Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.3.el7.AXS7 (AXSA:2024-8831:30)

🗓️ 20 Jan 2026 00:00:00Reported by TenableType 
nessus
 nessus🔗 www.tenable.com👁 3 Views

MiracleLinux 7 kernel has multiple vulnerabilities: xen blockfront data bounce, ALSA deadlocks on disconnect, and network bounds in ops init.

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included
22 Oct 202420:24
ibm
ATTACKERKB		CVE-2022-26365
5 Jul 202213:15
attackerkb
ATTACKERKB		CVE-2022-33740
5 Jul 202213:15
attackerkb
ATTACKERKB		CVE-2022-33742
5 Jul 202213:15
attackerkb
ATTACKERKB		CVE-2022-33741
5 Jul 202213:15
attackerkb
Tenable Nessus		Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-114)
6 Sep 202200:00
nessus
Tenable Nessus		Amazon Linux 2022 : bpftool, kernel, kernel-devel (ALAS2022-2022-185)
5 Nov 202200:00
nessus
Tenable Nessus		Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-070)
21 Mar 202300:00
nessus
Tenable Nessus		Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-643)
24 Jun 202400:00
nessus
Tenable Nessus		Amazon Linux 2 : kernel (ALAS-2022-1825)
21 Jul 202200:00
nessus
Rows per page
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2024-8831:30.
##

include('compat.inc');

if (description)
{
  script_id(293596);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/04");

  script_cve_id("CVE-2022-33742", "CVE-2024-36883", "CVE-2024-38600");

  script_name(english:"MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.3.el7.AXS7 (AXSA:2024-8831:30)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2024-8831:30 advisory.

    * xen/blkfront: force data bouncing when backend is untrusted {CVE-2022-33742}
    * ALSA: Fix deadlocks with kctl removals at disconnection {CVE-2024-38600}
    * net: fix out-of-bounds access in ops_init {CVE-2024-36883}
    CVE(s):
    CVE-2024-38600
    In the Linux kernel, the following vulnerability has been resolved: ALSA: Fix deadlocks with kctl removals
    at disconnection In snd_card_disconnect(), we set card->shutdown flag at the beginning, call callbacks and
    do sync for card->power_ref_sleep waiters at the end. The callback may delete a kctl element, and this can
    lead to a deadlock when the device was in the suspended state. Namely: * A process waits for the power up
    at snd_power_ref_and_wait() in snd_ctl_info() or read/write() inside card->controls_rwsem. * The system
    gets disconnected meanwhile, and the driver tries to delete a kctl via snd_ctl_remove*(); it tries to take
    card->controls_rwsem again, but this is already locked by the above. Since the sleeper isn't woken up,
    this deadlocks. An easy fix is to wake up sleepers before processing the driver disconnect callbacks but
    right after setting the card->shutdown flag. Then all sleepers will abort immediately, and the code flows
    again. So, basically this patch moves the wait_event() call at the right timing. While we're at it, just
    to be sure, call wait_event_all() instead of wait_event(), although we don't use exclusive events on this
    queue for now.
    CVE-2024-36883
    In the Linux kernel, the following vulnerability has been resolved: net: fix out-of-bounds access in
    ops_init net_alloc_generic is called by net_alloc, which is called without any locking. It reads
    max_gen_ptrs, which is changed under pernet_ops_rwsem. It is read twice, first to allocate an array, then
    to set s.len, which is later used to limit the bounds of the array access. It is possible that the array
    is allocated and another thread is registering a new pernet ops, increments max_gen_ptrs, which is then
    used to set s.len with a larger than allocated length for the variable array. Fix it by reading
    max_gen_ptrs only once in net_alloc_generic. If max_gen_ptrs is later incremented, it will be caught in
    net_assign_generic.
    CVE-2022-33742
    Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text
    explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device
    frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
    Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to
    unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend
    (CVE-2022-33741, CVE-2022-33742).

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/20015");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-33742");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2024-36883");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/07/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/09/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/20");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:bpftool");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-abi-whitelists");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:kernel-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:python-perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^7([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 7.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '7',
    'pkgs': [
      {'reference':'bpftool-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-abi-whitelists-3.10.0-1160.119.1.0.3.el7.AXS7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-debug-devel-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-devel-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-headers-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-tools-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'kernel-tools-libs-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'perf-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'python-perf-3.10.0-1160.119.1.0.3.el7.AXS7', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_NOTE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-debug / etc');
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Feb 2026 00:00Current
5.9Medium risk
Vulners AI Score5.9
CVSS 23.6
CVSS 3.17.1
EPSS0.0005
SSVC
miraclelinux sevenxen blockfrontdata bounceuntrusted backendalsa deadlockscontrol removalsdisconnection issuenetwork boundsops init bug
3