Debian DSA-2669-1: Linux kernel vulnerabilities lead to privilege escalation, denial of service, and information leak
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
OpenVAS | Debian Security Advisory DSA 2669-1 (linux - privilege escalation/denial of service/information leak) | 15 May 201300:00 | – | openvas |
OpenVAS | Debian: Security Advisory (DSA-2669-1) | 14 May 201300:00 | – | openvas |
OpenVAS | Ubuntu Update for linux-ti-omap4 USN-1879-1 | 18 Jun 201300:00 | – | openvas |
OpenVAS | Ubuntu Update for linux USN-1837-1 | 27 May 201300:00 | – | openvas |
OpenVAS | Ubuntu Update for linux USN-1876-1 | 18 Jun 201300:00 | – | openvas |
OpenVAS | Ubuntu Update for linux-ti-omap4 USN-1883-1 | 18 Jun 201300:00 | – | openvas |
OpenVAS | Ubuntu: Security Advisory (USN-1878-1) | 18 Jun 201300:00 | – | openvas |
OpenVAS | SUSE: Security Advisory (SUSE-SU-2013:1182-2) | 9 Jun 202100:00 | – | openvas |
OpenVAS | Ubuntu: Security Advisory (USN-1883-1) | 18 Jun 201300:00 | – | openvas |
OpenVAS | Ubuntu Update for linux USN-1881-1 | 18 Jun 201300:00 | – | openvas |
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-2669. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(66486);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/09/16");
script_cve_id(
"CVE-2013-0160",
"CVE-2013-1796",
"CVE-2013-1929",
"CVE-2013-1979",
"CVE-2013-2015",
"CVE-2013-2094",
"CVE-2013-3076",
"CVE-2013-3222",
"CVE-2013-3223",
"CVE-2013-3224",
"CVE-2013-3225",
"CVE-2013-3227",
"CVE-2013-3228",
"CVE-2013-3229",
"CVE-2013-3231",
"CVE-2013-3234",
"CVE-2013-3235",
"CVE-2013-3301"
);
script_bugtraq_id(
57176,
58607,
58908,
59055,
59377,
59380,
59381,
59383,
59385,
59388,
59389,
59390,
59393,
59397,
59398,
59512,
59538
);
script_xref(name:"DSA", value:"2669");
script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/10/06");
script_name(english:"Debian DSA-2669-1 : linux - privilege escalation/denial of service/information leak");
script_set_attribute(attribute:"synopsis", value:
"The remote Debian host is missing a security-related update.");
script_set_attribute(attribute:"description", value:
"Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service, information leak or privilege
escalation. The Common Vulnerabilities and Exposures project
identifies the following problems :
- CVE-2013-0160
vladz reported a timing leak with the /dev/ptmx
character device. A local user could use this to
determine sensitive information such as password length.
- CVE-2013-1796
Andrew Honig of Google reported an issue in the KVM
subsystem. A user in a guest operating system could
corrupt kernel memory, resulting in a denial of service.
- CVE-2013-1929
Oded Horovitz and Brad Spengler reported an issue in the
device driver for Broadcom Tigon3 based gigabit
Ethernet. Users with the ability to attach untrusted
devices can create an overflow condition, resulting in a
denial of service or elevated privileges.
- CVE-2013-1979
Andy Lutomirski reported an issue in the socket level
control message processing subsystem. Local users may be
able to gain eleveated privileges.
- CVE-2013-2015
Theodore Ts'o provided a fix for an issue in the ext4
filesystem. Local users with the ability to mount a
specially crafted filesystem can cause a denial of
service (infinite loop).
- CVE-2013-2094
Tommie Rantala discovered an issue in the perf
subsystem. An out-of-bounds access vulnerability allows
local users to gain elevated privileges.
- CVE-2013-3076
Mathias Krause discovered an issue in the userspace
interface for hash algorithms. Local users can gain
access to sensitive kernel memory.
- CVE-2013-3222
Mathias Krause discovered an issue in the Asynchronous
Transfer Mode (ATM) protocol support. Local users can
gain access to sensitive kernel memory.
- CVE-2013-3223
Mathias Krause discovered an issue in the Amateur Radio
AX.25 protocol support. Local users can gain access to
sensitive kernel memory.
- CVE-2013-3224
Mathias Krause discovered an issue in the Bluetooth
subsystem. Local users can gain access to sensitive
kernel memory.
- CVE-2013-3225
Mathias Krause discovered an issue in the Bluetooth
RFCOMM protocol support. Local users can gain access to
sensitive kernel memory.
- CVE-2013-3227
Mathias Krause discovered an issue in the Communication
CPU to Application CPU Interface (CAIF). Local users can
gain access to sensitive kernel memory.
- CVE-2013-3228
Mathias Krause discovered an issue in the IrDA
(infrared) subsystem support. Local users can gain
access to sensitive kernel memory.
- CVE-2013-3229
Mathias Krause discovered an issue in the IUCV support
on s390 systems. Local users can gain access to
sensitive kernel memory.
- CVE-2013-3231
Mathias Krause discovered an issue in the ANSI/IEEE
802.2 LLC type 2 protocol support. Local users can gain
access to sensitive kernel memory.
- CVE-2013-3234
Mathias Krause discovered an issue in the Amateur Radio
X.25 PLP (Rose) protocol support. Local users can gain
access to sensitive kernel memory.
- CVE-2013-3235
Mathias Krause discovered an issue in the Transparent
Inter Process Communication (TIPC) protocol support.
Local users can gain access to sensitive kernel memory.
- CVE-2013-3301
Namhyung Kim reported an issue in the tracing subsystem.
A privileged local user could cause a denial of service
(system crash). This vulnerabililty is not applicable to
Debian systems by default.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-0160");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-1796");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-1929");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-1979");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-2015");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-2094");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3076");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3222");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3223");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3224");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3225");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3227");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3228");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3229");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3231");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3234");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3235");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2013-3301");
script_set_attribute(attribute:"see_also", value:"https://www.debian.org/security/2013/dsa-2669");
script_set_attribute(attribute:"solution", value:
"Upgrade the linux and user-mode-linux packages.
For the stable distribution (wheezy), this problem has been fixed in
version 3.2.41-2+deb7u1.
Note: Updates are currently available for the amd64, i386, ia64, s390,
s390x and sparc architectures. Updates for the remaining architectures
will be released as they become available.
The following matrix lists additional source packages that were
rebuilt for compatibility with or to take advantage of this update :
Debian 7.0 (wheezy)
user-mode-linux 3.2-2um-1+deb7u1
Note: Debian carefully tracks all known security issues across every
linux kernel package in all releases under active security support.
However, given the high frequency at which low-severity security
issues are discovered in the kernel and the resource requirements of
doing an update, updates for lower priority issues will normally not
be released for all kernels at the same time. Rather, they will be
released in a staggered or 'leap-frog' fashion.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
script_set_attribute(attribute:"canvas_package", value:"CANVAS");
script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/17");
script_set_attribute(attribute:"patch_publication_date", value:"2013/05/15");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/05/17");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:linux");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Debian Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2013-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"7.0", prefix:"linux", reference:"3.2.41-2+deb7u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo