Fix race conditions related to driver data (Bart Van Assche) \n- char/mwave: Adjust io port register size (Kees Cook) \n- ALSA: oss: fix compile error when OSS_DEBUG is enabled (Bixuan Cui) \n- powerpc/prom_init: Fix improper check of prom_getprop() (Peiwei Hu) \n- RDMA/hns: Validate the pkey index (Kamal Heib) \n- ALSA: hda: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) \n- ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) \n- ALSA: jack: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) \n- ext4: avoid trim error on fs with small groups (Jan Kara) \n- net: mcs7830: handle usb read errors properly (Pavel Skripkin) \n- pcmcia: fix setting of kthread task states (Dominik Brodowski) \n- can: xilinx_can: xcan_probe(): check for error irq (Jiasheng Jiang) \n- can: softing: softing_startstop(): fix set but not used variable warning (Marc Kleine-Budde) \n- tpm: add request_locality before write TPM_INT_ENABLE (Chen Jun) \n- spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe (Miaoqian Lin) \n- fsl/fman: Check for null pointer after calling devm_ioremap (Jiasheng Jiang) \n- ppp: ensure minimum packet size in ppp_write() (Eric Dumazet) \n- pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() (Zhou Qingyang) \n- pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() (Zhou Qingyang) \n- x86/mce/inject: Avoid out-of-bounds write when setting flags (Zhang Zixun) \n- usb: ftdi-elan: fix memory leak on device disconnect (Wei Yongjun) \n- media: msi001: fix possible null-ptr-deref in msi001_probe() (Wang Hai) \n- media: dw2102: Fix use after free (Anton Vasilyev) \n- sched/rt: Try to restart rt period timer when rt runtime exceeded (Li Hua) \n- media: si2157: Fix 'warm' tuner state detection (Robert Schlabbach) \n- media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() (Zhou Qingyang) \n- media: dib8000: Fix a memleak in dib8000_init() (Zhou Qingyang) \n- floppy: Fix hang in watchdog when disk is ejected (Tasos Sahanidis) \n- serial: amba-pl011: do not request memory region twice (Lino Sanfilippo) \n- drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() (Zhou Qingyang) \n- drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() (Zhou Qingyang) \n- arm64: dts: qcom: msm8916: fix MMC controller aliases (Dmitry Baryshkov) \n- netfilter: bridge: add support for pppoe filtering (Florian Westphal) \n- media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released (Dafna Hirschfeld) \n- tty: serial: atmel: Call dma_async_issue_pending() (Tudor Ambarus) \n- tty: serial: atmel: Check return code of dmaengine_submit() (Tudor Ambarus) \n- crypto: qce - fix uaf on qce_ahash_register_one (Chengfeng Ye) \n- media: dmxdev: fix UAF when dvb_register_device() fails (Wang Hai) \n- Bluetooth: stop proccessing malicious adv data (Pavel Skripkin) \n- media: em28xx: fix memory leak in em28xx_init_dev (Dongliang Mu) \n- wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND (Bryan O'Donoghue) \n- clk: bcm-2835: Remove rounding up the dividers (Maxime Ripard) \n- clk: bcm-2835: Pick the closest clock rate (Maxime Ripard) \n- Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails (Wang Hai) \n- PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller (Yifeng Li) \n- shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode (Gang Li) \n- can: softing_cs: softingcs_probe(): fix memleak on registration failure (Johan Hovold) \n- media: stk1160: fix control-message timeouts (Johan Hovold) \n- media: pvrusb2: fix control-message timeouts (Johan Hovold) \n- media: redrat3: fix control-message timeouts (Johan Hovold) \n- media: dib0700: fix undefined behavior in tuner shutdown (Michael Kuron) \n- media: s2255: fix control-message timeouts (Johan Hovold) \n- media: cpia2: fix control-message timeouts (Johan Hovold) \n- media: em28xx: fix control-message timeouts (Johan Hovold) \n- media: mceusb: fix control-message timeouts (Johan Hovold) \n- media: flexcop-usb: fix control-message timeouts (Johan Hovold) \n- rtc: cmos: take rtc_lock while reading from CMOS (Mateusz Jonczyk) \n- nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() (Krzysztof Kozlowski) \n- HID: wacom: Avoid using stale array indicies to read contact count (Jason Gerecke) \n- HID: wacom: Ignore the confidence flag when a touch is removed (Jason Gerecke) \n- HID: uhid: Fix worker destroying device without any protection (Jann Horn) \n- Bluetooth: fix init and cleanup of sco_conn.timeout_work (Desmond Cheong Zhi Xi) \n- Bluetooth: schedule SCO timeouts with delayed_work (Desmond Cheong Zhi Xi) \n- rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled (Larry Finger) \n- media: uvcvideo: fix division by zero at stream start (Johan Hovold) \n- orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() (Christophe JAILLET) \n- drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() (Nathan Chancellor) \n- staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() (Nathan Chancellor) \n- random: fix data race on crng init time (Eric Biggers) \n- random: fix data race on crng_node_pool (Eric Biggers) \n- can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} (Brian Silverman) \n- can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data (Marc Kleine-Budde) \n- mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() (Andy Shevchenko) \n- USB: Fix 'slab-out-of-bounds Write' bug in usb_hcd_poll_rh_status (Alan Stern) \n- USB: core: Fix bug in resuming hub's handling of wakeup requests (Alan Stern) \n- Bluetooth: bfusb: fix division by zero in send path (Johan Hovold) \n- Linux 4.14.262 (Greg Kroah-Hartman) \n- mISDN: change function names to avoid conflicts (wolfgang huang) \n- net: udp: fix alignment problem in udp4_seq_show() (yangxingwu) \n- ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate (William Zhao) \n- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (Lixiaokeng) \n- ipv6: Do cleanup if attribute validation fails in multipath route (David Ahern) \n- ipv6: Continue processing multipath route even if gateway attribute is invalid (David Ahern) \n- phonet: refcount leak in pep_sock_accep (Hangyu Hua) \n- rndis_host: support Hytera digital radios (Thomas Toye) \n- power: reset: ltc2952: Fix use of floating point literals (Nathan Chancellor) \n- sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc (Eric Dumazet) \n- ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route (David Ahern) \n- ipv6: Check attribute length for RTA_GATEWAY in multipath route (David Ahern) \n- i40e: Fix incorrect netdev's real number of RX/TX queues (Jedrzej Jagielski) \n- i40e: fix use-after-free in i40e_sync_filters_subtask() (Di Zhu) \n- mac80211: initialize variable have_higher_than_11mbit (Tom Rix) \n- RDMA/core: Don't infoleak GRH fields (Leon Romanovsky) \n- ieee802154: atusb: fix uninit value in atusb_set_extended_addr (Pavel Skripkin) \n- virtio_pci: Support surprise removal of virtio pci device (Parav Pandit) \n- tracing: Tag trace_percpu_buffer as a percpu pointer (Naveen N. Rao) \n- tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() (Naveen N. Rao) \n- Bluetooth: btusb: Apply QCA Rome patches for some ATH3012 models (Takashi Iwai)\n[4.14.35-2047.512.3]\n- lib/timerqueue: Rely on rbtree semantics for next timer (Davidlohr Bueso) [Orabug: 33406086] {CVE-2021-20317} {CVE-2021-20317}\n- rds/ib: Resize CQ if send-/recv-ring-size are changed (Hans Westgaard Ry) [Orabug: 33940520] \n- uek-rpm: remove uek-rpm/ol8 (John Donnelly) [Orabug: 33665655] \n- uek-rpm: Enable config CONFIG_SCSI_MQ_DEFAULT (Saeed Mirzamohammadi) [Orabug: 33973455] \n- sched: restore the sliding search window for select_idle_cpu() (Libo Chen) [Orabug: 33965297] \n- NFSv4: Handle case where the lookup of a directory fails (Trond Myklebust) [Orabug: 33958155] {CVE-2022-24448}\n- Linux 4.14.261 (Greg Kroah-Hartman) \n- sctp: use call_rcu to free endpoint (Xin Long) \n- net: fix use-after-free in tw_timer_handler (Muchun Song) \n- Input: spaceball - fix parsing of movement data packets (Leo L. Schwab) \n- Input: appletouch - initialize work before device registration (Pavel Skripkin) \n- binder: fix async_free_space accounting for empty parcels (Todd Kjos) \n- usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. (Vincent Pelletier) \n- xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. (Mathias Nyman) \n- uapi: fix linux/nfc.h userspace compilation errors (Dmitry V. Levin) \n- nfc: uapi: use kernel size_t to fix user-space builds (Krzysztof Kozlowski) \n- fsl/fman: Fix missing put_device() call in fman_port_probe (Miaoqian Lin) \n- NFC: st21nfca: Fix memory leak in device probe and remove (Wei Yongjun) \n- net: usb: pegasus: Do not drop long Ethernet frames (Matthias-Christian Ott) \n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (Dan Carpenter) \n- selinux: initialize proto variable in selinux_ip_postroute_compat() (Tom Rix) \n- recordmcount.pl: fix typo in s390 mcount regex (Heiko Carstens) \n- platform/x86: apple-gmux: use resource_size() with res (Wang Qing) \n- HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option (Hans de Goede) \n- Linux 4.14.260 (Greg Kroah-Hartman) \n- phonet/pep: refuse to enable an unbound pipe (Remi Denis-Courmont) \n- hamradio: improve the incomplete fix to avoid NPD (Lin Ma) \n- hamradio: defer ax25 kfree after unregister_netdev (Lin Ma) \n- ax25: NPD bug when detaching AX25 device (Lin Ma) \n- hwmon: (lm90) Do not report 'busy' status bit as alarm (Guenter Roeck) \n- KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state (Sean Christopherson) \n- usb: gadget: u_ether: fix race in setting MAC address in setup phase (Marian Postevca) \n- f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() (Chao Yu) \n- ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling (Ard Biesheuvel) \n- pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines (Fabien Dessenne) \n- x86/pkey: Fix undefined behaviour with PKRU_WD_BIT (Andrew Cooper) \n- Input: atmel_mxt_ts - fix double free in mxt_read_info_block (Jose Exposito) \n- ALSA: drivers: opl3: Fix incorrect use of vp->state (Colin Ian King) \n- ALSA: jack: Check the return value of kstrdup() (Xiaoke Wang) \n- hwmon: (lm90) Fix usage of CONFIG2 register in detect function (Guenter Roeck) \n- sfc: falcon: Check null pointer of rx_queue->page_ring (Jiasheng Jiang) \n- drivers: net: smc911x: Check for error irq (Jiasheng Jiang) \n- fjes: Check for error irq (Jiasheng Jiang) \n- bonding: fix ad_actor_system option setting to default (Fernando Fernandez Mancera) \n- net: skip virtio_net_hdr_set_proto if protocol already set (Willem de Bruijn) \n- qlcnic: potential dereference null pointer of rx_queue->page_ring (Jiasheng Jiang) \n- spi: change clk_disable_unprepare to clk_unprepare (Dongliang Mu) \n- HID: holtek: fix mouse probing (Benjamin Tissoires) \n- can: kvaser_usb: get CAN clock frequency from device (Jimmy Assarsson) \n- net: usb: lan78xx: add Allied Telesis AT29M2-AF (Greg Jesionowski) \n- x86/speculation: Add knob for eibrs_retpoline_enabled (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401}\n- x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401}\n- x86/speculation: Update link to AMD speculation whitepaper (Kim Phillips) [Orabug: 33937656] {CVE-2021-26401}\n- x86/speculation: Use generic retpoline by default on AMD (Kim Phillips) [Orabug: 33937656] {CVE-2021-26401}\n- x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Josh Poimboeuf) [Orabug: 33937656] {CVE-2021-26401}\n- Documentation/hw-vuln: Update spectre doc (Peter Zijlstra) [Orabug: 33937656] {CVE-2021-26401}\n- x86/speculation: Add eIBRS + Retpoline options (Peter Zijlstra) [Orabug: 33937656] {CVE-2021-26401}\n- x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE (Peter Zijlstra (Intel)) [Orabug: 33937656] {CVE-2021-26401}\n- x86/speculation: Merge one test in spectre_v2_user_select_mitigation() (Borislav Petkov) [Orabug: 33937656] {CVE-2021-26401}\n- x86/speculation: Update ALTERNATIVEs to (more closely) match upstream (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401}\n- x86/speculation: Fix bug in retpoline mode on AMD with 'spectre_v2=none' (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401}\n- ACPICA: Enable sleep button on ACPI legacy wake (Anchal Agarwal) [Orabug: 33925502] \n- ipv4: tcp: send zero IPID in SYNACK messages (Eric Dumazet) [Orabug: 33917057] {CVE-2020-36516}\n- ipv4: avoid using shared IP generator for connected sockets (Eric Dumazet) [Orabug: 33917057] {CVE-2020-36516}\n- lib/iov_iter: initialize 'flags' in new pipe_buffer (Max Kellermann) [Orabug: 33910800] {CVE-2022-0847}\n- x86/speculation: The choice of retpoline mode is sometimes ignored (Patrick Colp) [Orabug: 33890092] \n- udf: Restore i_lenAlloc when inode expansion fails (Jan Kara) [Orabug: 33870267] {CVE-2022-0617}\n- udf: Fix NULL ptr deref when converting from inline format (Jan Kara) [Orabug: 33870267] {CVE-2022-0617}\n- scsi: libiscsi: Hold back_lock when calling iscsi_complete_task (Gulam Mohamed) [Orabug: 33851182] \n- drm/vmwgfx: Fix stale file descriptors on failed usercopy (Mathias Krause) [Orabug: 33840433] {CVE-2022-22942}\n- drm/i915: Flush TLBs before releasing backing store (Tvrtko Ursulin) [Orabug: 33835811] {CVE-2022-0330}\n- proc/vmcore: fix clearing user buffer by properly using clear_user() (David Hildenbrand) [Orabug: 33832650] \n- rds/ib: recover rds connection from stuck rx path (Nagappan Ramasamy Palaniappan) [Orabug: 33820767] \n- rds: ib: Make selection of completion_vector QoS aware (Hakon Bugge) [Orabug: 33819408] \n- Enable CONFIG_DM_DUST and nano for UEK5 (Gulam Mohamed) [Orabug: 33653698] \n- dm dust: use dust block size for badblocklist index (Bryan Gurney) [Orabug: 33653698] \n- dm dust: Make dm_dust_init and dm_dust_exit static (YueHaibing) [Orabug: 33653698] \n- dm dust: remove redundant unsigned comparison to less than zero (Colin Ian King) [Orabug: 33653698] \n- dm: add dust target (Bryan Gurney) [Orabug: 33653698] \n- hugetlbfs: flush TLBs correctly after huge_pmd_unshare (Nadav Amit) [Orabug: 33617219] {CVE-2021-4002}\n- rds/ib: handle posted ACK during connection shutdown (Nagappan Ramasamy Palaniappan) [Orabug: 33820747] \n- rds/ib: reap tx completions during connection shutdown (Nagappan Ramasamy Palaniappan) [Orabug: 33820747] \n- rds/ib: recover rds connection from stuck tx path (Nagappan Ramasamy Palaniappan) [Orabug: 33820747] \n- rds/ib: Kernel change to extend rds-info functionality (Rohit Nair) [Orabug: 33821341] \n- uek-rpm: Add missing symbols to kabi_lockedlist (Stephen Brennan) [Orabug: 33871558]\n[4.14.35-2047.512.1]\n- Revert 'stable: clamp SUBLEVEL in 4.14' (Alan Maguire) [Orabug: 33861950] \n- tipc: improve size validations for received domain records (Jon Maloy) [Orabug: 33850803] {CVE-2022-0435} {CVE-2022-0435}\n- cgroup-v1: Require capabilities to set release_agent (Eric W. Biederman) [Orabug: 33825688] {CVE-2022-0492}\n- blk-stat: delete useless code (Shaohua Li) [Orabug: 33772945] \n- DMA/rxe: Update default value of RXE_MAX_PDN (Rao Shoaib) [Orabug: 33676598]\n[4.14.35-2047.512.0]\n- bpf: Disallow unprivileged bpf by default (Pawan Gupta) [Orabug: 33734682] \n- bpf: Add kconfig knob for disabling unpriv bpf by default (Daniel Borkmann) [Orabug: 33734682] \n- RDMA/rxe: Use correct sizing on buffers holding page DMA addresses (Shiraz Saleem) [Orabug: 33676942] \n- hwmon: (k10temp) Add support for Zen3 CPUs (Rahul Rohit) [Orabug: 33782835] \n- arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (Ard Biesheuvel) [Orabug: 33787546] \n- uek-rpm: Pensando: Enable Elba EDAC (Dave Kleikamp) [Orabug: 33831294] \n- dsc-drivers: update for 1.15.9-C-64 (Dave Kleikamp) [Orabug: 33831294] \n- drivers/hwmon: Adding support LTC3888 (David Clear) [Orabug: 33831294] \n- drivers/edac: Add Elba EDAC support (David Clear) [Orabug: 33831294] \n- arm64/configs: Remove CONFIG_PENSANDO_SOC_CAPMEM_HUGEPAGE (David Clear) [Orabug: 33831294] \n- drivers/soc/pensando: Add reset cause driver (David Clear) [Orabug: 33831294] \n- net/rds: Fix memory leak in __rds_conn_create() on alloc_ordered_workqueue fail (Freddy Carrillo) [Orabug: 33811475] \n- x86/smpboot: check cpu_initialized_mask first after returning from schedule() (Dongli Zhang) [Orabug: 33544127] \n- Linux 4.14.259 (Greg Kroah-Hartman) \n- xen/console: harden hvc_xen against event channel storms (Juergen Gross) \n- Input: touchscreen - avoid bitwise vs logical OR warning (Nathan Chancellor) \n- ARM: 8800/1: use choice for kernel unwinders (Stefan Agner) \n- mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (Nathan Chancellor) \n- ARM: 8805/2: remove unneeded naked function usage (Nicolas Pitre) \n- net: lan78xx: Avoid unnecessary self assignment (Nathan Chancellor) \n- fuse: annotate lock in fuse_reverse_inval_entry() (Miklos Szeredi) \n- ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name (Fabio Estevam) \n- firmware: arm_scpi: Fix string overflow in SCPI genpd driver (Sudeep Holla) \n- net: systemport: Add global locking for descriptor lifecycle (Florian Fainelli) \n- libata: if T_LENGTH is zero, dma direction should be DMA_NONE (George Kennedy) \n- timekeeping: Really make sure wall_to_monotonic isn't positive (Yu Liao) \n- USB: serial: option: add Telit FN990 compositions (Daniele Palmas) \n- PCI/MSI: Mask MSI-X vectors only on success (Stefan Roese) \n- PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (Thomas Gleixner) \n- USB: gadget: bRequestType is a bitfield, not a enum (Greg Kroah-Hartman) \n- sit: do not call ipip6_dev_free() from sit_init_net() (Eric Dumazet) \n- net/packet: rx_owner_map depends on pg_vec (Willem de Bruijn) \n- ixgbe: set X550 MDIO speed before talking to PHY (Cyril Novikov) \n- igbvf: fix double free in 'igbvf_probe' (Letu Ren) \n- soc/tegra: fuse: Fix bitwise vs. logical OR warning (Nathan Chancellor) \n- dmaengine: st_fdma: fix MODULE_ALIAS (Alyssa Ross) \n- ARM: socfpga: dts: fix qspi node compatible (Dinh Nguyen) \n- x86/sme: Explicitly map new EFI memmap table as encrypted (Tom Lendacky) \n- nfsd: fix use-after-free due to delegation race (J. Bruce Fields) \n- audit: improve robustness of the audit queue handling (Paul Moore) \n- dm btree remove: fix use after free in rebalance_children() (Joe Thornber) \n- recordmcount.pl: look for jgnop instruction as well as bcrl on s390 (Jerome Marchand) \n- mac80211: send ADDBA requests using the tid/queue of the aggregation session (Felix Fietkau) \n- hwmon: (dell-smm) Fix warning on /proc/i8k creation error (Armin Wolf) \n- bpf: fix panic due to oob in bpf_prog_test_run_skb (Daniel Borkmann) \n- tracing: Fix a kmemleak false positive in tracing_map (Chen Jun) \n- net: netlink: af_netlink: Prevent empty skb by adding a check on len. (Harshit Mogalapalli) \n- i2c: rk3x: Handle a spurious start completion interrupt flag (Ondrej Jirman) \n- parisc/agp: Annotate parisc agp init functions with __init (Helge Deller) \n- net/mlx4_en: Update reported link modes for 1/10G (Erik Ekman) \n- drm/msm/dsi: set default num_data_lanes (Philip Chen) \n- nfc: fix segfault in nfc_genl_dump_devices_done (Tadeusz Struk) \n- Linux 4.14.258 (Greg Kroah-Hartman) \n- irqchip: nvic: Fix offset for Interrupt Priority Offsets (Vladimir Murzin) \n- irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL (Wudi Wang) \n- irqchip/armada-370-xp: Fix support for Multi-MSI interrupts (Pali Rohar) \n- irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc() (Pali Rohar) \n- iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove (Yang Yingliang) \n- iio: adc: axp20x_adc: fix charging current reporting on AXP22x (Evgeny Boger) \n- iio: dln2: Check return value of devm_iio_trigger_register() (Lars-Peter Clausen) \n- iio: dln2-adc: Fix lockdep complaint (Noralf Tronnes) \n- iio: itg3200: Call iio_trigger_notify_done() on error (Lars-Peter Clausen) \n- iio: kxsd9: Don't return error code in trigger handler (Lars-Peter Clausen) \n- iio: ltr501: Don't return error code in trigger handler (Lars-Peter Clausen) \n- iio: mma8452: Fix trigger reference couting (Lars-Peter Clausen) \n- iio: stk3310: Don't return error code in interrupt handler (Lars-Peter Clausen) \n- iio: trigger: stm32-timer: fix MODULE_ALIAS (Alyssa Ross) \n- iio: trigger: Fix reference counting (Lars-Peter Clausen) \n- usb: core: config: using bit mask instead of individual bits (Pavel Hofman) \n- xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending (Kai-Heng Feng) \n- usb: core: config: fix validation of wMaxPacketValue entries (Pavel Hofman) \n- USB: gadget: zero allocate endpoint 0 buffers (Greg Kroah-Hartman) \n- USB: gadget: detect too-big endpoint 0 requests (Greg Kroah-Hartman) \n- net/qla3xxx: fix an error code in ql_adapter_up() (Dan Carpenter) \n- net, neigh: clear whole pneigh_entry at alloc time (Eric Dumazet) \n- net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() (Joakim Zhang) \n- net: altera: set a couple error code in probe() (Dan Carpenter) \n- net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero (Lee Jones) \n- qede: validate non LSO skb length (Manish Chopra) \n- block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (Davidlohr Bueso) \n- tracefs: Set all files to the same group ownership as the mount option (Steven Rostedt (VMware)) \n- signalfd: use wake_up_pollfree() (Eric Biggers) \n- binder: use wake_up_pollfree() (Eric Biggers) \n- wait: add wake_up_pollfree() (Eric Biggers) \n- libata: add horkage for ASMedia 1092 (Hannes Reinecke) \n- can: m_can: Disable and ignore ELO interrupt (Brian Silverman) \n- can: pch_can: pch_can_rx_normal: fix use after free (Vincent Mailhol) \n- tracefs: Have new files inherit the ownership of their parent (Steven Rostedt (VMware)) \n- ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() (Takashi Iwai) \n- ALSA: pcm: oss: Limit the period size to 16MB (Takashi Iwai) \n- ALSA: pcm: oss: Fix negative period/buffer sizes (Takashi Iwai) \n- ALSA: ctl: Fix copy of updated id with element read/write (Alan Young) \n- mm: bdi: initialize bdi_min_ratio when bdi is unregistered (Manjong Lee) \n- IB/hfi1: Correct guard on eager buffer deallocation (Mike Marciniszyn) \n- seg6: fix the iif in the IPv6 socket control block (Andrea Mayer) \n- nfp: Fix memory leak in nfp_cpp_area_cache_add() (Jianglei Nie) \n- bpf: Fix the off-by-two error in range markings (Maxim Mikityanskiy) \n- nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (Krzysztof Kozlowski) \n- can: sja1000: fix use after free in ems_pcmcia_add_card() (Dan Carpenter) \n- HID: check for valid USB device for many HID drivers (Greg Kroah-Hartman) \n- HID: wacom: fix problems when device is not a valid USB device (Greg Kroah-Hartman) \n- HID: add USB_HID dependancy on some USB HID drivers (Greg Kroah-Hartman) \n- HID: add USB_HID dependancy to hid-chicony (Greg Kroah-Hartman) \n- HID: add USB_HID dependancy to hid-prodikeys (Greg Kroah-Hartman) \n- HID: add hid_is_usb() function to make it simpler for USB detection (Greg Kroah-Hartman) \n- Linux 4.14.257 (Greg Kroah-Hartman) {CVE-2021-38199}\n- parisc: Mark cr16 CPU clocksource unstable on all SMP machines (Helge Deller) \n- serial: core: fix transmit-buffer reset and memleak (Johan Hovold) \n- serial: pl011: Add ACPI SBSA UART match id (Pierre Gondois) \n- tty: serial: msm_serial: Deactivate RX DMA for polling support (Sven Eckelmann) \n- x86/64/mm: Map all kernel memory into trampoline_pgd (Joerg Roedel) \n- usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect (Badhri Jagan Sridharan) \n- xhci: Fix commad ring abort, write all 64 bits to CRCR register. (Mathias Nyman) \n- vgacon: Propagate console boot parameters before calling 'vc_resize' (Maciej W. Rozycki) \n- parisc: Fix 'make install' on newer debian releases (Helge Deller) \n- parisc: Fix KBUILD_IMAGE for self-extracting kernel (Helge Deller) \n- net/smc: Keep smc_close_final rc during active close (Tony Lu) \n- net/rds: correct socket tunable error in rds_tcp_tune() (William Kucharski) \n- net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of '0' if no IRQ is available (Sven Schuchmann) \n- net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() (Zhou Qingyang) \n- siphash: use _unaligned version by default (Arnd Bergmann) \n- net: mpls: Fix notifications when deleting a device (Benjamin Poirier) \n- net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() (Zhou Qingyang) \n- natsemi: xtensa: fix section mismatch warnings (Randy Dunlap) \n- sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl (Baokun Li) \n- sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl (Baokun Li) \n- kprobes: Limit max data_size of the kretprobe instances (Masami Hiramatsu) \n- vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit (Stephen Suryaputra) \n- perf hist: Fix memory leak of a perf_hpp_fmt (Ian Rogers) \n- net: ethernet: dec: tulip: de4x5: fix possible array overflows in type3_infoblock() (Teng Qi) \n- net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound (zhangyue) \n- ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (Teng Qi) \n- scsi: iscsi: Unblock session then wake up error handler (Mike Christie) \n- thermal: core: Reset previous low and high trip during thermal zone init (Manaf Meethalavalappu Pallikunhi) \n- btrfs: check-integrity: fix a warning on write caching disabled disk (Wang Yugui) \n- s390/setup: avoid using memblock_enforce_memory_limit (Vasily Gorbik) \n- platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep (Slark Xiao) \n- net: return correct error code (liuguoqiang) \n- NFSv42: Fix pagecache invalidation after COPY/CLONE (Benjamin Coddington) \n- ipc: WARN if trying to remove ipc object which is absent (Alexander Mikhalitsyn) \n- shm: extend forced shm destroy to support objects from several IPC nses (Alexander Mikhalitsyn) \n- tty: hvc: replace BUG_ON() with negative return value (Juergen Gross) \n- xen: sync include/xen/interface/io/ring.h with Xen's newest version (Juergen Gross) \n- fuse: release pipe buf after last use (Miklos Szeredi) \n- NFC: add NCI_UNREG flag to eliminate the race (Lin Ma) \n- arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function (Marek Behun) \n- arm64: dts: marvell: armada-37xx: declare PCIe reset pin (Miquel Raynal) \n- pinctrl: armada-37xx: Correct PWM pins definitions (Marek Behun) \n- pinctrl: armada-37xx: add missing pin: PCIe1 Wakeup (Gregory CLEMENT) \n- pinctrl: armada-37xx: Correct mpp definitions (Marek Behun) \n- PCI: aardvark: Fix checking for link up via LTSSM state (Pali Rohar) \n- PCI: aardvark: Fix link training (Pali Rohar) \n- PCI: aardvark: Fix PCIe Max Payload Size setting (Pali Rohar) \n- PCI: aardvark: Configure PCIe resources from 'ranges' DT property (Pali Rohar) \n- PCI: aardvark: Remove PCIe outbound window configuration (Evan Wang) \n- PCI: aardvark: Update comment about disabling link training (Pali Rohar) \n- PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link() (Pali Rohar) \n- PCI: aardvark: Fix compilation on s390 (Pali Rohar) \n- PCI: aardvark: Don't touch PCIe registers if no card connected (Pali Rohar) \n- PCI: aardvark: Introduce an advk_pcie_valid_device() helper (Thomas Petazzoni) \n- PCI: aardvark: Indicate error in 'val' when config read fails (Pali Rohar) \n- PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros (Pali Rohar) \n- PCI: aardvark: Issue PERST via GPIO (Pali Rohar) \n- PCI: aardvark: Improve link training (Marek Behun) \n- PCI: aardvark: Train link immediately after enabling training (Pali Rohar) \n- PCI: aardvark: Wait for endpoint to be ready before training link (Remi Pommarel) \n- PCI: aardvark: Fix a leaked reference by adding missing of_node_put() (Wen Yang) \n- PCI: aardvark: Fix I/O space page leak (Sergei Shtylyov) \n- s390/mm: validate VMA in PGSTE manipulation functions (David Hildenbrand) \n- tracing: Check pid filtering when creating events (Steven Rostedt (VMware)) \n- vhost/vsock: fix incorrect used length reported to the guest (Stefano Garzarella) \n- net/smc: Don't call clcsock shutdown twice when smc shutdown (Tony Lu) \n- MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48 (Huang Pei) \n- tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows (Eric Dumazet) \n- net/smc: Ensure the active closing peer first closes clcsock (Tony Lu) \n- ipv6: fix typos in __ip6_finish_output() (Eric Dumazet) \n- drm/vc4: fix error code in vc4_create_object() (Dan Carpenter) \n- scsi: mpt3sas: Fix kernel panic during drive powercycle test (Sreekanth Reddy) \n- ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE (Takashi Iwai) \n- NFSv42: Don't fail clone() unless the OP_CLONE operation failed (Trond Myklebust) \n- net: ieee802154: handle iftypes as u32 (Alexander Aring) \n- ASoC: topology: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) \n- ARM: dts: BCM5301X: Add interrupt properties to GPIO node (Florian Fainelli) \n- ARM: dts: BCM5301X: Fix I2C controller interrupt (Florian Fainelli) \n- netfilter: ipvs: Fix reuse connection if RS weight is 0 (yangxingwu) \n- tracing: Fix pid filtering when triggers are attached (Steven Rostedt (VMware)) \n- xen: detect uninitialized xenbus in xenbus_init (Stefano Stabellini) \n- xen: don't continue xenstore initialization in case of errors (Stefano Stabellini) \n- fuse: fix page stealing (Miklos Szeredi) \n- staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (Dan Carpenter) \n- HID: wacom: Use 'Confidence' flag to prevent reporting invalid contacts (Jason Gerecke) \n- media: cec: copy sequence field for the reply (Hans Verkuil) \n- ALSA: ctxfi: Fix out-of-range access (Takashi Iwai) \n- usb: hub: Fix locking issues with address0_mutex (Mathias Nyman) \n- usb: hub: Fix usb enumeration issue due to address0 race (Mathias Nyman) \n- USB: serial: option: add Fibocom FM101-GL variants (Mingjie Zhang) \n- USB: serial: option: add Telit LE910S1 0x9200 composition (Daniele Palmas)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-25T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-36516", "CVE-2021-20317", "CVE-2021-26401", "CVE-2021-38199", "CVE-2021-4002", "CVE-2021-4149", "CVE-2022-0330", "CVE-2022-0435", "CVE-2022-0492", "CVE-2022-0617", "CVE-2022-0847", "CVE-2022-1016", "CVE-2022-22942", "CVE-2022-24448", "CVE-2022-26966"], "modified": "2022-04-25T00:00:00", "id": "ELSA-2022-9314", "href": "http://linux.oracle.com/errata/ELSA-2022-9314.html", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-04-25T16:17:38", "description": "[4.14.35-2047.512.6]\n- Revert 'rds/ib: recover rds connection from stuck rx path' (Rohit Nair) [Orabug: 34039271] \n- uek-rpm: update kABI lists for new symbols (Saeed Mirzamohammadi) [Orabug: 33993774]\n[4.14.35-2047.512.5]\n- netfilter: nf_tables: initialize registers in nft_do_chain() (Pablo Neira Ayuso) [Orabug: 34012925] {CVE-2022-1016}\n- rds: Fix incorrect initialization order (Hakon Bugge) [Orabug: 33923372] \n- btrfs: unlock newly allocated extent buffer after error (Qu Wenruo) [Orabug: 33997138] {CVE-2021-4149}\n- sr9700: sanity check for packet length (Oliver Neukum) [Orabug: 33962706] {CVE-2022-26966}\n[4.14.35-2047.512.4]\n- Linux 4.14.265 (Greg Kroah-Hartman) \n- ext4: fix error handling in ext4_restore_inline_data() (Ritesh Harjani) \n- EDAC/xgene: Fix deferred probing (Sergey Shtylyov) \n- EDAC/altera: Fix deferred probing (Sergey Shtylyov) \n- rtc: cmos: Evaluate century appropriate (Riwen Lu) \n- selftests: futex: Use variable MAKE instead of make (Muhammad Usama Anjum) \n- nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. (Dai Ngo) \n- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (John Meneghini) \n- ASoC: fsl: Add missing error handling in pcm030_fabric_probe (Miaoqian Lin) \n- drm/i915/overlay: Prevent divide by zero bugs in scaling (Dan Carpenter) \n- net: macsec: Verify that send_sci is on when setting Tx sci explicitly (Lior Nahmanson) \n- net: ieee802154: Return meaningful error codes from the netlink helpers (Miquel Raynal) \n- net: ieee802154: ca8210: Stop leaking skb's (Miquel Raynal) \n- spi: meson-spicc: add IRQ check in meson_spicc_probe (Miaoqian Lin) \n- spi: mediatek: Avoid NULL pointer crash in interrupt (Benjamin Gaignard) \n- spi: bcm-qspi: check for valid cs before applying chip select (Kamal Dasu) \n- iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() (Joerg Roedel) \n- iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (Guoqing Jiang) \n- RDMA/mlx4: Don't continue event handler after memory allocation failure (Leon Romanovsky) \n- block: bio-integrity: Advance seed correctly for larger interval sizes (Martin K. Petersen) \n- drm/nouveau: fix off by one in BIOS boundary checking (Nick Lopez) \n- ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() (Mark Brown) \n- ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() (Mark Brown) \n- ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() (Mark Brown) \n- audit: improve audit queue handling when 'audit=1' on cmdline (Paul Moore) \n- af_packet: fix data-race in packet_setsockopt / packet_setsockopt (Eric Dumazet) \n- rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (Eric Dumazet) \n- net: amd-xgbe: Fix skb data length underflow (Shyam Sundar S K) \n- net: amd-xgbe: ensure to reset the tx_timer_active flag (Raju Rangoju) \n- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (Georgi Valkov) \n- netfilter: nat: limit port clash resolution attempts (Florian Westphal) \n- netfilter: nat: remove l4 protocol port rovers (Florian Westphal) \n- bpf: fix truncated jump targets on heavy expansions (Daniel Borkmann) \n- ipv4: raw: lock the socket in raw_bind() (Eric Dumazet) \n- yam: fix a memory leak in yam_siocdevprivate() (Hangyu Hua) \n- ibmvnic: don't spin in tasklet (Sukadev Bhattiprolu) \n- drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (Jose Exposito) \n- drm/msm: Fix wrong size calculation (Xianting Tian) \n- net-procfs: show net devices bound packet types (Jianguo Wu) \n- NFSv4: nfs_atomic_open() can race when looking up a non-regular file (Trond Myklebust) \n- NFSv4: Handle case where the lookup of a directory fails (Trond Myklebust) \n- hwmon: (lm90) Reduce maximum conversion rate for G781 (Guenter Roeck) \n- ping: fix the sk_bound_dev_if match in ping_lookup (Xin Long) \n- net: fix information leakage in /proc/net/ptype (Saeed Mirzamohammadi) \n- ipv6_tunnel: Rate limit warning messages (Ido Schimmel) \n- scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (John Meneghini) \n- rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev (Matthias Kaehlcke) \n- rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (Sujit Kautkar) \n- i40e: fix unsigned stat widths (Joe Damato) \n- i40e: Increase delay to 1 s after global EMP reset (Jedrzej Jagielski) \n- lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() (Christophe Leroy) \n- powerpc/32: Fix boot failure with GCC latent entropy plugin (Christophe Leroy) \n- net: sfp: ignore disabled SFP node (Marek Behun) \n- usb: typec: tcpm: Do not disconnect while receiving VBUS off (Badhri Jagan Sridharan) \n- USB: core: Fix hang in usb_kill_urb by adding memory barriers (Alan Stern) \n- usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS (Pavankumar Kondeti) \n- usb: common: ulpi: Fix crash in ulpi_match() (Jon Hunter) \n- usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge (Alan Stern) \n- tty: Add support for Brainboxes UC cards. (Cameron Williams) \n- tty: n_gsm: fix SW flow control encoding/handling (daniel.starke@siemens.com) \n- serial: stm32: fix software flow control transfer (Valentin Caron) \n- netfilter: nft_payload: do not update layer 4 checksum when mangling fragments (Pablo Neira Ayuso) \n- PM: wakeup: simplify the output logic of pm_show_wakelocks() (Greg Kroah-Hartman) \n- scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices (Steffen Maier) \n- s390/hypfs: include z/VM guests with access control group set (Vasily Gorbik) \n- Bluetooth: refactor malicious adv data check (Brian Gix) \n- Linux 4.14.264 (Greg Kroah-Hartman) \n- can: bcm: fix UAF of bcm op (Ziyang Xuan) \n- Linux 4.14.263 (Greg Kroah-Hartman) \n- gianfar: fix jumbo packets+napi+rx overrun crash (Michael Braun) \n- gianfar: simplify FCS handling and fix memory leak (Andy Spencer) \n- drm/ttm/nouveau: don't call tt destroy callback on alloc failure. (Dave Airlie) \n- mips,s390,sh,sparc: gup: Work around the 'COW can break either way' issue (Ben Hutchings) \n- lib82596: Fix IRQ check in sni_82596_probe (Miaoqian Lin) \n- scripts/dtc: dtx_diff: remove broken example from help text (Matthias Schiffer) \n- bcmgenet: add WOL IRQ check (Sergey Shtylyov) \n- net_sched: restore 'mpu xxx' handling (Kevin Bracey) \n- dmaengine: at_xdmac: Fix at_xdmac_lld struct definition (Tudor Ambarus) \n- dmaengine: at_xdmac: Fix lld view setting (Tudor Ambarus) \n- dmaengine: at_xdmac: Print debug message after realeasing the lock (Tudor Ambarus) \n- dmaengine: at_xdmac: Don't start transactions at tx_submit level (Tudor Ambarus) \n- libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() (Guillaume Nault) \n- netns: add schedule point in ops_exit_list() (Eric Dumazet) \n- net: axienet: fix number of TX ring slots for available check (Robert Hancock) \n- net: axienet: Wait for PhyRstCmplt after core reset (Robert Hancock) \n- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (Eric Dumazet) \n- parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries (Miaoqian Lin) \n- net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module (Tobias Waldekranz) \n- powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses (Tobias Waldekranz) \n- powerpc/cell: Fix clang -Wimplicit-fallthrough warning (Anders Roxell) \n- RDMA/rxe: Fix a typo in opcode name (Chengguang Xu) \n- RDMA/hns: Modify the mapping attribute of doorbell to device (Yixing Liu) \n- Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization (Lukas Bulwahn) \n- firmware: Update Kconfig help text for Google firmware (Ben Hutchings) \n- drm/radeon: fix error handling in radeon_driver_open_kms (Christian Konig) \n- crypto: stm32/crc32 - Fix kernel BUG triggered in probe() (Marek Vasut) \n- ext4: don't use the orphan list when migrating an inode (Theodore Ts'o) \n- ext4: Fix BUG_ON in ext4_bread when write quota data (Ye Bin) \n- ext4: set csum seed in tmp inode while migrating to extents (Luis Henriques) \n- ext4: make sure quota gets properly shutdown on error (Jan Kara) \n- iwlwifi: mvm: Increase the scan timeout guard to 30 seconds (Ilan Peer) \n- cputime, cpuacct: Include guest time in user time in cpuacct.stat (Andrey Ryabinin) \n- serial: Fix incorrect rs485 polarity on uart open (Lukas Wunner) \n- ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers (Petr Cvachoucek) \n- power: bq25890: Enable continuous conversion for ADC at charging (Yauhen Kharuzhy) \n- ASoC: mediatek: mt8173: fix device_node leak (Tzung-Bi Shih) \n- scsi: sr: Don't use GFP_DMA (Christoph Hellwig) \n- MIPS: Octeon: Fix build errors using clang (Tianjia Zhang) \n- i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters (Lakshmi Sowjanya D) \n- MIPS: OCTEON: add put_device() after of_find_device_by_node() (Ye Guojin) \n- ALSA: seq: Set upper limit of processed events (Takashi Iwai) \n- w1: Misuse of get_user()/put_user() reported by sparse (Christophe Leroy) \n- i2c: mpc: Correct I2C reset procedure (Joakim Tjernlund) \n- powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING (Michael Ellerman) \n- i2c: i801: Don't silently correct invalid transfer size (Heiner Kallweit) \n- powerpc/watchdog: Fix missed watchdog reset due to memory ordering race (Nicholas Piggin) \n- powerpc/btext: add missing of_node_put (Julia Lawall) \n- powerpc/cell: add missing of_node_put (Julia Lawall) \n- powerpc/powernv: add missing of_node_put (Julia Lawall) \n- powerpc/6xx: add missing of_node_put (Julia Lawall) \n- parisc: Avoid calling faulthandler_disabled() twice (John David Anglin) \n- serial: core: Keep mctrl register state and cached copy in sync (Lukas Wunner) \n- serial: pl010: Drop CR register reset on set_termios (Lukas Wunner) \n- net: phy: marvell: configure RGMII delays for 88E1118 (Russell King (Oracle)) \n- dm space map common: add bounds check to sm_ll_lookup_bitmap() (Joe Thornber) \n- dm btree: add a defensive bounds check to insert_at() (Joe Thornber) \n- mac80211: allow non-standard VHT MCS-10/11 (Ping-Ke Shih) \n- net: mdio: Demote probed message to debug print (Florian Fainelli) \n- btrfs: remove BUG_ON(!eie) in find_parent_nodes (Josef Bacik) \n- btrfs: remove BUG_ON() in find_parent_nodes() (Josef Bacik) \n- ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 (Kirill A. Shutemov) \n- ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() (Rafael J. Wysocki) \n- ACPICA: Utilities: Avoid deleting the same object twice in a row (Rafael J. Wysocki) \n- ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions (Mark Langsdorf) \n- jffs2: GC deadlock reading a page that is used in jffs2_write_begin() (Kyeong Yoo) \n- um: registers: Rename function names to avoid conflicts and build problems (Randy Dunlap) \n- iwlwifi: remove module loading failure message (Johannes Berg) \n- iwlwifi: fix leaks/bad data after failed firmware load (Johannes Berg) \n- ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream (Zekun Shen) \n- usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 (Kai-Heng Feng) \n- arm64: tegra: Adjust length of CCPLEX cluster MMIO region (Thierry Reding) \n- mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO (Ulf Hansson) \n- media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() (Zhou Qingyang) \n- media: igorplugusb: receiver overflow should be reported (Sean Young) \n- bpf: Do not WARN in bpf_warn_invalid_xdp_action() (Paolo Abeni) \n- net: bonding: debug: avoid printing debug logs when bond is not notifying peers (Suresh Kumar) \n- ath10k: Fix tx hanging (Sebastian Gottschall) \n- iwlwifi: mvm: synchronize with FW after multicast commands (Johannes Berg) \n- media: m920x: don't use stack on USB reads (Mauro Carvalho Chehab) \n- media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() (Zhou Qingyang) \n- media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. (James Hilliard) \n- floppy: Add max size check for user space request (Xiongwei Song) \n- usb: uhci: add aspeed ast2600 uhci support (Neal Liu) \n- mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (Zekun Shen) \n- HSI: core: Fix return freed object in hsi_new_client (Chengfeng Ye) \n- gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use (Hans de Goede) \n- drm/bridge: megachips: Ensure both bridges are probed before registration (Martyn Welch) \n- mlxsw: pci: Add shutdown method in PCI driver (Danielle Ratson) \n- media: b2c2: Add missing check in flexcop_pci_isr: (Zheyu Ma) \n- HID: apple: Do not reset quirks when the Fn key is not found (Jose Exposito) \n- usb: gadget: f_fs: Use stream_open() for endpoint files (Pavankumar Kondeti) \n- drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR (Ben Skeggs) \n- ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply (Zekun Shen) \n- fs: dlm: filter user dlm messages for kernel locks (Alexander Aring) \n- Bluetooth: Fix debugfs entry leak in hci_register_dev() (Wei Yongjun) \n- RDMA/cxgb4: Set queue pair state when being queried (Kamal Heib) \n- mips: bcm63xx: add support for clk_set_parent() (Randy Dunlap) \n- mips: lantiq: add support for clk_set_parent() (Randy Dunlap) \n- misc: lattice-ecp3-config: Fix task hung when firmware load failed (Wei Yongjun) \n- ASoC: samsung: idma: Check of ioremap return value (Jiasheng Jiang) \n- iommu/iova: Fix race between FQ timeout and teardown (Xiongfeng Wang) \n- dmaengine: pxa/mmp: stop referencing config->slave_id (Arnd Bergmann) \n- RDMA/core: Let ib_find_gid() continue search even after empty entry (Avihai Horon) \n- scsi: ufs: Fix race conditions related to driver data (Bart Van Assche) \n- char/mwave: Adjust io port register size (Kees Cook) \n- ALSA: oss: fix compile error when OSS_DEBUG is enabled (Bixuan Cui) \n- powerpc/prom_init: Fix improper check of prom_getprop() (Peiwei Hu) \n- RDMA/hns: Validate the pkey index (Kamal Heib) \n- ALSA: hda: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) \n- ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) \n- ALSA: jack: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) \n- ext4: avoid trim error on fs with small groups (Jan Kara) \n- net: mcs7830: handle usb read errors properly (Pavel Skripkin) \n- pcmcia: fix setting of kthread task states (Dominik Brodowski) \n- can: xilinx_can: xcan_probe(): check for error irq (Jiasheng Jiang) \n- can: softing: softing_startstop(): fix set but not used variable warning (Marc Kleine-Budde) \n- tpm: add request_locality before write TPM_INT_ENABLE (Chen Jun) \n- spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe (Miaoqian Lin) \n- fsl/fman: Check for null pointer after calling devm_ioremap (Jiasheng Jiang) \n- ppp: ensure minimum packet size in ppp_write() (Eric Dumazet) \n- pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() (Zhou Qingyang) \n- pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() (Zhou Qingyang) \n- x86/mce/inject: Avoid out-of-bounds write when setting flags (Zhang Zixun) \n- usb: ftdi-elan: fix memory leak on device disconnect (Wei Yongjun) \n- media: msi001: fix possible null-ptr-deref in msi001_probe() (Wang Hai) \n- media: dw2102: Fix use after free (Anton Vasilyev) \n- sched/rt: Try to restart rt period timer when rt runtime exceeded (Li Hua) \n- media: si2157: Fix 'warm' tuner state detection (Robert Schlabbach) \n- media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() (Zhou Qingyang) \n- media: dib8000: Fix a memleak in dib8000_init() (Zhou Qingyang) \n- floppy: Fix hang in watchdog when disk is ejected (Tasos Sahanidis) \n- serial: amba-pl011: do not request memory region twice (Lino Sanfilippo) \n- drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() (Zhou Qingyang) \n- drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() (Zhou Qingyang) \n- arm64: dts: qcom: msm8916: fix MMC controller aliases (Dmitry Baryshkov) \n- netfilter: bridge: add support for pppoe filtering (Florian Westphal) \n- media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released (Dafna Hirschfeld) \n- tty: serial: atmel: Call dma_async_issue_pending() (Tudor Ambarus) \n- tty: serial: atmel: Check return code of dmaengine_submit() (Tudor Ambarus) \n- crypto: qce - fix uaf on qce_ahash_register_one (Chengfeng Ye) \n- media: dmxdev: fix UAF when dvb_register_device() fails (Wang Hai) \n- Bluetooth: stop proccessing malicious adv data (Pavel Skripkin) \n- media: em28xx: fix memory leak in em28xx_init_dev (Dongliang Mu) \n- wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND (Bryan O'Donoghue) \n- clk: bcm-2835: Remove rounding up the dividers (Maxime Ripard) \n- clk: bcm-2835: Pick the closest clock rate (Maxime Ripard) \n- Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails (Wang Hai) \n- PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller (Yifeng Li) \n- shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode (Gang Li) \n- can: softing_cs: softingcs_probe(): fix memleak on registration failure (Johan Hovold) \n- media: stk1160: fix control-message timeouts (Johan Hovold) \n- media: pvrusb2: fix control-message timeouts (Johan Hovold) \n- media: redrat3: fix control-message timeouts (Johan Hovold) \n- media: dib0700: fix undefined behavior in tuner shutdown (Michael Kuron) \n- media: s2255: fix control-message timeouts (Johan Hovold) \n- media: cpia2: fix control-message timeouts (Johan Hovold) \n- media: em28xx: fix control-message timeouts (Johan Hovold) \n- media: mceusb: fix control-message timeouts (Johan Hovold) \n- media: flexcop-usb: fix control-message timeouts (Johan Hovold) \n- rtc: cmos: take rtc_lock while reading from CMOS (Mateusz Jonczyk) \n- nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() (Krzysztof Kozlowski) \n- HID: wacom: Avoid using stale array indicies to read contact count (Jason Gerecke) \n- HID: wacom: Ignore the confidence flag when a touch is removed (Jason Gerecke) \n- HID: uhid: Fix worker destroying device without any protection (Jann Horn) \n- Bluetooth: fix init and cleanup of sco_conn.timeout_work (Desmond Cheong Zhi Xi) \n- Bluetooth: schedule SCO timeouts with delayed_work (Desmond Cheong Zhi Xi) \n- rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled (Larry Finger) \n- media: uvcvideo: fix division by zero at stream start (Johan Hovold) \n- orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() (Christophe JAILLET) \n- drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() (Nathan Chancellor) \n- staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() (Nathan Chancellor) \n- random: fix data race on crng init time (Eric Biggers) \n- random: fix data race on crng_node_pool (Eric Biggers) \n- can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} (Brian Silverman) \n- can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data (Marc Kleine-Budde) \n- mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() (Andy Shevchenko) \n- USB: Fix 'slab-out-of-bounds Write' bug in usb_hcd_poll_rh_status (Alan Stern) \n- USB: core: Fix bug in resuming hub's handling of wakeup requests (Alan Stern) \n- Bluetooth: bfusb: fix division by zero in send path (Johan Hovold) \n- Linux 4.14.262 (Greg Kroah-Hartman) \n- mISDN: change function names to avoid conflicts (wolfgang huang) \n- net: udp: fix alignment problem in udp4_seq_show() (yangxingwu) \n- ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate (William Zhao) \n- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (Lixiaokeng) \n- ipv6: Do cleanup if attribute validation fails in multipath route (David Ahern) \n- ipv6: Continue processing multipath route even if gateway attribute is invalid (David Ahern) \n- phonet: refcount leak in pep_sock_accep (Hangyu Hua) \n- rndis_host: support Hytera digital radios (Thomas Toye) \n- power: reset: ltc2952: Fix use of floating point literals (Nathan Chancellor) \n- sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc (Eric Dumazet) \n- ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route (David Ahern) \n- ipv6: Check attribute length for RTA_GATEWAY in multipath route (David Ahern) \n- i40e: Fix incorrect netdev's real number of RX/TX queues (Jedrzej Jagielski) \n- i40e: fix use-after-free in i40e_sync_filters_subtask() (Di Zhu) \n- mac80211: initialize variable have_higher_than_11mbit (Tom Rix) \n- RDMA/core: Don't infoleak GRH fields (Leon Romanovsky) \n- ieee802154: atusb: fix uninit value in atusb_set_extended_addr (Pavel Skripkin) \n- virtio_pci: Support surprise removal of virtio pci device (Parav Pandit) \n- tracing: Tag trace_percpu_buffer as a percpu pointer (Naveen N. Rao) \n- tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() (Naveen N. Rao) \n- Bluetooth: btusb: Apply QCA Rome patches for some ATH3012 models (Takashi Iwai)\n[4.14.35-2047.512.3]\n- lib/timerqueue: Rely on rbtree semantics for next timer (Davidlohr Bueso) [Orabug: 33406086] {CVE-2021-20317} {CVE-2021-20317}\n- rds/ib: Resize CQ if send-/recv-ring-size are changed (Hans Westgaard Ry) [Orabug: 33940520] \n- uek-rpm: remove uek-rpm/ol8 (John Donnelly) [Orabug: 33665655] \n- uek-rpm: Enable config CONFIG_SCSI_MQ_DEFAULT (Saeed Mirzamohammadi) [Orabug: 33973455] \n- sched: restore the sliding search window for select_idle_cpu() (Libo Chen) [Orabug: 33965297] \n- NFSv4: Handle case where the lookup of a directory fails (Trond Myklebust) [Orabug: 33958155] {CVE-2022-24448}\n- Linux 4.14.261 (Greg Kroah-Hartman) \n- sctp: use call_rcu to free endpoint (Xin Long) \n- net: fix use-after-free in tw_timer_handler (Muchun Song) \n- Input: spaceball - fix parsing of movement data packets (Leo L. Schwab) \n- Input: appletouch - initialize work before device registration (Pavel Skripkin) \n- binder: fix async_free_space accounting for empty parcels (Todd Kjos) \n- usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. (Vincent Pelletier) \n- xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. (Mathias Nyman) \n- uapi: fix linux/nfc.h userspace compilation errors (Dmitry V. Levin) \n- nfc: uapi: use kernel size_t to fix user-space builds (Krzysztof Kozlowski) \n- fsl/fman: Fix missing put_device() call in fman_port_probe (Miaoqian Lin) \n- NFC: st21nfca: Fix memory leak in device probe and remove (Wei Yongjun) \n- net: usb: pegasus: Do not drop long Ethernet frames (Matthias-Christian Ott) \n- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (Dan Carpenter) \n- selinux: initialize proto variable in selinux_ip_postroute_compat() (Tom Rix) \n- recordmcount.pl: fix typo in s390 mcount regex (Heiko Carstens) \n- platform/x86: apple-gmux: use resource_size() with res (Wang Qing) \n- HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option (Hans de Goede) \n- Linux 4.14.260 (Greg Kroah-Hartman) \n- phonet/pep: refuse to enable an unbound pipe (Remi Denis-Courmont) \n- hamradio: improve the incomplete fix to avoid NPD (Lin Ma) \n- hamradio: defer ax25 kfree after unregister_netdev (Lin Ma) \n- ax25: NPD bug when detaching AX25 device (Lin Ma) \n- hwmon: (lm90) Do not report 'busy' status bit as alarm (Guenter Roeck) \n- KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state (Sean Christopherson) \n- usb: gadget: u_ether: fix race in setting MAC address in setup phase (Marian Postevca) \n- f2fs: fix to do sanity check on last xattr entry in __f2fs_set