Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.NEWSTART_CGSL_NS-SA-2023-0059_KERNEL.NASL
HistoryDec 27, 2023 - 12:00 a.m.

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0059)

2023-12-2700:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
6
newstart cgsl
main 6.02
kernel
multiple vulnerabilities
linux
cve-2020-14416
cve-2022-0330
cve-2022-0435
cve-2022-2639
cve-2022-3542
cve-2022-3545
cve-2022-3586
cve-2022-3594
cve-2022-40768
cve-2022-41218
cve-2022-43750

7.8 High

AI Score

Confidence

High

JSON

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities:

  • In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c. (CVE-2020-14416)

  • A random memory access flaw was found in the Linux kernel’s GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. (CVE-2022-0330)

  • A stack overflow flaw was found in the Linux kernel’s TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed.
    This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network. (CVE-2022-0435)

  • An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)

  • Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2022-3542)

  • A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability. (CVE-2022-3545)

  • A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)

  • A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.
    (CVE-2022-3594)

  • drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
    (CVE-2022-40768)

  • In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. (CVE-2022-41218)

  • drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor’s internal memory. (CVE-2022-43750)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from ZTE advisory NS-SA-2023-0059. The text
# itself is copyright (C) ZTE, Inc.
##

include('compat.inc');

if (description)
{
  script_id(187321);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/28");

  script_cve_id(
    "CVE-2020-14416",
    "CVE-2022-0330",
    "CVE-2022-0435",
    "CVE-2022-2639",
    "CVE-2022-3542",
    "CVE-2022-3545",
    "CVE-2022-3586",
    "CVE-2022-3594",
    "CVE-2022-40768",
    "CVE-2022-41218",
    "CVE-2022-43750"
  );

  script_name(english:"NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0059)");

  script_set_attribute(attribute:"synopsis", value:
"The remote NewStart CGSL host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple
vulnerabilities:

  - In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line
    discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and
    drivers/net/can/slcan.c. (CVE-2020-14416)

  - A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the
    way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or
    escalate their privileges on the system. (CVE-2022-0330)

  - A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends
    a packet with malicious content where the number of domain member nodes is higher than the 64 allowed.
    This flaw allows a remote user to crash the system or possibly escalate their privileges if they have
    access to the TIPC network. (CVE-2022-0435)

  - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of
    actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size()
    function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This
    flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)

  - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn
    by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2022-3542)

  - A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability
    is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the
    component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this
    issue. The identifier VDB-211045 was assigned to this vulnerability. (CVE-2022-3545)

  - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb
    enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)
    into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of
    service. (CVE-2022-3586)

  - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this
    vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The
    manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to
    apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.
    (CVE-2022-3594)

  - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information
    from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
    (CVE-2022-40768)

  - In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused
    by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. (CVE-2022-41218)

  - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-
    space client to corrupt the monitor's internal memory. (CVE-2022-43750)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/notice/NS-SA-2023-0059");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2020-14416");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-0330");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-0435");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-2639");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-3542");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-3545");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-3586");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-3594");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-40768");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-41218");
  script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2022-43750");
  script_set_attribute(attribute:"solution", value:
"Upgrade the vulnerable CGSL kernel packages. Note that updated packages may not be available yet. Please contact ZTE for
more information.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-0435");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/05/25");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/12/27");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:bpftool");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-abi-whitelists");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-cross-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debug-core");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debug-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debug-modules-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-debug-modules-internal");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-headers");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-ipaclones-internal");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-modules-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-modules-internal");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-selftests-internal");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-sign-keys");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:kernel-tools-libs-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:python3-perf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:zte:cgsl_main:6");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"NewStart CGSL Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");

  exit(0);
}

include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

var os_release = get_kb_item('Host/ZTE-CGSL/release');
if (isnull(os_release) || os_release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');

if (os_release !~ "CGSL MAIN 6.02")
  audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');

if (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);

var flag = 0;

var pkgs = {
  'CGSL MAIN 6.02': [
    'bpftool-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-abi-whitelists-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-core-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-cross-headers-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-debug-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-debug-core-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-debug-devel-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-debug-modules-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-debug-modules-extra-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-debug-modules-internal-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-devel-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-headers-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-ipaclones-internal-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-modules-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-modules-extra-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-modules-internal-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-selftests-internal-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-sign-keys-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-tools-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-tools-libs-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'kernel-tools-libs-devel-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'perf-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f',
    'python3-perf-4.18.0-193.14.2.el8_2.cgslv6_2.528.24.gdfbf1535f'
  ]
};
var pkg_list = pkgs[os_release];

foreach (pkg in pkg_list)
  if (rpm_check(release:'ZTE ' + os_release, reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel');
}
VendorProductVersionCPE
ztecgsl_mainkernel-cross-headersp-cpe:/a:zte:cgsl_main:kernel-cross-headers
ztecgsl_mainkernel-tools-libsp-cpe:/a:zte:cgsl_main:kernel-tools-libs
ztecgsl_mainkernel-abi-whitelistsp-cpe:/a:zte:cgsl_main:kernel-abi-whitelists
ztecgsl_mainbpftoolp-cpe:/a:zte:cgsl_main:bpftool
ztecgsl_mainkernelp-cpe:/a:zte:cgsl_main:kernel
ztecgsl_mainkernel-debugp-cpe:/a:zte:cgsl_main:kernel-debug
ztecgsl_mainkernel-headersp-cpe:/a:zte:cgsl_main:kernel-headers
ztecgsl_mainkernel-modules-extrap-cpe:/a:zte:cgsl_main:kernel-modules-extra
ztecgsl_mainkernel-debug-develp-cpe:/a:zte:cgsl_main:kernel-debug-devel
ztecgsl_mainkernel-tools-libs-develp-cpe:/a:zte:cgsl_main:kernel-tools-libs-devel
Rows per page:
1-10 of 251

References

Related

nessus 70
openvas 10
oraclelinux 2
prion 11
redhatcve 11
cve 11
debiancve 11
ibm 1
ubuntucve 11
rocky 2
amazon 3
cbl_mariner 18
veracode 9
zdi 1
githubexploit 6
cnvd 5
redhat 13
photon 1
fedora 2
osv 1
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2023-0030)
2023-04-11 00:00:00
NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0073)
2023-12-27 00:00:00
NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2023-0017)
2023-04-11 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1102)
2023-01-09 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1360)
2023-02-10 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1637)
2023-04-27 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2023-01-03 00:00:00
kernel security and bug fix update
2023-04-26 00:00:00
prion
prion
Race condition
2020-06-18 11:15:00
Design/Logic Flaw
2022-09-18 05:15:00
Design/Logic Flaw
2022-10-17 12:15:00
redhatcve
redhatcve
CVE-2020-14416
2020-06-23 08:26:46
CVE-2022-40768
2022-09-20 17:14:46
CVE-2022-3542
2022-12-30 05:34:53
cve
cve
CVE-2020-14416
2020-06-18 11:15:00
CVE-2022-40768
2022-09-18 05:15:00
CVE-2022-43750
2022-10-26 04:15:00
debiancve
debiancve
CVE-2020-14416
2020-06-18 11:15:00
CVE-2022-40768
2022-09-18 05:15:00
CVE-2022-3542
2022-10-17 12:15:00
ibm
ibm
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
2020-09-23 13:10:38
ubuntucve
ubuntucve
CVE-2020-14416
2020-06-18 00:00:00
CVE-2022-40768
2022-09-18 00:00:00
CVE-2022-3542
2022-10-17 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2022-03-11 02:24:05
kernel security, bug fix, and enhancement update
2022-03-11 02:26:54
amazon
amazon
Important: kernel
2022-10-31 19:40:00
Important: kernel
2022-12-01 17:33:00
Important: kernel
2022-10-31 19:40:00
cbl_mariner
cbl_mariner
CVE-2022-40768 affecting package kernel for versions less than 5.15.82.1-1
2022-12-19 20:13:00
CVE-2022-40768 affecting package kernel 5.10.153.1-1
2022-12-06 23:44:46
CVE-2022-3542 affecting package kernel 5.10.149.1-1
2022-11-24 00:45:57
veracode
veracode
Use After Free
2022-11-19 14:28:25
Denial Of Service (DoS)
2023-03-06 19:22:39
Denial Of Service (DoS)
2023-01-17 19:00:50
zdi
zdi
Linux Kernel Net Scheduler Use-After-Free Information Disclosure Vulnerability
2022-10-21 00:00:00
githubexploit
githubexploit
Exploit for Incorrect Conversion between Numeric Types in Linux Linux Kernel
2022-09-05 15:31:56
Exploit for CVE-2022-2639
2022-09-05 14:12:06
Exploit for Incorrect Conversion between Numeric Types in Linux Linux Kernel
2022-10-25 12:59:31
cnvd
cnvd
Linux kernel resource management error vulnerability (CNVD-2022-74087)
2022-10-21 00:00:00
Linux kernel resource management error vulnerability (CNVD-2022-69191)
2022-09-24 00:00:00
Linux kernel buffer overflow vulnerability (CNVD-2022-68570)
2022-01-27 00:00:00
redhat
redhat
(RHSA-2023:1987) Moderate: kernel security and bug fix update
2023-04-25 13:08:32
(RHSA-2023:1988) Moderate: kernel-rt security and bug fix update
2023-04-25 13:08:34
(RHSA-2022:8768) Important: kpatch-patch security update
2022-12-02 19:08:39
photon
photon
Important Photon OS Security Update - PHSA-2022-3.0-0485
2022-11-10 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: kernel-5.15.18-100.fc34
2022-02-02 01:16:21
[SECURITY] Fedora 35 Update: kernel-5.15.18-200.fc35
2022-02-01 01:13:23
osv
osv
CVE-2022-0330
2022-03-25 19:15:10

7.8 High

AI Score

Confidence

High

JSON
Related for NEWSTART_CGSL_NS-SA-2023-0059_KERNEL.NASL
nessus70openvas10oraclelinux2prion11redhatcve11cve11debiancve11ibm1ubuntucve11rocky2amazon3cbl_mariner18veracode9zdi1githubexploit6cnvd5redhat13photon1fedora2osv1