Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DLA-3380.NASL
HistoryApr 02, 2023 - 12:00 a.m.

Debian DLA-3380-1 : firmware-nonfree - LTS security update

2023-04-0200:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
JSON

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3380 advisory.

  • Integer overflow in the firmware for some Intel® Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access. (CVE-2020-12362)

  • Improper input validation in some Intel® Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access. (CVE-2020-12363)

  • Null pointer reference in some Intel® Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access. (CVE-2020-12364)

  • The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn’t require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
    (CVE-2020-24586)

  • The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn’t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. (CVE-2020-24587)

  • The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn’t require that the A-MSDU flag in the plaintext QoS header field is authenticated.
    Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. (CVE-2020-24588)

  • Out of bounds read for some Intel® PROSet/Wireless WiFi and Killer™ WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. (CVE-2021-23168)

  • Improper initialization for some Intel® PROSet/Wireless WiFi and Killer™ WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2021-23223)

  • Improper access control for some Intel® PROSet/Wireless WiFi and Killer™ WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2021-37409)

  • Improper input validation for some Intel® PROSet/Wireless WiFi and Killer™ WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. (CVE-2021-44545)

  • Improper input validation for some Intel® PROSet/Wireless WiFi and Killer™ WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. (CVE-2022-21181)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
#
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory dla-3380. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#

include('compat.inc');

if (description)
{
  script_id(173776);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/04/19");

  script_cve_id(
    "CVE-2020-12362",
    "CVE-2020-12363",
    "CVE-2020-12364",
    "CVE-2020-24586",
    "CVE-2020-24587",
    "CVE-2020-24588",
    "CVE-2021-23168",
    "CVE-2021-23223",
    "CVE-2021-37409",
    "CVE-2021-44545",
    "CVE-2022-21181"
  );

  script_name(english:"Debian DLA-3380-1 : firmware-nonfree - LTS security update");

  script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing one or more security-related updates.");
  script_set_attribute(attribute:"description", value:
"The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the
dla-3380 advisory.

  - Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version
    26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an
    escalation of privilege via local access. (CVE-2020-12362)

  - Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and
    before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via
    local access. (CVE-2020-12363)

  - Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and
    before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of
    service via local access. (CVE-2020-12364)

  - The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent
    Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a
    network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP,
    CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
    (CVE-2020-24586)

  - The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent
    Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary
    can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP,
    CCMP, or GCMP encryption key is periodically renewed. (CVE-2020-24587)

  - The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent
    Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
    Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an
    adversary can abuse this to inject arbitrary network packets. (CVE-2020-24588)

  - Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an
    unauthenticated user to potentially enable denial of service via adjacent access. (CVE-2021-23168)

  - Improper initialization for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a
    privileged user to potentially enable escalation of privilege via local access. (CVE-2021-23223)

  - Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a
    privileged user to potentially enable escalation of privilege via local access. (CVE-2021-37409)

  - Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an
    unauthenticated user to potentially enable denial of service via adjacent access. (CVE-2021-44545)

  - Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a
    privileged user to potentially enable escalation of privilege via local access. (CVE-2022-21181)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844056");
  # https://security-tracker.debian.org/tracker/source-package/firmware-nonfree
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?42c4e444");
  script_set_attribute(attribute:"see_also", value:"https://www.debian.org/lts/security/2023/dla-3380");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2020-12362");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2020-12363");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2020-12364");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2020-24586");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2020-24587");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2020-24588");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2021-23168");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2021-23223");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2021-37409");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2021-44545");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-21181");
  script_set_attribute(attribute:"see_also", value:"https://packages.debian.org/source/buster/firmware-nonfree");
  script_set_attribute(attribute:"solution", value:
"Upgrade the firmware-nonfree packages.

For Debian 10 buster, these problems have been fixed in version 20190114+really20220913-0+deb10u1.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-12362");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-21181");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/02/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/04/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/04/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-adi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-amd-graphics");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-atheros");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-bnx2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-bnx2x");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-brcm80211");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-cavium");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-intel-sound");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-intelwimax");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-ipw2x00");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-ivtv");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-iwlwifi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-libertas");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-linux");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-linux-nonfree");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-misc-nonfree");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-myricom");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-netronome");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-netxen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-qcom-media");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-qlogic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-ralink");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-realtek");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-samsung");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-siano");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:firmware-ti-connectivity");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Debian Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);

var debian_release = get_kb_item('Host/Debian/release');
if ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');
debian_release = chomp(debian_release);
if (! preg(pattern:"^(10)\.[0-9]+", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);

var pkgs = [
    {'release': '10.0', 'prefix': 'firmware-adi', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-amd-graphics', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-atheros', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-bnx2', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-bnx2x', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-brcm80211', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-cavium', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-intel-sound', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-intelwimax', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-ipw2x00', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-ivtv', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-iwlwifi', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-libertas', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-linux', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-linux-nonfree', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-misc-nonfree', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-myricom', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-netronome', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-netxen', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-qcom-media', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-qlogic', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-ralink', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-realtek', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-samsung', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-siano', 'reference': '20190114+really20220913-0+deb10u1'},
    {'release': '10.0', 'prefix': 'firmware-ti-connectivity', 'reference': '20190114+really20220913-0+deb10u1'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var _release = NULL;
  var prefix = NULL;
  var reference = NULL;
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (_release && prefix && reference) {
    if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : deb_report_get()
  );
  exit(0);
}
else
{
  var tested = deb_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'firmware-adi / firmware-amd-graphics / firmware-atheros / etc');
}
VendorProductVersionCPE
debiandebian_linuxfirmware-adip-cpe:/a:debian:debian_linux:firmware-adi
debiandebian_linuxfirmware-amd-graphicsp-cpe:/a:debian:debian_linux:firmware-amd-graphics
debiandebian_linuxfirmware-atherosp-cpe:/a:debian:debian_linux:firmware-atheros
debiandebian_linuxfirmware-bnx2p-cpe:/a:debian:debian_linux:firmware-bnx2
debiandebian_linuxfirmware-bnx2xp-cpe:/a:debian:debian_linux:firmware-bnx2x
debiandebian_linuxfirmware-brcm80211p-cpe:/a:debian:debian_linux:firmware-brcm80211
debiandebian_linuxfirmware-caviump-cpe:/a:debian:debian_linux:firmware-cavium
debiandebian_linuxfirmware-intel-soundp-cpe:/a:debian:debian_linux:firmware-intel-sound
debiandebian_linuxfirmware-intelwimaxp-cpe:/a:debian:debian_linux:firmware-intelwimax
debiandebian_linuxfirmware-ipw2x00p-cpe:/a:debian:debian_linux:firmware-ipw2x00
Rows per page:
1-10 of 271

References

Related

openvas 32
osv 6
debian 1
nessus 54
redhat 7
lenovo 2
intel 2
hp 3
rocky 1
suse 4
centos 1
oraclelinux 6
debiancve 11
prion 11
ics 2
cve 11
redhatcve 6
veracode 6
ubuntucve 6
mscve 2
almalinux 1
mageia 2
attackerkb 1
ibm 2
checkpoint_security 1
thn 1
malwarebytes 1
hackerone 1
threatpost 1
cisco 1
arista 1
ubuntu 6
cloudfoundry 1
krebs 1
freebsd_advisory 1
freebsd 1
mskb 2
openvas
openvas
Debian: Security Advisory (DLA-3380-1)
2023-04-05 00:00:00
Huawei EulerOS: Security Advisory for linux-firmware (EulerOS-SA-2023-1107)
2023-01-09 00:00:00
Huawei EulerOS: Security Advisory for linux-firmware (EulerOS-SA-2023-1627)
2023-04-27 00:00:00
osv
osv
firmware-nonfree - security update
2023-04-01 00:00:00
Important: linux-firmware security, bug fix, and enhancement update
2021-05-18 05:40:51
linux-kvm vulnerabilities
2021-06-25 19:56:40
debian
debian
[SECURITY] [DLA 3380-1] firmware-nonfree LTS new upstream version (security updates and newer firmware for Linux 5.10)
2023-04-01 20:17:04
nessus
nessus
Rocky Linux 8 : linux-firmware (RLSA-2021:1620)
2023-11-06 00:00:00
EulerOS 2.0 SP9 : linux-firmware (EulerOS-SA-2023-1107)
2023-01-06 00:00:00
EulerOS Virtualization 2.9.0 : linux-firmware (EulerOS-SA-2023-1661)
2023-04-27 00:00:00
redhat
redhat
(RHSA-2021:1620) Important: linux-firmware security, bug fix, and enhancement update
2021-05-18 05:40:51
(RHSA-2021:2316) Important: kernel-rt security and bug fix update
2021-06-08 17:59:29
(RHSA-2021:2314) Important: kernel security and bug fix update
2021-06-08 17:59:02
lenovo
lenovo
Aggregation and Fragmentation Attacks against Wi-Fi (FragAttacks) Vulnerabilities - Lenovo Support NL
2021-06-07 20:37:01
Intel® PROSet and Wireless WiFi, Intel vPro® CSME WiFi, and Intel® Killer™ WiFi Advisory - Lenovo Support NL
2021-05-11 20:39:26
intel
intel
Intel® PROSet/Wireless WiFi , Intel vPro® CSME WiFi and Killer™ WiFi Advisory Advisory
2021-05-11 00:00:00
Intel® PROSet/Wireless WiFi and Killer™ WiFi Advisory
2022-08-09 00:00:00
hp
hp
Intel® PROSet/Wireless WiFi, Intel vPro® CSME WiFi and Killer™ WiFi May 2021 Security Updates
2021-05-14 00:00:00
Intel® PROSet/Wireless WiFi and Killer™ WiFi August 2022 Security Update
2022-08-09 00:00:00
PC Wireless Wi-Fi Adapter Driver Security Updates August 2021
2021-08-27 00:00:00
rocky
rocky
linux-firmware security, bug fix, and enhancement update
2021-05-18 05:40:51
suse
suse
Security update for kernel-firmware (important)
2021-03-14 00:00:00
Security update for the Linux Kernel (important)
2021-03-08 00:00:00
Security update for the Linux Kernel (important)
2021-06-06 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2021-06-14 18:52:13
oraclelinux
oraclelinux
kernel security and bug fix update
2021-06-10 00:00:00
Unbreakable Enterprise kernel-container security update
2021-08-10 00:00:00
Unbreakable Enterprise kernel security update
2021-08-10 00:00:00
debiancve
debiancve
CVE-2021-37409
2022-08-18 20:15:00
CVE-2021-44545
2022-08-18 20:15:00
CVE-2021-23168
2022-08-18 20:15:00
prion
prion
Input validation
2022-08-18 20:15:00
Cross site scripting
2022-08-18 20:15:00
Improper access control
2022-08-18 20:15:00
ics
ics
Mitsubishi Electric GT25-WLAN (Update A)
2022-05-12 12:00:00
Hitachi ABB Power Grids TropOS
2021-08-24 12:00:00
cve
cve
CVE-2021-37409
2022-08-18 20:15:00
CVE-2021-44545
2022-08-18 20:15:00
CVE-2021-23223
2022-08-18 20:15:00
redhatcve
redhatcve
CVE-2020-12363
2021-02-18 15:35:47
CVE-2020-12364
2021-02-18 15:34:31
CVE-2020-24586
2021-05-13 05:56:37
veracode
veracode
Packet Injection
2021-11-17 22:36:55
CVE-2020-24587 Kernel: Reassembling Fragments Encrypted Under Different Keys
2021-11-17 22:37:04
Denial Of Service (DoS)
2021-06-03 14:01:04
ubuntucve
ubuntucve
CVE-2020-24586
2021-05-11 00:00:00
CVE-2020-12363
2021-02-17 00:00:00
CVE-2020-24587
2021-05-11 00:00:00
mscve
mscve
Windows Wireless Networking Information Disclosure Vulnerability
2021-05-11 07:00:00
Windows Wireless Networking Spoofing Vulnerability
2021-05-11 07:00:00
almalinux
almalinux
Important: linux-firmware security, bug fix, and enhancement update
2021-05-18 05:40:51
mageia
mageia
Updated kernel packages fix security vulnerabilities
2021-06-14 00:32:39
Updated kernel-linus packages fix security vulnerabilities
2021-06-14 00:32:39
attackerkb
attackerkb
CVE-2020-24587
2021-05-11 00:00:00
ibm
ibm
Security Bulletin: Linux Kernel as used by IBM QRadar SIEM contains multiple vulnerabilities
2021-12-03 18:41:49
Security Bulletin: Kernel as used by IBM QRadar Network Packet Capture contains multiple vulnerabilities
2021-10-14 20:23:25
checkpoint_security
checkpoint_security
Check Point Response to Wi-Fi FragAttacks in Quantum Spark appliances
2021-06-09 23:24:30
thn
thn
Nearly All Wi-Fi Devices Are Vulnerable to New FragAttacks
2021-05-12 13:07:00
malwarebytes
malwarebytes
FragAttack: New Wi-Fi vulnerabilities that affect… basically everything
2021-05-12 17:31:21
hackerone
hackerone
Internet Bug Bounty: Fragmentation and Aggregation Flaws in Wi-Fi
2021-06-19 21:24:25
threatpost
threatpost
‘FragAttacks’: Wi-Fi Bugs Affect Millions of Devices
2021-05-12 15:48:05
cisco
cisco
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021
2021-05-11 18:00:00
arista
arista
Security Advisory 0063
2021-05-25 00:00:00
ubuntu
ubuntu
Linux kernel (KVM) vulnerabilities
2021-06-25 00:00:00
Linux kernel vulnerabilities
2021-06-23 00:00:00
Linux kernel (OEM) vulnerabilities
2021-06-23 00:00:00
cloudfoundry
cloudfoundry
USN-5000-1: Linux kernel vulnerabilities | Cloud Foundry
2021-07-08 00:00:00
krebs
krebs
Microsoft Patch Tuesday, May 2021 Edition
2021-05-11 20:28:19
freebsd_advisory
freebsd_advisory
FreeBSD-SA-22:02.wifi
2022-03-15 00:00:00
freebsd
freebsd
FreeBSD-kernel -- Multiple WiFi issues
2022-03-15 00:00:00
mskb
mskb
May 11, 2021—KB5003225 (Security-only update)
2021-05-11 07:00:00
May 11, 2021—KB5003228 (Security-only update)
2021-05-11 07:00:00
JSON
Related for DEBIAN_DLA-3380.NASL
openvas32osv6debian1nessus54redhat7lenovo2intel2hp3rocky1suse4centos1oraclelinux6debiancve11prion11ics2cve11redhatcve6veracode6ubuntucve6mscve2almalinux1mageia2attackerkb1ibm2checkpoint_security1thn1malwarebytes1hackerone1threatpost1cisco1arista1ubuntu6cloudfoundry1krebs1freebsd_advisory1freebsd1mskb2