DATABASE RESOURCES PRICING ABOUT US

{"id": "SLACKWARE_SSA_2022-333-01.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2022-333-01)", "description": "The version of kernel-generic installed on the remote host is prior to 5.15.80 / 5.15.80_smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-333-01 advisory.\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver to ensure the size of the device config space is in line with the features advertised by the VDUSE userspace application. In case of a mismatch, Virtio drivers config read helpers do not initialize the memory indirectly passed to vduse_vdpa_get_config() returning uninitialized memory from the stack. This could cause undefined behavior or data leaks in Virtio drivers. (CVE-2022-2308)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. (CVE-2022-2905)\n\n - A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-2978)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. (CVE-2022-3061)\n\n - A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect. (CVE-2022-3169)\n\n - There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (CVE-2022-3176)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability. (CVE-2022-3521)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.\n The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)\n\n - A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the component mvpp2. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier VDB-211033 was assigned to this vulnerability. (CVE-2022-3535)\n\n - A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is the identifier assigned to this vulnerability. (CVE-2022-3542)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043. (CVE-2022-3543)\n\n - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211918 is the identifier assigned to this vulnerability. (CVE-2022-3619)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability. (CVE-2022-3623)\n\n - A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability. (CVE-2022-3625)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability. (CVE-2022-3629)\n\n - A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932. (CVE-2022-3633)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability. (CVE-2022-3635)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. (CVE-2022-39190)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use- after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. (CVE-2022-41850)\n\n - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.\n (CVE-2022-42703)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after- free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722)\n\n - There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://www.google.com/url (CVE-2022-42895)\n\n - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url (CVE-2022-42896)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\n - The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (CVE-2022-43945)\n\n - A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816) (CVE-2022-2602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2022-11-29T00:00:00", "modified": "2023-03-22T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/168270", "reporter": "This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3586", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3621", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3524", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42722", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0171", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2308", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42721", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42703", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43750", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3521", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42895", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42896", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3565", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2905", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39190", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2978", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3564", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3542", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20421", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3619", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3635", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40307", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41674", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39842", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3633", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3649", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41849", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3543", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3176", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4095", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41850", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3028", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42719", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43945", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3625", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3623", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3061", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42720", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3629", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40768", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3594", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2602", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3628", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3169", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3535", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3646", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2663", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3303"], "cvelist": ["CVE-2022-0171", "CVE-2022-20421", "CVE-2022-2308", "CVE-2022-23816", "CVE-2022-2602", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-2978", "CVE-2022-3028", "CVE-2022-3061", "CVE-2022-3169", "CVE-2022-3176", "CVE-2022-3303", "CVE-2022-3521", "CVE-2022-3524", "CVE-2022-3535", "CVE-2022-3542", "CVE-2022-3543", "CVE-2022-3564", "CVE-2022-3565", "CVE-2022-3586", "CVE-2022-3594", "CVE-2022-3619", "CVE-2022-3621", "CVE-2022-3623", "CVE-2022-3625", "CVE-2022-3628", "CVE-2022-3629", "CVE-2022-3633", "CVE-2022-3635", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-39190", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-40768", "CVE-2022-4095", "CVE-2022-41674", "CVE-2022-41849", "CVE-2022-41850", "CVE-2022-42703", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722", "CVE-2022-42895", "CVE-2022-42896", "CVE-2022-43750", "CVE-2022-43945"], "immutableFields": [], "lastseen": "2023-05-17T16:38:48", "viewCount": 9, "enchantments": {"score": {"value": 9.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:7110", "ALSA-2022:7134", "ALSA-2022:7933", "ALSA-2022:8267", "ALSA-2023:0300", "ALSA-2023:0334", "ALSA-2023:0832", "ALSA-2023:0854", "ALSA-2023:0951", "ALSA-2023:0979", "ALSA-2023:2148", "ALSA-2023:2458"]}, {"type": "amazon", "idList": ["ALAS-2022-1636", "ALAS-2022-1645", "ALAS-2022-1852", "ALAS-2022-1876", "ALAS-2022-1888", "ALAS-2023-1707", "ALAS2-2022-1852", "ALAS2-2022-1876", "ALAS2-2022-1888", "ALAS2-2022-1903"]}, {"type": "amd", "idList": ["AMD-SB-1037"]}, {"type": "archlinux", "idList": ["ASA-202210-1", "ASA-202210-2", "ASA-202210-3", "ASA-202210-4"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "centos", "idList": ["CESA-2023:1091"]}, {"type": "cloudlinux", "idList": ["CLSA-2023:1682705952", "CLSA-2023:1682711481"]}, {"type": "cnvd", "idList": ["CNVD-2022-68086", "CNVD-2022-68087", "CNVD-2022-69186", "CNVD-2022-69187", "CNVD-2022-69192", "CNVD-2022-70572", "CNVD-2022-72080", "CNVD-2022-72082", "CNVD-2022-72083", "CNVD-2022-72084", "CNVD-2022-74087", "CNVD-2022-74090"]}, {"type": "cve", "idList": ["CVE-2022-0171", "CVE-2022-20421", "CVE-2022-2308", "CVE-2022-23816", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-2978", "CVE-2022-3028", "CVE-2022-3061", "CVE-2022-3169", "CVE-2022-3176", "CVE-2022-3303", "CVE-2022-3521", "CVE-2022-3524", "CVE-2022-3535", "CVE-2022-3542", "CVE-2022-3543", "CVE-2022-3564", "CVE-2022-3565", "CVE-2022-3586", "CVE-2022-3594", "CVE-2022-3619", "CVE-2022-3621", "CVE-2022-3623", "CVE-2022-3625", "CVE-2022-3628", "CVE-2022-3629", "CVE-2022-3633", "CVE-2022-3635", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-38785", "CVE-2022-39190", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-40768", "CVE-2022-4095", "CVE-2022-41674", "CVE-2022-41849", "CVE-2022-41850", "CVE-2022-42703", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722", "CVE-2022-42895", "CVE-2022-42896", "CVE-2022-43750", "CVE-2022-43945"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3131-1:083C4", "DEBIAN:DLA-3173-1:82909", "DEBIAN:DLA-3244-1:12088", "DEBIAN:DLA-3245-1:5D45B", "DEBIAN:DSA-5184-1:CABB7", "DEBIAN:DSA-5257-1:DB743", "DEBIAN:DSA-5324-1:8EBE4"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-0171", "DEBIANCVE:CVE-2022-20421", "DEBIANCVE:CVE-2022-2308", "DEBIANCVE:CVE-2022-23816", "DEBIANCVE:CVE-2022-2602", "DEBIANCVE:CVE-2022-2663", "DEBIANCVE:CVE-2022-2905", "DEBIANCVE:CVE-2022-2978", "DEBIANCVE:CVE-2022-3028", "DEBIANCVE:CVE-2022-3061", "DEBIANCVE:CVE-2022-3169", "DEBIANCVE:CVE-2022-3176", "DEBIANCVE:CVE-2022-3303", "DEBIANCVE:CVE-2022-3521", "DEBIANCVE:CVE-2022-3524", "DEBIANCVE:CVE-2022-3535", "DEBIANCVE:CVE-2022-3542", "DEBIANCVE:CVE-2022-3543", "DEBIANCVE:CVE-2022-3564", "DEBIANCVE:CVE-2022-3565", "DEBIANCVE:CVE-2022-3586", "DEBIANCVE:CVE-2022-3594", "DEBIANCVE:CVE-2022-3619", "DEBIANCVE:CVE-2022-3621", "DEBIANCVE:CVE-2022-3623", "DEBIANCVE:CVE-2022-3625", "DEBIANCVE:CVE-2022-3628", "DEBIANCVE:CVE-2022-3629", "DEBIANCVE:CVE-2022-3633", "DEBIANCVE:CVE-2022-3635", "DEBIANCVE:CVE-2022-3646", "DEBIANCVE:CVE-2022-3649", "DEBIANCVE:CVE-2022-39190", "DEBIANCVE:CVE-2022-39842", "DEBIANCVE:CVE-2022-40307", "DEBIANCVE:CVE-2022-40768", "DEBIANCVE:CVE-2022-4095", "DEBIANCVE:CVE-2022-41674", "DEBIANCVE:CVE-2022-41849", "DEBIANCVE:CVE-2022-41850", "DEBIANCVE:CVE-2022-42703", "DEBIANCVE:CVE-2022-42719", "DEBIANCVE:CVE-2022-42720", "DEBIANCVE:CVE-2022-42721", "DEBIANCVE:CVE-2022-42722", "DEBIANCVE:CVE-2022-42895", "DEBIANCVE:CVE-2022-42896", "DEBIANCVE:CVE-2022-43750", "DEBIANCVE:CVE-2022-43945"]}, {"type": "fedora", "idList": ["FEDORA:3622F307260C", "FEDORA:37C8F316AAE9", "FEDORA:3E0893021FB2", "FEDORA:5334A316CFA4", "FEDORA:65D00306B98F", "FEDORA:671D6305F850", "FEDORA:6860730B0678", "FEDORA:79262304C76D", "FEDORA:873EB30832ED", "FEDORA:A1AF5304C6C7", "FEDORA:A8BA33168D26", "FEDORA:E6CE83084966"]}, {"type": "github", "idList": ["GHSA-34VW-M4RH-R36P", "GHSA-JR8J-2JHP-M67V"]}, {"type": "githubexploit", "idList": ["48A6CF92-30C0-5ABD-894A-38DE0329DA11", "75991DB8-5059-57ED-BB85-3A5F3309F92C", "88B2258B-A28E-5C00-85F0-542DB0BD2275", "9080771D-5FCF-52BA-A72B-EC1BD7CF79B7", "BDD6E431-5CC7-5183-A9D8-4870D7DF5670", "BEF9C9DA-D16B-58C7-AD6A-7A645E871F56", "CE3B1D33-B4CA-596B-88B1-7DAA7FF99D30", "D789A432-2137-57A8-BD99-560ABE0F7D40", "ED4486DF-C3F3-577E-A1AF-2DF89300C736"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:2B11CE693773C9B5799528B5FFB0DB49", "GOOGLEPROJECTZERO:2E83B11F70323BB038389E5A940BDF0A", "GOOGLEPROJECTZERO:591D9795B7E42F2AC5B0A7CA7AA82BEB"]}, {"type": "ibm", "idList": ["1D0C47C863486617E3DB329A62F4FFC3F23EAEA7A011A9C39ADDEBA1D66287D0", "7723E7232CDF38CAF6FB9BEBC720727705544B73B826D4C481C2D54FB681768E", "B5A64C62AD14AC5F708718469CD252B6E7CC148ED6744F6CA78BE827CE0DE99F", "C8058EE2D98E4E3A2B41A83E031B9A6C3266947F454144446221EF58E526C98F"]}, {"type": "mageia", "idList": ["MGASA-2022-0324", "MGASA-2022-0379", "MGASA-2022-0380", "MGASA-2022-0442", "MGASA-2022-0443", "MGASA-2022-0477", "MGASA-2022-0478"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:B0DA94EB1CF930F46263F17262E85D1A"]}, {"type": "mscve", "idList": ["MS:CVE-2022-23816", "MS:CVE-2022-29900"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-127.NASL", "AL2022_ALAS2022-2022-150.NASL", "AL2022_ALAS2022-2022-185.NASL", "AL2023_ALAS2023-2023-070.NASL", "AL2_ALAS-2022-1852.NASL", "AL2_ALAS-2022-1876.NASL", "AL2_ALAS-2022-1888.NASL", "AL2_ALAS-2022-1903.NASL", "AL2_ALASKERNEL-5_10-2022-019.NASL", "AL2_ALASKERNEL-5_10-2022-020.NASL", "AL2_ALASKERNEL-5_10-2022-021.NASL", "AL2_ALASKERNEL-5_10-2022-022.NASL", "AL2_ALASKERNEL-5_10-2022-023.NASL", "AL2_ALASKERNEL-5_10-2022-024.NASL", "AL2_ALASKERNEL-5_10-2023-025.NASL", "AL2_ALASKERNEL-5_15-2022-006.NASL", "AL2_ALASKERNEL-5_15-2022-008.NASL", "AL2_ALASKERNEL-5_15-2022-009.NASL", "AL2_ALASKERNEL-5_15-2022-010.NASL", "AL2_ALASKERNEL-5_15-2022-011.NASL", "AL2_ALASKERNEL-5_15-2023-012.NASL", "AL2_ALASKERNEL-5_4-2022-036.NASL", "AL2_ALASKERNEL-5_4-2022-037.NASL", "AL2_ALASKERNEL-5_4-2022-038.NASL", "AL2_ALASKERNEL-5_4-2022-039.NASL", "AL2_ALASKERNEL-5_4-2022-040.NASL", "AL2_ALASKERNEL-5_4-2023-041.NASL", "ALA_ALAS-2022-1636.NASL", "ALA_ALAS-2022-1645.NASL", "ALA_ALAS-2023-1707.NASL", "ALMA_LINUX_ALSA-2022-7110.NASL", "ALMA_LINUX_ALSA-2022-7134.NASL", "ALMA_LINUX_ALSA-2022-7933.NASL", "ALMA_LINUX_ALSA-2022-8267.NASL", "ALMA_LINUX_ALSA-2023-0300.NASL", "ALMA_LINUX_ALSA-2023-0334.NASL", "ALMA_LINUX_ALSA-2023-0348.NASL", "ALMA_LINUX_ALSA-2023-0832.NASL", "ALMA_LINUX_ALSA-2023-0839.NASL", "ALMA_LINUX_ALSA-2023-0854.NASL", "ALMA_LINUX_ALSA-2023-0951.NASL", "ALMA_LINUX_ALSA-2023-0979.NASL", "ALMA_LINUX_ALSA-2023-1008.NASL", "ALMA_LINUX_ALSA-2023-2148.NASL", "ALMA_LINUX_ALSA-2023-2458.NASL", "CENTOS_RHSA-2023-1091.NASL", "DEBIAN_DLA-3131.NASL", "DEBIAN_DLA-3173.NASL", "DEBIAN_DLA-3244.NASL", "DEBIAN_DLA-3245.NASL", "DEBIAN_DLA-3349.NASL", "DEBIAN_DSA-5184.NASL", "DEBIAN_DSA-5257.NASL", "DEBIAN_DSA-5324.NASL", "EULEROS_SA-2022-2090.NASL", "EULEROS_SA-2022-2134.NASL", "EULEROS_SA-2022-2686.NASL", "EULEROS_SA-2022-2732.NASL", "EULEROS_SA-2022-2767.NASL", "EULEROS_SA-2022-2796.NASL", "EULEROS_SA-2022-2823.NASL", "EULEROS_SA-2022-2848.NASL", "EULEROS_SA-2022-2906.NASL", "EULEROS_SA-2023-1012.NASL", "EULEROS_SA-2023-1037.NASL", "EULEROS_SA-2023-1102.NASL", "EULEROS_SA-2023-1126.NASL", "EULEROS_SA-2023-1147.NASL", "EULEROS_SA-2023-1168.NASL", "EULEROS_SA-2023-1193.NASL", "EULEROS_SA-2023-1223.NASL", "EULEROS_SA-2023-1320.NASL", "EULEROS_SA-2023-1345.NASL", "EULEROS_SA-2023-1360.NASL", "EULEROS_SA-2023-1388.NASL", "EULEROS_SA-2023-1507.NASL", "EULEROS_SA-2023-1637.NASL", "EULEROS_SA-2023-1671.NASL", "EULEROS_SA-2023-1695.NASL", "EULEROS_SA-2023-1902.NASL", "EULEROS_SA-2023-1933.NASL", "FEDORA_2022-2CFBE17910.NASL", "FEDORA_2022-B948FC3CFB.NASL", "FEDORA_2022-C69EF9C1DD.NASL", "MARINER_KERNEL_CVE-2022-0171.NASL", "MARINER_KERNEL_CVE-2022-2905.NASL", "MARINER_KERNEL_CVE-2022-3028.NASL", "MARINER_KERNEL_CVE-2022-3303.NASL", "MARINER_KERNEL_CVE-2022-39190.NASL", "MARINER_KERNEL_CVE-2022-39842.NASL", "MARINER_KERNEL_CVE-2022-40307.NASL", "MARINER_KERNEL_CVE-2022-40768.NASL", "MARINER_KERNEL_CVE-2022-43945.NASL", "NEWSTART_CGSL_NS-SA-2023-0001_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0005_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0017_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0030_KERNEL.NASL", "NUTANIX_NXSA-AHV-20220304_10013.NASL", "NUTANIX_NXSA-AOS-6_5_3.NASL", "NUTANIX_NXSA-AOS-6_6_2.NASL", "ORACLELINUX_ELSA-2022-10065.NASL", "ORACLELINUX_ELSA-2022-10072.NASL", "ORACLELINUX_ELSA-2022-10073.NASL", "ORACLELINUX_ELSA-2022-10079.NASL", "ORACLELINUX_ELSA-2022-10081.NASL", "ORACLELINUX_ELSA-2022-7110.NASL", "ORACLELINUX_ELSA-2022-7337.NASL", "ORACLELINUX_ELSA-2022-8267.NASL", "ORACLELINUX_ELSA-2022-9590.NASL", "ORACLELINUX_ELSA-2022-9591.NASL", "ORACLELINUX_ELSA-2022-9709.NASL", "ORACLELINUX_ELSA-2022-9710.NASL", "ORACLELINUX_ELSA-2022-9852.NASL", "ORACLELINUX_ELSA-2022-9870.NASL", "ORACLELINUX_ELSA-2022-9871.NASL", "ORACLELINUX_ELSA-2022-9926.NASL", "ORACLELINUX_ELSA-2022-9927.NASL", "ORACLELINUX_ELSA-2022-9930.NASL", "ORACLELINUX_ELSA-2022-9931.NASL", "ORACLELINUX_ELSA-2022-9998.NASL", "ORACLELINUX_ELSA-2022-9999.NASL", "ORACLELINUX_ELSA-2023-0334.NASL", "ORACLELINUX_ELSA-2023-0832.NASL", "ORACLELINUX_ELSA-2023-0951.NASL", "ORACLELINUX_ELSA-2023-1091.NASL", "ORACLELINUX_ELSA-2023-12008.NASL", "ORACLELINUX_ELSA-2023-12009.NASL", "ORACLELINUX_ELSA-2023-12017.NASL", "ORACLELINUX_ELSA-2023-12018.NASL", "ORACLELINUX_ELSA-2023-12109.NASL", "ORACLELINUX_ELSA-2023-12117.NASL", "ORACLELINUX_ELSA-2023-12118.NASL", "ORACLELINUX_ELSA-2023-12119.NASL", "ORACLELINUX_ELSA-2023-12121.NASL", "ORACLELINUX_ELSA-2023-12323.NASL", "ORACLELINUX_ELSA-2023-1987.NASL", "ORACLELINUX_ELSA-2023-2458.NASL", "ORACLEVM_OVMSA-2022-0026.NASL", "ORACLEVM_OVMSA-2022-0031.NASL", "ORACLEVM_OVMSA-2023-0001.NASL", "REDHAT-RHSA-2022-7110.NASL", "REDHAT-RHSA-2022-7134.NASL", "REDHAT-RHSA-2022-7337.NASL", "REDHAT-RHSA-2022-7338.NASL", "REDHAT-RHSA-2022-7933.NASL", "REDHAT-RHSA-2022-8267.NASL", "REDHAT-RHSA-2022-8973.NASL", "REDHAT-RHSA-2022-8974.NASL", "REDHAT-RHSA-2022-9082.NASL", "REDHAT-RHSA-2023-0300.NASL", "REDHAT-RHSA-2023-0334.NASL", "REDHAT-RHSA-2023-0348.NASL", "REDHAT-RHSA-2023-0832.NASL", "REDHAT-RHSA-2023-0839.NASL", "REDHAT-RHSA-2023-0854.NASL", "REDHAT-RHSA-2023-0856.NASL", "REDHAT-RHSA-2023-0858.NASL", "REDHAT-RHSA-2023-0951.NASL", "REDHAT-RHSA-2023-0979.NASL", "REDHAT-RHSA-2023-1008.NASL", "REDHAT-RHSA-2023-1091.NASL", "REDHAT-RHSA-2023-1092.NASL", "REDHAT-RHSA-2023-1202.NASL", "REDHAT-RHSA-2023-1203.NASL", "REDHAT-RHSA-2023-1220.NASL", "REDHAT-RHSA-2023-1221.NASL", "REDHAT-RHSA-2023-1251.NASL", "REDHAT-RHSA-2023-1435.NASL", "REDHAT-RHSA-2023-1559.NASL", "REDHAT-RHSA-2023-1560.NASL", "REDHAT-RHSA-2023-1666.NASL", "REDHAT-RHSA-2023-1987.NASL", "REDHAT-RHSA-2023-1988.NASL", "REDHAT-RHSA-2023-2148.NASL", "REDHAT-RHSA-2023-2458.NASL", "REDHAT-RHSA-2023-2736.NASL", "REDHAT-RHSA-2023-2951.NASL", "ROCKY_LINUX_RLSA-2022-7110.NASL", "ROCKY_LINUX_RLSA-2022-7134.NASL", "ROCKY_LINUX_RLSA-2023-0832.NASL", "ROCKY_LINUX_RLSA-2023-0854.NASL", "ROCKY_LINUX_RLSA-2023-0979.NASL", "SL_20221103_KERNEL_ON_SL7_X.NASL", "SL_20230307_KERNEL_ON_SL7_X.NASL", "SMB_NT_MS22_JUL_5015827.NASL", "SUSE_SU-2022-2557-1.NASL", "SUSE_SU-2022-2560-1.NASL", "SUSE_SU-2022-2569-1.NASL", "SUSE_SU-2022-2574-1.NASL", "SUSE_SU-2022-2591-1.NASL", "SUSE_SU-2022-2597-1.NASL", "SUSE_SU-2022-2599-1.NASL", "SUSE_SU-2022-2600-1.NASL", "SUSE_SU-2022-2601-1.NASL", "SUSE_SU-2022-2722-1.NASL", "SUSE_SU-2022-2741-1.NASL", "SUSE_SU-2022-2803-1.NASL", "SUSE_SU-2022-2809-1.NASL", "SUSE_SU-2022-2875-1.NASL", "SUSE_SU-2022-3263-1.NASL", "SUSE_SU-2022-3264-1.NASL", "SUSE_SU-2022-3265-1.NASL", "SUSE_SU-2022-3274-1.NASL", "SUSE_SU-2022-3282-1.NASL", "SUSE_SU-2022-3288-1.NASL", "SUSE_SU-2022-3291-1.NASL", "SUSE_SU-2022-3293-1.NASL", "SUSE_SU-2022-3294-1.NASL", "SUSE_SU-2022-3408-1.NASL", "SUSE_SU-2022-3422-1.NASL", "SUSE_SU-2022-3450-1.NASL", "SUSE_SU-2022-3584-1.NASL", "SUSE_SU-2022-3585-1.NASL", "SUSE_SU-2022-3586-1.NASL", "SUSE_SU-2022-3587-1.NASL", "SUSE_SU-2022-3599-1.NASL", "SUSE_SU-2022-3601-1.NASL", "SUSE_SU-2022-3605-1.NASL", "SUSE_SU-2022-3606-1.NASL", "SUSE_SU-2022-3607-1.NASL", "SUSE_SU-2022-3609-1.NASL", "SUSE_SU-2022-3628-1.NASL", "SUSE_SU-2022-3648-1.NASL", "SUSE_SU-2022-3657-1.NASL", "SUSE_SU-2022-3688-1.NASL", "SUSE_SU-2022-3693-1.NASL", "SUSE_SU-2022-3704-1.NASL", "SUSE_SU-2022-3775-1.NASL", "SUSE_SU-2022-3779-1.NASL", "SUSE_SU-2022-3809-1.NASL", "SUSE_SU-2022-3810-1.NASL", "SUSE_SU-2022-3844-1.NASL", "SUSE_SU-2022-3897-1.NASL", "SUSE_SU-2022-3929-1.NASL", "SUSE_SU-2022-3930-1.NASL", "SUSE_SU-2022-3976-1.NASL", "SUSE_SU-2022-3998-1.NASL", "SUSE_SU-2022-4024-1.NASL", "SUSE_SU-2022-4027-1.NASL", "SUSE_SU-2022-4030-1.NASL", "SUSE_SU-2022-4033-1.NASL", "SUSE_SU-2022-4034-1.NASL", "SUSE_SU-2022-4035-1.NASL", "SUSE_SU-2022-4037-1.NASL", "SUSE_SU-2022-4039-1.NASL", "SUSE_SU-2022-4053-1.NASL", "SUSE_SU-2022-4072-1.NASL", "SUSE_SU-2022-4100-1.NASL", "SUSE_SU-2022-4112-1.NASL", "SUSE_SU-2022-4113-1.NASL", "SUSE_SU-2022-4129-1.NASL", "SUSE_SU-2022-4272-1.NASL", "SUSE_SU-2022-4273-1.NASL", "SUSE_SU-2022-4503-1.NASL", "SUSE_SU-2022-4504-1.NASL", "SUSE_SU-2022-4505-1.NASL", "SUSE_SU-2022-4506-1.NASL", "SUSE_SU-2022-4510-1.NASL", "SUSE_SU-2022-4513-1.NASL", "SUSE_SU-2022-4515-1.NASL", "SUSE_SU-2022-4516-1.NASL", "SUSE_SU-2022-4517-1.NASL", "SUSE_SU-2022-4518-1.NASL", "SUSE_SU-2022-4520-1.NASL", "SUSE_SU-2022-4527-1.NASL", "SUSE_SU-2022-4528-1.NASL", "SUSE_SU-2022-4533-1.NASL", "SUSE_SU-2022-4534-1.NASL", "SUSE_SU-2022-4539-1.NASL", "SUSE_SU-2022-4542-1.NASL", "SUSE_SU-2022-4543-1.NASL", "SUSE_SU-2022-4544-1.NASL", "SUSE_SU-2022-4545-1.NASL", "SUSE_SU-2022-4546-1.NASL", "SUSE_SU-2022-4550-1.NASL", "SUSE_SU-2022-4551-1.NASL", "SUSE_SU-2022-4559-1.NASL", "SUSE_SU-2022-4560-1.NASL", "SUSE_SU-2022-4561-1.NASL", "SUSE_SU-2022-4562-1.NASL", "SUSE_SU-2022-4566-1.NASL", "SUSE_SU-2022-4569-1.NASL", "SUSE_SU-2022-4572-1.NASL", "SUSE_SU-2022-4573-1.NASL", "SUSE_SU-2022-4574-1.NASL", "SUSE_SU-2022-4577-1.NASL", "SUSE_SU-2022-4580-1.NASL", "SUSE_SU-2022-4585-1.NASL", "SUSE_SU-2022-4587-1.NASL", "SUSE_SU-2022-4589-1.NASL", "SUSE_SU-2022-4595-1.NASL", "SUSE_SU-2022-4611-1.NASL", "SUSE_SU-2022-4613-1.NASL", "SUSE_SU-2022-4614-1.NASL", "SUSE_SU-2022-4615-1.NASL", "SUSE_SU-2022-4616-1.NASL", "SUSE_SU-2022-4617-1.NASL", "SUSE_SU-2023-0145-1.NASL", "SUSE_SU-2023-0146-1.NASL", "SUSE_SU-2023-0147-1.NASL", "SUSE_SU-2023-0148-1.NASL", "SUSE_SU-2023-0149-1.NASL", "SUSE_SU-2023-0152-1.NASL", "SUSE_SU-2023-0226-1.NASL", "SUSE_SU-2023-0229-1.NASL", "SUSE_SU-2023-0237-1.NASL", "SUSE_SU-2023-0238-1.NASL", "SUSE_SU-2023-0245-1.NASL", "SUSE_SU-2023-0250-1.NASL", "SUSE_SU-2023-0262-1.NASL", "SUSE_SU-2023-0263-1.NASL", "SUSE_SU-2023-0267-1.NASL", "SUSE_SU-2023-0270-1.NASL", "SUSE_SU-2023-0271-1.NASL", "SUSE_SU-2023-0277-1.NASL", "SUSE_SU-2023-0280-1.NASL", "SUSE_SU-2023-0281-1.NASL", "SUSE_SU-2023-0331-1.NASL", "SUSE_SU-2023-0339-1.NASL", "SUSE_SU-2023-0406-1.NASL", "SUSE_SU-2023-0407-1.NASL", "SUSE_SU-2023-0410-1.NASL", "SUSE_SU-2023-0420-1.NASL", "SUSE_SU-2023-0519-1.NASL", "SUSE_SU-2023-0522-1.NASL", "SUSE_SU-2023-0525-1.NASL", "SUSE_SU-2023-0528-1.NASL", "SUSE_SU-2023-0547-1.NASL", "SUSE_SU-2023-0552-1.NASL", "SUSE_SU-2023-0553-1.NASL", "SUSE_SU-2023-0560-1.NASL", "SUSE_SU-2023-0562-1.NASL", "SUSE_SU-2023-0578-1.NASL", "SUSE_SU-2023-0618-1.NASL", "SUSE_SU-2023-0637-1.NASL", "SUSE_SU-2023-0852-1.NASL", "SUSE_SU-2023-2146-1.NASL", "SUSE_SU-2023-2148-1.NASL", "SUSE_SU-2023-2151-1.NASL", "SUSE_SU-2023-2162-1.NASL", "SUSE_SU-2023-2163-1.NASL", "UBUNTU_USN-5650-1.NASL", "UBUNTU_USN-5667-1.NASL", "UBUNTU_USN-5668-1.NASL", "UBUNTU_USN-5677-1.NASL", "UBUNTU_USN-5682-1.NASL", "UBUNTU_USN-5683-1.NASL", "UBUNTU_USN-5691-1.NASL", "UBUNTU_USN-5692-1.NASL", "UBUNTU_USN-5693-1.NASL", "UBUNTU_USN-5700-1.NASL", "UBUNTU_USN-5703-1.NASL", "UBUNTU_USN-5706-1.NASL", "UBUNTU_USN-5708-1.NASL", "UBUNTU_USN-5727-1.NASL", "UBUNTU_USN-5727-2.NASL", "UBUNTU_USN-5728-1.NASL", "UBUNTU_USN-5728-2.NASL", "UBUNTU_USN-5728-3.NASL", "UBUNTU_USN-5729-1.NASL", "UBUNTU_USN-5729-2.NASL", "UBUNTU_USN-5752-1.NASL", "UBUNTU_USN-5754-1.NASL", "UBUNTU_USN-5754-2.NASL", "UBUNTU_USN-5755-1.NASL", "UBUNTU_USN-5755-2.NASL", "UBUNTU_USN-5756-1.NASL", "UBUNTU_USN-5756-2.NASL", "UBUNTU_USN-5756-3.NASL", "UBUNTU_USN-5757-1.NASL", "UBUNTU_USN-5757-2.NASL", "UBUNTU_USN-5758-1.NASL", "UBUNTU_USN-5773-1.NASL", "UBUNTU_USN-5774-1.NASL", "UBUNTU_USN-5779-1.NASL", "UBUNTU_USN-5780-1.NASL", "UBUNTU_USN-5783-1.NASL", "UBUNTU_USN-5789-1.NASL", "UBUNTU_USN-5790-1.NASL", "UBUNTU_USN-5791-1.NASL", "UBUNTU_USN-5791-2.NASL", "UBUNTU_USN-5791-3.NASL", "UBUNTU_USN-5792-1.NASL", "UBUNTU_USN-5792-2.NASL", "UBUNTU_USN-5793-1.NASL", "UBUNTU_USN-5793-2.NASL", "UBUNTU_USN-5793-3.NASL", "UBUNTU_USN-5793-4.NASL", "UBUNTU_USN-5794-1.NASL", "UBUNTU_USN-5802-1.NASL", "UBUNTU_USN-5803-1.NASL", "UBUNTU_USN-5804-1.NASL", "UBUNTU_USN-5804-2.NASL", "UBUNTU_USN-5808-1.NASL", "UBUNTU_USN-5809-1.NASL", "UBUNTU_USN-5813-1.NASL", "UBUNTU_USN-5814-1.NASL", "UBUNTU_USN-5815-1.NASL", "UBUNTU_USN-5829-1.NASL", "UBUNTU_USN-5830-1.NASL", "UBUNTU_USN-5831-1.NASL", "UBUNTU_USN-5832-1.NASL", "UBUNTU_USN-5850-1.NASL", "UBUNTU_USN-5851-1.NASL", "UBUNTU_USN-5853-1.NASL", "UBUNTU_USN-5854-1.NASL", "UBUNTU_USN-5858-1.NASL", "UBUNTU_USN-5859-1.NASL", "UBUNTU_USN-5860-1.NASL", "UBUNTU_USN-5861-1.NASL", "UBUNTU_USN-5862-1.NASL", "UBUNTU_USN-5863-1.NASL", "UBUNTU_USN-5865-1.NASL", "UBUNTU_USN-5874-1.NASL", "UBUNTU_USN-5875-1.NASL", "UBUNTU_USN-5876-1.NASL", "UBUNTU_USN-5877-1.NASL", "UBUNTU_USN-5878-1.NASL", "UBUNTU_USN-5879-1.NASL", "UBUNTU_USN-5883-1.NASL", "UBUNTU_USN-5884-1.NASL", "UBUNTU_USN-5909-1.NASL", "UBUNTU_USN-5911-1.NASL", "UBUNTU_USN-5912-1.NASL", "UBUNTU_USN-5913-1.NASL", "UBUNTU_USN-5914-1.NASL", "UBUNTU_USN-5917-1.NASL", "UBUNTU_USN-5918-1.NASL", "UBUNTU_USN-5919-1.NASL", "UBUNTU_USN-5920-1.NASL", "UBUNTU_USN-5925-1.NASL", "UBUNTU_USN-5926-1.NASL", "UBUNTU_USN-5927-1.NASL", "UBUNTU_USN-5929-1.NASL", "UBUNTU_USN-5934-1.NASL", "UBUNTU_USN-5935-1.NASL", "UBUNTU_USN-5938-1.NASL", "UBUNTU_USN-5939-1.NASL", "UBUNTU_USN-5940-1.NASL", "UBUNTU_USN-5941-1.NASL", "UBUNTU_USN-5950-1.NASL", "UBUNTU_USN-5951-1.NASL", "UBUNTU_USN-5962-1.NASL", "UBUNTU_USN-5975-1.NASL", "UBUNTU_USN-5976-1.NASL", "UBUNTU_USN-6000-1.NASL", "UBUNTU_USN-6001-1.NASL", "UBUNTU_USN-6007-1.NASL", "UBUNTU_USN-6014-1.NASL", "UBUNTU_USN-6031-1.NASL", "UBUNTU_USN-6045-1.NASL", "UBUNTU_USN-6071-1.NASL"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-2022-10-17-1"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2023"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-10065", "ELSA-2022-10072", "ELSA-2022-10073", "ELSA-2022-10079", "ELSA-2022-10081", "ELSA-2022-10108", "ELSA-2022-7110", "ELSA-2022-7337", "ELSA-2022-8267", "ELSA-2022-9590", "ELSA-2022-9591", "ELSA-2022-9709", "ELSA-2022-9710", "ELSA-2022-9852", "ELSA-2022-9870", "ELSA-2022-9871", "ELSA-2022-9926", "ELSA-2022-9927", "ELSA-2022-9930", "ELSA-2022-9931", "ELSA-2022-9998", "ELSA-2022-9999", "ELSA-2023-0334", "ELSA-2023-0832", "ELSA-2023-0951", "ELSA-2023-1091", "ELSA-2023-12008", "ELSA-2023-12009", "ELSA-2023-12017", "ELSA-2023-12018", "ELSA-2023-12109", "ELSA-2023-12117", "ELSA-2023-12118", "ELSA-2023-12119", "ELSA-2023-12121", "ELSA-2023-12323", "ELSA-2023-1987", "ELSA-2023-2458"]}, {"type": "osv", "idList": ["OSV:ASB-A-253642087", "OSV:ASB-A-253642088", "OSV:CVE-2022-23816", "OSV:CVE-2022-41674", "OSV:CVE-2022-42719", "OSV:CVE-2022-42720", "OSV:CVE-2022-42721", "OSV:CVE-2022-42722", "OSV:DLA-3131-1", "OSV:DLA-3173-1", "OSV:DLA-3244-1", "OSV:DLA-3245-1", "OSV:DLA-3349-1", "OSV:DSA-5257-1", "OSV:DSA-5257-2", "OSV:DSA-5324-1", "OSV:GHSA-34VW-M4RH-R36P", "OSV:GHSA-JR8J-2JHP-M67V"]}, {"type": "photon", "idList": ["PHSA-2022-0248", "PHSA-2022-0271", "PHSA-2022-0275", "PHSA-2022-0280", "PHSA-2022-0286", "PHSA-2022-0293", "PHSA-2022-0297", "PHSA-2022-0299", "PHSA-2022-0517", "PHSA-2022-0542", "PHSA-2022-3.0-0461", "PHSA-2022-3.0-0477", "PHSA-2022-3.0-0485", "PHSA-2022-3.0-0488", "PHSA-2022-3.0-0502", "PHSA-2022-3.0-0504", "PHSA-2022-3.0-0507", "PHSA-2022-4.0-0248", "PHSA-2022-4.0-0250", "PHSA-2022-4.0-0271", "PHSA-2022-4.0-0275", "PHSA-2022-4.0-0280", "PHSA-2022-4.0-0286", "PHSA-2022-4.0-0293", "PHSA-2022-4.0-0297", "PHSA-2022-4.0-0299", "PHSA-2023-3.0-0538", "PHSA-2023-4.0-0318"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:B54637535A9D368B19D4D9881C6C34B3"]}, {"type": "redhat", "idList": ["RHSA-2022:6882", "RHSA-2022:7110", "RHSA-2022:7134", "RHSA-2022:7201", "RHSA-2022:7276", "RHSA-2022:7313", "RHSA-2022:7337", "RHSA-2022:7338", "RHSA-2022:7434", "RHSA-2022:7933", "RHSA-2022:8267", "RHSA-2022:8973", "RHSA-2022:8974", "RHSA-2022:9082", "RHSA-2023:0300", "RHSA-2023:0334", "RHSA-2023:0348", "RHSA-2023:0832", "RHSA-2023:0839", "RHSA-2023:0854", "RHSA-2023:0856", "RHSA-2023:0858", "RHSA-2023:0930", "RHSA-2023:0931", "RHSA-2023:0932", "RHSA-2023:0951", "RHSA-2023:0979", "RHSA-2023:1008", "RHSA-2023:1091", "RHSA-2023:1092", "RHSA-2023:1202", "RHSA-2023:1203", "RHSA-2023:1220", "RHSA-2023:1221", "RHSA-2023:1251", "RHSA-2023:1392", "RHSA-2023:1393", "RHSA-2023:1435", "RHSA-2023:1559", "RHSA-2023:1560", "RHSA-2023:1666", "RHSA-2023:1987", "RHSA-2023:1988", "RHSA-2023:2148", "RHSA-2023:2458", "RHSA-2023:2951"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-0171", "RH:CVE-2022-20421", "RH:CVE-2022-2308", "RH:CVE-2022-23816", "RH:CVE-2022-23824", "RH:CVE-2022-2602", "RH:CVE-2022-2663", "RH:CVE-2022-2905", "RH:CVE-2022-2978", "RH:CVE-2022-3028", "RH:CVE-2022-3061", "RH:CVE-2022-3169", "RH:CVE-2022-3176", "RH:CVE-2022-3303", "RH:CVE-2022-3521", "RH:CVE-2022-3524", "RH:CVE-2022-3542", "RH:CVE-2022-3543", "RH:CVE-2022-3564", "RH:CVE-2022-3565", "RH:CVE-2022-3586", "RH:CVE-2022-3594", "RH:CVE-2022-3619", "RH:CVE-2022-3621", "RH:CVE-2022-3623", "RH:CVE-2022-3625", "RH:CVE-2022-3628", "RH:CVE-2022-3629", "RH:CVE-2022-3633", "RH:CVE-2022-3635", "RH:CVE-2022-3646", "RH:CVE-2022-3649", "RH:CVE-2022-39190", "RH:CVE-2022-39842", "RH:CVE-2022-40307", "RH:CVE-2022-40768", "RH:CVE-2022-4095", "RH:CVE-2022-41674", "RH:CVE-2022-41849", "RH:CVE-2022-41850", "RH:CVE-2022-42703", "RH:CVE-2022-42719", "RH:CVE-2022-42720", "RH:CVE-2022-42721", "RH:CVE-2022-42722", "RH:CVE-2022-42895", "RH:CVE-2022-42896", "RH:CVE-2022-43750", "RH:CVE-2022-43945"]}, {"type": "rocky", "idList": ["RLSA-2022:7110", "RLSA-2022:7134", "RLSA-2023:0300", "RLSA-2023:0334", "RLSA-2023:0832", "RLSA-2023:0854", "RLSA-2023:0979", "RXSA-2023:0334", "RXSA-2023:0832", "RXSA-2023:0951"]}, {"type": "slackware", "idList": ["SSA-2022-333-01"]}, {"type": "suse", "idList": ["SUSE-SU-2022:2597-1", "SUSE-SU-2022:2599-1", "SUSE-SU-2022:2599-2", "SUSE-SU-2022:3264-1", "SUSE-SU-2022:3288-1", "SUSE-SU-2022:3293-1", "SUSE-SU-2022:3408-1", "SUSE-SU-2022:3585-1", "SUSE-SU-2022:3609-1", "SUSE-SU-2022:3693-1", "SUSE-SU-2022:3775-1", "SUSE-SU-2022:3809-1", "SUSE-SU-2022:3844-1", "SUSE-SU-2022:3897-1"]}, {"type": "ubuntu", "idList": ["LSN-0090-1", "LSN-0091-1", "LSN-0092-1", "USN-5650-1", "USN-5667-1", "USN-5668-1", "USN-5677-1", "USN-5682-1", "USN-5683-1", "USN-5691-1", "USN-5692-1", "USN-5693-1", "USN-5700-1", "USN-5703-1", "USN-5706-1", "USN-5708-1", "USN-5727-1", "USN-5727-2", "USN-5728-1", "USN-5728-2", "USN-5728-3", "USN-5729-1", "USN-5729-2", "USN-5752-1", "USN-5754-1", "USN-5754-2", "USN-5755-1", "USN-5755-2", "USN-5756-1", "USN-5756-2", "USN-5756-3", "USN-5757-1", "USN-5757-2", "USN-5758-1", "USN-5773-1", "USN-5774-1", "USN-5779-1", "USN-5780-1", "USN-5783-1", "USN-5789-1", "USN-5790-1", "USN-5791-1", "USN-5791-2", "USN-5791-3", "USN-5792-1", "USN-5792-2", "USN-5793-1", "USN-5793-2", "USN-5793-3", "USN-5793-4", "USN-5794-1", "USN-5802-1", "USN-5803-1", "USN-5804-1", "USN-5804-2", "USN-5808-1", "USN-5809-1", "USN-5813-1", "USN-5814-1", "USN-5815-1", "USN-5829-1", "USN-5830-1", "USN-5831-1", "USN-5832-1", "USN-5850-1", "USN-5851-1", "USN-5853-1", "USN-5854-1", "USN-5858-1", "USN-5859-1", "USN-5860-1", "USN-5861-1", "USN-5862-1", "USN-5863-1", "USN-5865-1", "USN-5874-1", "USN-5875-1", "USN-5876-1", "USN-5877-1", "USN-5878-1", "USN-5879-1", "USN-5883-1", "USN-5884-1", "USN-5909-1", "USN-5911-1", "USN-5912-1", "USN-5913-1", "USN-5914-1", "USN-5916-1", "USN-5917-1", "USN-5918-1", "USN-5919-1", "USN-5920-1", "USN-5924-1", "USN-5925-1", "USN-5926-1", "USN-5927-1", "USN-5929-1", "USN-5934-1", "USN-5935-1", "USN-5938-1", "USN-5939-1", "USN-5940-1", "USN-5941-1", "USN-5950-1", "USN-5951-1", "USN-5962-1", "USN-5975-1", "USN-5976-1", "USN-6000-1", "USN-6001-1", "USN-6007-1", "USN-6013-1", "USN-6014-1", "USN-6031-1", "USN-6045-1", "USN-6071-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-0171", "UB:CVE-2022-20421", "UB:CVE-2022-2308", "UB:CVE-2022-23816", "UB:CVE-2022-2602", "UB:CVE-2022-2663", "UB:CVE-2022-2905", "UB:CVE-2022-2978", "UB:CVE-2022-3028", "UB:CVE-2022-3061", "UB:CVE-2022-3169", "UB:CVE-2022-3176", "UB:CVE-2022-3303", "UB:CVE-2022-3521", "UB:CVE-2022-3524", "UB:CVE-2022-3535", "UB:CVE-2022-3542", "UB:CVE-2022-3543", "UB:CVE-2022-3564", "UB:CVE-2022-3565", "UB:CVE-2022-3586", "UB:CVE-2022-3594", "UB:CVE-2022-3619", "UB:CVE-2022-3621", "UB:CVE-2022-3623", "UB:CVE-2022-3625", "UB:CVE-2022-3628", "UB:CVE-2022-3629", "UB:CVE-2022-3633", "UB:CVE-2022-3635", "UB:CVE-2022-3646", "UB:CVE-2022-3649", "UB:CVE-2022-39190", "UB:CVE-2022-39842", "UB:CVE-2022-40307", "UB:CVE-2022-40768", "UB:CVE-2022-4095", "UB:CVE-2022-41674", "UB:CVE-2022-41849", "UB:CVE-2022-41850", "UB:CVE-2022-42703", "UB:CVE-2022-42719", "UB:CVE-2022-42720", "UB:CVE-2022-42721", "UB:CVE-2022-42722", "UB:CVE-2022-42895", "UB:CVE-2022-42896", "UB:CVE-2022-43750", "UB:CVE-2022-43945"]}, {"type": "veracode", "idList": ["VERACODE:36363", "VERACODE:37533", "VERACODE:37597", "VERACODE:37602", "VERACODE:37603", "VERACODE:37604", "VERACODE:37605", "VERACODE:38099", "VERACODE:38100", "VERACODE:38102", "VERACODE:38103", "VERACODE:38352", "VERACODE:38353", "VERACODE:38356", "VERACODE:38357", "VERACODE:38358", "VERACODE:38790", "VERACODE:38885", "VERACODE:38886", "VERACODE:38887", "VERACODE:38890", "VERACODE:38892", "VERACODE:38893", "VERACODE:38894", "VERACODE:39206", "VERACODE:39207", "VERACODE:39208", "VERACODE:39526", "VERACODE:39527", "VERACODE:39540", "VERACODE:39544", "VERACODE:39546", "VERACODE:39941", "VERACODE:40361", "VERACODE:40362"]}, {"type": "virtuozzo", "idList": ["VZA-2023-004", "VZA-2023-007"]}, {"type": "vmware", "idList": ["VMSA-2022-0020", "VMSA-2022-0020.1", "VMSA-2022-0020.2"]}, {"type": "xen", "idList": ["XSA-407"]}, {"type": "zdi", "idList": ["ZDI-22-1452", "ZDI-22-1462"]}]}, "epss": [{"cve": "CVE-2022-0171", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-20421", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-2308", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2022-2663", "epss": 0.0006, "percentile": 0.23475, "modified": "2023-05-02"}, {"cve": "CVE-2022-2905", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-2978", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3028", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3061", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3169", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2022-3176", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3303", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3521", "epss": 0.00045, "percentile": 0.11975, "modified": "2023-05-02"}, {"cve": "CVE-2022-3524", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3543", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2022-3564", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3565", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3586", "epss": 0.00045, "percentile": 0.12704, "modified": "2023-05-02"}, {"cve": "CVE-2022-3594", "epss": 0.00223, "percentile": 0.59083, "modified": "2023-05-02"}, {"cve": "CVE-2022-3619", "epss": 0.00044, "percentile": 0.10558, "modified": "2023-05-02"}, {"cve": "CVE-2022-3621", "epss": 0.00077, "percentile": 0.31603, "modified": "2023-05-02"}, {"cve": "CVE-2022-3623", "epss": 0.00066, "percentile": 0.2727, "modified": "2023-05-02"}, {"cve": "CVE-2022-3625", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3628", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3629", "epss": 0.00045, "percentile": 0.11975, "modified": "2023-05-02"}, {"cve": "CVE-2022-3633", "epss": 0.00045, "percentile": 0.11975, "modified": "2023-05-02"}, {"cve": "CVE-2022-3635", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-3646", "epss": 0.00082, "percentile": 0.33416, "modified": "2023-05-02"}, {"cve": "CVE-2022-3649", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-39190", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-39842", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-40307", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-40768", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-4095", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-41674", "epss": 0.00096, "percentile": 0.38938, "modified": "2023-05-02"}, {"cve": "CVE-2022-41849", "epss": 0.00042, "percentile": 0.05698, "modified": "2023-05-02"}, {"cve": "CVE-2022-41850", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-42703", "epss": 0.00051, "percentile": 0.17826, "modified": "2023-05-02"}, {"cve": "CVE-2022-42719", "epss": 0.00088, "percentile": 0.36124, "modified": "2023-05-02"}, {"cve": "CVE-2022-42720", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-42721", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-42722", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-42895", "epss": 0.00052, "percentile": 0.1857, "modified": "2023-05-02"}, {"cve": "CVE-2022-42896", "epss": 0.00112, "percentile": 0.43079, "modified": "2023-05-02"}, {"cve": "CVE-2022-43750", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-43945", "epss": 0.00053, "percentile": 0.19035, "modified": "2023-05-02"}], "vulnersScore": 9.4}, "_state": {"score": 1684378648, "dependencies": 1684375199, "epss": 0}, "_internal": {"score_hash": "11aeaf1a3f55931ead3303b90518a909"}, "pluginID": "168270", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2022-333-01. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168270);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-0171\",\n \"CVE-2022-2308\",\n \"CVE-2022-2602\",\n \"CVE-2022-2663\",\n \"CVE-2022-2905\",\n \"CVE-2022-2978\",\n \"CVE-2022-3028\",\n \"CVE-2022-3061\",\n \"CVE-2022-3169\",\n \"CVE-2022-3176\",\n \"CVE-2022-3303\",\n \"CVE-2022-3521\",\n \"CVE-2022-3524\",\n \"CVE-2022-3535\",\n \"CVE-2022-3542\",\n \"CVE-2022-3543\",\n \"CVE-2022-3564\",\n \"CVE-2022-3565\",\n \"CVE-2022-3586\",\n \"CVE-2022-3594\",\n \"CVE-2022-3619\",\n \"CVE-2022-3621\",\n \"CVE-2022-3623\",\n \"CVE-2022-3625\",\n \"CVE-2022-3628\",\n \"CVE-2022-3629\",\n \"CVE-2022-3633\",\n \"CVE-2022-3635\",\n \"CVE-2022-3646\",\n \"CVE-2022-3649\",\n \"CVE-2022-4095\",\n \"CVE-2022-20421\",\n \"CVE-2022-39190\",\n \"CVE-2022-39842\",\n \"CVE-2022-40307\",\n \"CVE-2022-40768\",\n \"CVE-2022-41674\",\n \"CVE-2022-41849\",\n \"CVE-2022-41850\",\n \"CVE-2022-42703\",\n \"CVE-2022-42719\",\n \"CVE-2022-42720\",\n \"CVE-2022-42721\",\n \"CVE-2022-42722\",\n \"CVE-2022-42895\",\n \"CVE-2022-42896\",\n \"CVE-2022-43750\",\n \"CVE-2022-43945\"\n );\n\n script_name(english:\"Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2022-333-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to kernel-generic.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel-generic installed on the remote host is prior to 5.15.80 / 5.15.80_smp. It is, therefore, affected\nby multiple vulnerabilities as referenced in the SSA:2022-333-01 advisory.\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root\n (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD\n CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver to\n ensure the size of the device config space is in line with the features advertised by the VDUSE userspace\n application. In case of a mismatch, Virtio drivers config read helpers do not initialize the memory\n indirectly passed to vduse_vdpa_get_config() returning uninitialized memory from the stack. This could\n cause undefined behavior or data leaks in Virtio drivers. (CVE-2022-2308)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the\n bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to\n gain unauthorized access to data. (CVE-2022-2905)\n\n - A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function\n security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use\n this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-2978)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver\n through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by\n zero error. (CVE-2022-3061)\n\n - A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request\n of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting\n in a PCIe link disconnect. (CVE-2022-3169)\n\n - There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a\n waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before\n the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free\n to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We\n recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (CVE-2022-3176)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects\n the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to\n race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier\n assigned to this vulnerability. (CVE-2022-3521)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to\n memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.\n The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)\n\n - A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the\n function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the\n component mvpp2. The manipulation leads to memory leak. It is recommended to apply a patch to fix this\n issue. The identifier VDB-211033 was assigned to this vulnerability. (CVE-2022-3535)\n\n - A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the\n function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is\n the identifier assigned to this vulnerability. (CVE-2022-3542)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The\n associated identifier of this vulnerability is VDB-211043. (CVE-2022-3543)\n\n - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the\n function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated\n identifier of this vulnerability is VDB-211087. (CVE-2022-3564)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue\n is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier\n of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The\n manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to\n apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects\n the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The\n manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211918 is the\n identifier assigned to this vulnerability. (CVE-2022-3619)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads\n to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a\n patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation\n leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix\n this issue. The identifier VDB-211921 was assigned to this vulnerability. (CVE-2022-3623)\n\n - A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function\n devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier\n VDB-211929 was assigned to this vulnerability. (CVE-2022-3625)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects\n the function vsock_connect of the file net/vmw_vsock/af_vsock.c of the component IPsec. The manipulation\n leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier\n assigned to this vulnerability. (CVE-2022-3629)\n\n - A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function\n j1939_session_destroy of the file net/can/j1939/transport.c of the component IPsec. The manipulation leads\n to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability\n is VDB-211932. (CVE-2022-3633)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue\n is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation\n leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the\n identifier assigned to this vulnerability. (CVE-2022-3635)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after\n free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of\n service can occur upon binding to an already bound chain. (CVE-2022-39190)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information\n from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could\n cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-\n after-free if a physically proximate attacker removes a USB device while calling open(), aka a race\n condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition\n and resultant use-after-free in certain situations where a report is received while copying a\n report->value is in progress. (CVE-2022-41850)\n\n - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.\n (CVE-2022-42703)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through\n 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and\n potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through\n 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-\n free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before\n 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in\n turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the\n mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon\n protection of P2P devices. (CVE-2022-42722)\n\n - There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req\n function which can be used to leak kernel pointers remotely. We recommend upgrading past commit\n https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e\n https://www.google.com/url (CVE-2022-42895)\n\n - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect\n and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively)\n remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within\n proximity of the victim. We recommend upgrading past commit https://www.google.com/url\n https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4\n https://www.google.com/url (CVE-2022-42896)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\n - The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer\n overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send\n buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer\n to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC\n message with garbage data is still correctly formed according to the specification and is passed forward\n to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the\n allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (CVE-2022-43945)\n\n - A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary\n speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816)\n (CVE-2022-2602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected kernel-generic package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42896\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:15.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '5.15.80', 'product' : 'kernel-generic', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '5.15.80', 'product' : 'kernel-huge', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '5.15.80', 'product' : 'kernel-modules', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '5.15.80_smp', 'product' : 'kernel-generic-smp', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i686' },\n { 'fixed_version' : '5.15.80_smp', 'product' : 'kernel-huge-smp', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i686' },\n { 'fixed_version' : '5.15.80_smp', 'product' : 'kernel-modules-smp', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i686' },\n { 'fixed_version' : '5.15.80', 'product' : 'kernel-source', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'noarch' },\n { 'fixed_version' : '5.15.80_smp', 'product' : 'kernel-source', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'noarch' },\n { 'fixed_version' : '5.15.80', 'product' : 'kernel-headers', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86' },\n { 'fixed_version' : '5.15.80_smp', 'product' : 'kernel-headers', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86' },\n { 'fixed_version' : '5.15.80', 'product' : 'kernel-generic', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86_64' },\n { 'fixed_version' : '5.15.80', 'product' : 'kernel-huge', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86_64' },\n { 'fixed_version' : '5.15.80', 'product' : 'kernel-modules', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Slackware Local Security Checks", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux:15.0"], "solution": "Upgrade the affected kernel-generic package.", "nessusSeverity": "High", "cvssScoreSource": "CVE-2022-42896", "vendor_cvss2": {"score": 8.3, "vector": "CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "vpr": {"risk factor": "Critical", "score": "9.0"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": null, "vulnerabilityPublicationDate": "2022-07-29T00:00:00", "exploitableWith": []}

{"slackware": [{"lastseen": "2023-06-05T14:47:52", "description": "New kernel packages are available for Slackware 15.0 to fix security issues.\n\n\nHere are the details from the Slackware 15.0 ChangeLog:\n\npatches/packages/linux-5.15.80/*: Upgraded.\n These updates fix various bugs and security issues.\n Be sure to upgrade your initrd after upgrading the kernel packages.\n If you use lilo to boot your machine, be sure lilo.conf points to the correct\n kernel and initrd and run lilo as root to update the bootloader.\n If you use elilo to boot your machine, you should run eliloconfig to copy the\n kernel and initrd to the EFI System Partition.\n For more information, see:\n Fixed in 5.15.63:\n https://vulners.com/cve/CVE-2022-3629\n https://vulners.com/cve/CVE-2022-3635\n https://vulners.com/cve/CVE-2022-3633\n https://vulners.com/cve/CVE-2022-3625\n Fixed in 5.15.64:\n https://vulners.com/cve/CVE-2022-39190\n https://vulners.com/cve/CVE-2022-3028\n https://vulners.com/cve/CVE-2022-2905\n Fixed in 5.15.65:\n https://vulners.com/cve/CVE-2022-42703\n https://vulners.com/cve/CVE-2022-3176\n Fixed in 5.15.66:\n https://vulners.com/cve/CVE-2022-4095\n https://vulners.com/cve/CVE-2022-20421\n Fixed in 5.15.68:\n https://vulners.com/cve/CVE-2022-3303\n https://vulners.com/cve/CVE-2022-2663\n https://vulners.com/cve/CVE-2022-40307\n https://vulners.com/cve/CVE-2022-3586\n Fixed in 5.15.70:\n https://vulners.com/cve/CVE-2022-0171\n https://vulners.com/cve/CVE-2022-39842\n https://vulners.com/cve/CVE-2022-3061\n Fixed in 5.15.72:\n https://vulners.com/cve/CVE-2022-2308\n Fixed in 5.15.73:\n https://vulners.com/cve/CVE-2022-2978\n https://vulners.com/cve/CVE-2022-43750\n Fixed in 5.15.74:\n https://vulners.com/cve/CVE-2022-40768\n https://vulners.com/cve/CVE-2022-42721\n https://vulners.com/cve/CVE-2022-3621\n https://vulners.com/cve/CVE-2022-42722\n https://vulners.com/cve/CVE-2022-42719\n https://vulners.com/cve/CVE-2022-41674\n https://vulners.com/cve/CVE-2022-3649\n https://vulners.com/cve/CVE-2022-3646\n https://vulners.com/cve/CVE-2022-42720\n Fixed in 5.15.75:\n https://vulners.com/cve/CVE-2022-43945\n https://vulners.com/cve/CVE-2022-41849\n https://vulners.com/cve/CVE-2022-3535\n https://vulners.com/cve/CVE-2022-3594\n https://vulners.com/cve/CVE-2022-2602\n https://vulners.com/cve/CVE-2022-41850\n https://vulners.com/cve/CVE-2022-3565\n https://vulners.com/cve/CVE-2022-3542\n Fixed in 5.15.77:\n https://vulners.com/cve/CVE-2022-3524\n Fixed in 5.15.78:\n https://vulners.com/cve/CVE-2022-3628\n https://vulners.com/cve/CVE-2022-3623\n https://vulners.com/cve/CVE-2022-42896\n https://vulners.com/cve/CVE-2022-42895\n https://vulners.com/cve/CVE-2022-3543\n https://vulners.com/cve/CVE-2022-3564\n https://vulners.com/cve/CVE-2022-3619\n Fixed in 5.15.80:\n https://vulners.com/cve/CVE-2022-3521\n https://vulners.com/cve/CVE-2022-3169\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware 15.0:\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.80/kernel-generic-5.15.80-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.80/kernel-generic-smp-5.15.80_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.80/kernel-headers-5.15.80_smp-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.80/kernel-huge-5.15.80-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.80/kernel-huge-smp-5.15.80_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.80/kernel-modules-5.15.80-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.80/kernel-modules-smp-5.15.80_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/linux-5.15.80/kernel-source-5.15.80_smp-noarch-1.txz\n\nUpdated packages for Slackware x86_64 15.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.80/kernel-generic-5.15.80-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.80/kernel-headers-5.15.80-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.80/kernel-huge-5.15.80-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.80/kernel-modules-5.15.80-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/linux-5.15.80/kernel-source-5.15.80-noarch-1.txz\n\n\nMD5 signatures:\n\nSlackware 15.0 packages:\nb2f77a57540668f5b6f43220e7cb570e kernel-generic-5.15.80-i586-1.txz\n9db5d881a86b3078fee0129601b0d38b kernel-generic-smp-5.15.80_smp-i686-1.txz\ne5cb2079ea90fdac4cd5634e1b0c404a kernel-headers-5.15.80_smp-x86-1.txz\nf8f8dba8632644a6adc6d6d37872d9b8 kernel-huge-5.15.80-i586-1.txz\n5247a51009b316ab3e740af9deac644d kernel-huge-smp-5.15.80_smp-i686-1.txz\n5ef51925119954c46a6ab2ad4b73d5f6 kernel-modules-5.15.80-i586-1.txz\n664f392763d1fa36288a22fdef728b24 kernel-modules-smp-5.15.80_smp-i686-1.txz\n609d4ad296b2b1bba14d1afb46de61ba kernel-source-5.15.80_smp-noarch-1.txz\n\nSlackware x86_64 15.0 packages:\nf2a80afb7b5d3dedafb9a308ca4c6cef kernel-generic-5.15.80-x86_64-1.txz\nd5ba89c905ef386e922951525c75720e kernel-headers-5.15.80-x86-1.txz\n164206dd025c1944d4d4ccfcf72a8cf2 kernel-huge-5.15.80-x86_64-1.txz\n619222efd62135d1193b222cbd645a3d kernel-modules-5.15.80-x86_64-1.txz\n8ba197539ca561c1aaba9f55ae01ed86 kernel-source-5.15.80-noarch-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg kernel-*.txz\n\nIf you are using an initrd, you'll need to rebuild it.\n\nFor a 32-bit SMP machine, use this command (substitute the appropriate\nkernel version if you are not running Slackware 15.0):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 5.15.80-smp | bash\n\nFor a 64-bit machine, or a 32-bit uniprocessor machine, use this command\n(substitute the appropriate kernel version if you are not running\nSlackware 15.0):\n > /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 5.15.80 | bash\n\nPlease note that \"uniprocessor\" has to do with the kernel you are running,\nnot with the CPU. Most systems should run the SMP kernel (if they can)\nregardless of the number of cores the CPU has. If you aren't sure which\nkernel you are running, run \"uname -a\". If you see SMP there, you are\nrunning the SMP kernel and should use the 5.15.80-smp version when running\nmkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit\nsystems should always use 5.15.80 as the version.\n\nIf you are using lilo or elilo to boot the machine, you'll need to ensure\nthat the machine is properly prepared before rebooting.\n\nIf using LILO:\nBy default, lilo.conf contains an image= line that references a symlink\nthat always points to the correct kernel. No editing should be required\nunless your machine uses a custom lilo.conf. If that is the case, be sure\nthat the image= line references the correct kernel file. Either way,\nyou'll need to run \"lilo\" as root to reinstall the boot loader.\n\nIf using elilo:\nEnsure that the /boot/vmlinuz symlink is pointing to the kernel you wish\nto use, and then run eliloconfig to update the EFI System Partition.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-11-29T21:04:28", "type": "slackware", "title": "[slackware-security] Slackware 15.0 kernel", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0171", "CVE-2022-20421", "CVE-2022-2308", "CVE-2022-2602", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-2978", "CVE-2022-3028", "CVE-2022-3061", "CVE-2022-3169", "CVE-2022-3176", "CVE-2022-3303", "CVE-2022-3521", "CVE-2022-3524", "CVE-2022-3535", "CVE-2022-3542", "CVE-2022-3543", "CVE-2022-3564", "CVE-2022-3565", "CVE-2022-3586", "CVE-2022-3594", "CVE-2022-3619", "CVE-2022-3621", "CVE-2022-3623", "CVE-2022-3625", "CVE-2022-3628", "CVE-2022-3629", "CVE-2022-3633", "CVE-2022-3635", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-39190", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-40768", "CVE-2022-4095", "CVE-2022-41674", "CVE-2022-41849", "CVE-2022-41850", "CVE-2022-42703", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722", "CVE-2022-42895", "CVE-2022-42896", "CVE-2022-43750", "CVE-2022-43945"], "modified": "2022-11-29T21:04:28", "id": "SSA-2022-333-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2022&m=slackware-security.829022", "cvss": {"score": 5.8, "vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2023-06-05T15:16:10", "description": "This kernel-linus update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV) (CVE-2022-0171). A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver to ensure the size of the device config space is in line with the features advertised by the VDUSE userspace application. In case of a mismatch, Virtio drivers config read helpers do not initialize the memory indirectly passed to vduse_vdpa_get_config() returning uninitialized memory from the stack. This could cause undefined behavior or data leaks in Virtio drivers (CVE-2022-2308). An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured (CVE-2022-2663). An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data (CVE-2022-2905). A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket (CVE-2022-3028). A flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error (CVE-2022-3061). There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed (CVE-2022-3176). A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303). A flaw was found in the Linux kernel networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service (CVE-2022-3586). In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (CVE-2022-20421). An issue was discovered in net/netfilter/nf_tables_api.c in the kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain (CVE-2022-39190). An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur (CVE-2022-39842). An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free (CVE-2022-40307). drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case (CVE-2022-40768). A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code (CVE-2022-42719). Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code (CVE-2022-42720). A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code (CVE-2022-42721). In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices (CVE-2022-42722). An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c (CVE-2022-41674). mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse (CVE-2022-42703). For other upstream fixes in this update, see the referenced changelogs. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-23T20:35:49", "type": "mageia", "title": "Updated kernel-linus packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0171", "CVE-2022-20421", "CVE-2022-2308", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-3028", "CVE-2022-3061", "CVE-2022-3176", "CVE-2022-3303", "CVE-2022-3586", "CVE-2022-39190", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-40768", "CVE-2022-41674", "CVE-2022-42703", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722"], "modified": "2022-10-23T20:35:49", "id": "MGASA-2022-0380", "href": "https://advisories.mageia.org/MGASA-2022-0380.html", "cvss": {"score": 5.8, "vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-05T15:16:10", "description": "This kernel update is based on upstream 5.15.74 and fixes at least the following security issues: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV) (CVE-2022-0171). A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver to ensure the size of the device config space is in line with the features advertised by the VDUSE userspace application. In case of a mismatch, Virtio drivers config read helpers do not initialize the memory indirectly passed to vduse_vdpa_get_config() returning uninitialized memory from the stack. This could cause undefined behavior or data leaks in Virtio drivers (CVE-2022-2308). An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured (CVE-2022-2663). A flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error (CVE-2022-3061). A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303). A flaw was found in the Linux kernel networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service (CVE-2022-3586). In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (CVE-2022-20421). An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur (CVE-2022-39842). An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free (CVE-2022-40307). drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case (CVE-2022-40768). An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c (CVE-2022-41674). A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code (CVE-2022-42719). Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code (CVE-2022-42720). A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code (CVE-2022-42721). In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices (CVE-2022-42722). For other upstream fixes in this update, see the referenced changelogs. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-10-23T20:35:49", "type": "mageia", "title": "Updated kernel packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0171", "CVE-2022-20421", "CVE-2022-2308", "CVE-2022-2663", "CVE-2022-3061", "CVE-2022-3303", "CVE-2022-3586", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-40768", "CVE-2022-41674", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722"], "modified": "2022-10-23T20:35:49", "id": "MGASA-2022-0379", "href": "https://advisories.mageia.org/MGASA-2022-0379.html", "cvss": {"score": 5.8, "vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:12:48", "description": "This kernel-linus update is based on upstream 5.15.79 and fixes at least the following security issues: A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation (CVE-2022-2602). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely (CVE-2022-3524). A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the component mvpp2. The manipulation leads to memory leak (CVE-2022-3535). A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF. The manipulation leads to memory leak (CVE-2022-3542). A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/ unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak (CVE-2022-3543). A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free (CVE-2022-3564). A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free (CVE-2022-3565). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely (CVE-2022-3594). A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak (CVE-2022-3619). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition (CVE-2022-3623). An intra-object buffer overflow was found in brcmfmac, which can be triggered by a malicious USB causing a Denial-of-Service (CVE-2022-3628). drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect (CVE-2022-41849). occat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress (CVE-2022-41850). There is an infoleak vulnerability in the Linux kernel's net/bluetooth/ l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely (CVE-2022-42895). There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim (CVE-2022-42896). The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space (CVE-2022-43945). For other upstream fixes in this update, see the referenced changelogs. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-11-27T20:51:49", "type": "mageia", "title": "Updated kernel-linus packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2602", "CVE-2022-3524", "CVE-2022-3535", "CVE-2022-3542", "CVE-2022-3543", "CVE-2022-3564", "CVE-2022-3565", "CVE-2022-3594", "CVE-2022-3619", "CVE-2022-3623", "CVE-2022-3628", "CVE-2022-41849", "CVE-2022-41850", "CVE-2022-42895", "CVE-2022-42896", "CVE-2022-43945"], "modified": "2022-11-27T20:51:49", "id": "MGASA-2022-0443", "href": "https://advisories.mageia.org/MGASA-2022-0443.html", "cvss": {"score": 5.8, "vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:12:48", "description": "This kernel update is based on upstream 5.15.79 and fixes at least the following security issues: A flaw was found in the Linux kernel. A race issue occurs between an io_uring request and the Unix socket garbage collector, allowing an attacker local privilege escalation (CVE-2022-2602). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely (CVE-2022-3524). A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the component mvpp2. The manipulation leads to memory leak (CVE-2022-3535). A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF. The manipulation leads to memory leak (CVE-2022-3542). A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/ unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak (CVE-2022-3543). A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free (CVE-2022-3564). A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free (CVE-2022-3565). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely (CVE-2022-3594). A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to memory leak (CVE-2022-3619). A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition (CVE-2022-3623). An intra-object buffer overflow was found in brcmfmac, which can be triggered by a malicious USB causing a Denial-of-Service (CVE-2022-3628). drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect (CVE-2022-41849). occat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress (CVE-2022-41850). There is an infoleak vulnerability in the Linux kernel's net/bluetooth/ l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely (CVE-2022-42895). There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim (CVE-2022-42896). The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space (CVE-2022-43945). For other upstream fixes in this update, see the referenced changelogs. \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-11-27T20:51:49", "type": "mageia", "title": "Updated kernel packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2602", "CVE-2022-3524", "CVE-2022-3535", "CVE-2022-3542", "CVE-2022-3543", "CVE-2022-3564", "CVE-2022-3565", "CVE-2022-3594", "CVE-2022-3619", "CVE-2022-3623", "CVE-2022-3628", "CVE-2022-41849", "CVE-2022-41850", "CVE-2022-42895", "CVE-2022-42896", "CVE-2022-43945"], "modified": "2022-11-27T20:51:49", "id": "MGASA-2022-0442", "href": "https://advisories.mageia.org/MGASA-2022-0442.html", "cvss": {"score": 5.8, "vector": "AV:A/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:12:48", "description": "This kernel update is based on upstream 5.15.65 and fixes at least the following security issues: An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data (CVE-2022-2905). A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket (CVE-2022-3028). There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed (CVE-2022-3176). An issue was discovered in net/netfilter/nf_tables_api.c in the kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain (CVE-2022-39190). mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse (CVE-2022-42703). Other fixes in this update: \\- A fix for an issue causing excessive logging (mga#30779) due to an uppstream change that was included in the 5.15.62 kernel update released as MGASA-2022-0305. \\- bpf, cgroup: Fix kernel BUG in purge_effective_progs \\- bpf: Restrict bpf_sys_bpf to CAP_PERFMON \\- Revert \"xhci: turn off port power in shutdown\" as it causes some systems to hang on shutdown. For other upstream fixes in this update, see the referenced changelogs. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-10T20:26:43", "type": "mageia", "title": "Updated kernel packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.1, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2905", "CVE-2022-3028", "CVE-2022-3176", "CVE-2022-39190", "CVE-2022-42703"], "modified": "2022-09-10T20:26:42", "id": "MGASA-2022-0324", "href": "https://advisories.mageia.org/MGASA-2022-0324.html", "cvss": {"score": 4.3, "vector": "AV:L/AC:L/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-28T19:55:45", "description": "The version of kernel installed on the remote host is prior to 4.14.296-222.539. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1876 advisory.\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-02T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2022-1876)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2978", "CVE-2022-3542", "CVE-2022-3565", "CVE-2022-3594", "CVE-2022-3621", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-39842", "CVE-2022-40768", "CVE-2022-41849", "CVE-2022-41850", "CVE-2022-43750"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-4.14.296-222.539", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1876.NASL", "href": "https://www.tenable.com/plugins/nessus/168366", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1876.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168366);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-2978\",\n \"CVE-2022-3542\",\n \"CVE-2022-3565\",\n \"CVE-2022-3594\",\n \"CVE-2022-3621\",\n \"CVE-2022-3646\",\n \"CVE-2022-3649\",\n \"CVE-2022-39842\",\n \"CVE-2022-40768\",\n \"CVE-2022-41849\",\n \"CVE-2022-41850\",\n \"CVE-2022-43750\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2022-1876)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.296-222.539. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2022-1876 advisory.\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The\n manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to\n apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads\n to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a\n patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after\n free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information\n from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1876.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2978.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3542.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3565.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3594.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3621.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3646.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3649.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-39842.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-40768.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-41849.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-41850.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-43750.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3565\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-4.14.296-222.539\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"kpatch.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2022-2978\", \"CVE-2022-3542\", \"CVE-2022-3565\", \"CVE-2022-3594\", \"CVE-2022-3621\", \"CVE-2022-3646\", \"CVE-2022-3649\", \"CVE-2022-39842\", \"CVE-2022-40768\", \"CVE-2022-41849\", \"CVE-2022-41850\", \"CVE-2022-43750\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALAS-2022-1876\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-aarch64-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.296-222.539.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-livepatch-4.14.296-222.539-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.296-222.539.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.296-222.539.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-22T22:42:03", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5791-1 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-07T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5791-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-20421", "CVE-2022-2663", "CVE-2022-3061", "CVE-2022-3303", "CVE-2022-3586", "CVE-2022-3646", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-4095", "CVE-2022-43750"], "modified": "2023-01-09T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1041-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1061-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1078-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1083-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1091-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1091-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1093-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1097-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-136-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-136-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-136-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi"], "id": "UBUNTU_USN-5791-1.NASL", "href": "https://www.tenable.com/plugins/nessus/169689", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5791-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169689);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/09\");\n\n script_cve_id(\n \"CVE-2022-2663\",\n \"CVE-2022-3061\",\n \"CVE-2022-3303\",\n \"CVE-2022-3586\",\n \"CVE-2022-3646\",\n \"CVE-2022-4095\",\n \"CVE-2022-20421\",\n \"CVE-2022-39842\",\n \"CVE-2022-40307\",\n \"CVE-2022-43750\"\n );\n script_xref(name:\"USN\", value:\"5791-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5791-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the USN-5791-1 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver\n through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by\n zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can\n actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5791-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-43750\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1041-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1061-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1078-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1083-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1091-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1091-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1093-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1097-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-136-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-136-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-136-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(18\\.04|20\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.4.0-\\d{3}-(generic|generic-lpae|lowlatency)|5.4.0-\\d{4}-(aws|gcp|gke|gkeop|ibm|kvm|oracle|raspi))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.4.0-\\d{3}-(generic|generic-lpae|lowlatency)\" : \"5.4.0-136\",\n \"5.4.0-\\d{4}-aws\" : \"5.4.0-1093\",\n \"5.4.0-\\d{4}-gcp\" : \"5.4.0-1097\",\n \"5.4.0-\\d{4}-gke\" : \"5.4.0-1091\",\n \"5.4.0-\\d{4}-gkeop\" : \"5.4.0-1061\",\n \"5.4.0-\\d{4}-ibm\" : \"5.4.0-1041\",\n \"5.4.0-\\d{4}-kvm\" : \"5.4.0-1083\",\n \"5.4.0-\\d{4}-oracle\" : \"5.4.0-1091\",\n \"5.4.0-\\d{4}-raspi\" : \"5.4.0-1078\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5791-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-2663', 'CVE-2022-3061', 'CVE-2022-3303', 'CVE-2022-3586', 'CVE-2022-3646', 'CVE-2022-4095', 'CVE-2022-20421', 'CVE-2022-39842', 'CVE-2022-40307', 'CVE-2022-43750');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5791-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-22T22:41:36", "description": "The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5791-2 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-10T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5791-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-20421", "CVE-2022-2663", "CVE-2022-3061", "CVE-2022-3303", "CVE-2022-3586", "CVE-2022-3646", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-4095", "CVE-2022-43750"], "modified": "2023-01-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1100-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure"], "id": "UBUNTU_USN-5791-2.NASL", "href": "https://www.tenable.com/plugins/nessus/169732", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5791-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169732);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/10\");\n\n script_cve_id(\n \"CVE-2022-2663\",\n \"CVE-2022-3061\",\n \"CVE-2022-3303\",\n \"CVE-2022-3586\",\n \"CVE-2022-3646\",\n \"CVE-2022-4095\",\n \"CVE-2022-20421\",\n \"CVE-2022-39842\",\n \"CVE-2022-40307\",\n \"CVE-2022-43750\"\n );\n script_xref(name:\"USN\", value:\"5791-2\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5791-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-5791-2 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver\n through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by\n zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can\n actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5791-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-43750\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1100-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(20\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.4.0-\\d{4}-azure)$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.4.0-\\d{4}-azure\" : \"5.4.0-1100\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5791-2');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-2663', 'CVE-2022-3061', 'CVE-2022-3303', 'CVE-2022-3586', 'CVE-2022-3646', 'CVE-2022-4095', 'CVE-2022-20421', 'CVE-2022-39842', 'CVE-2022-40307', 'CVE-2022-43750');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5791-2');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T02:40:46", "description": "The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5815-1 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-20T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-5815-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-20421", "CVE-2022-2663", "CVE-2022-3061", "CVE-2022-3303", "CVE-2022-3586", "CVE-2022-3646", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-4095", "CVE-2022-43750"], "modified": "2023-01-20T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1054-bluefield", "p-cpe:/a:canonical:ubuntu_linux:linux-image-bluefield"], "id": "UBUNTU_USN-5815-1.NASL", "href": "https://www.tenable.com/plugins/nessus/170187", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5815-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170187);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/20\");\n\n script_cve_id(\n \"CVE-2022-2663\",\n \"CVE-2022-3061\",\n \"CVE-2022-3303\",\n \"CVE-2022-3586\",\n \"CVE-2022-3646\",\n \"CVE-2022-4095\",\n \"CVE-2022-20421\",\n \"CVE-2022-39842\",\n \"CVE-2022-40307\",\n \"CVE-2022-43750\"\n );\n script_xref(name:\"USN\", value:\"5815-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-5815-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-5815-1 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver\n through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by\n zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can\n actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5815-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-43750\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1054-bluefield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-bluefield\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(20\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.4.0-\\d{4}-bluefield)$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.4.0-\\d{4}-bluefield\" : \"5.4.0-1054\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5815-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-2663', 'CVE-2022-3061', 'CVE-2022-3303', 'CVE-2022-3586', 'CVE-2022-3646', 'CVE-2022-4095', 'CVE-2022-20421', 'CVE-2022-39842', 'CVE-2022-40307', 'CVE-2022-43750');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5815-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T00:36:31", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5791-3 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-11T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5791-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-20421", "CVE-2022-2663", "CVE-2022-3061", "CVE-2022-3303", "CVE-2022-3586", "CVE-2022-3646", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-4095", "CVE-2022-43750"], "modified": "2023-01-11T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1100-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1100-azurefde", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azurefde"], "id": "UBUNTU_USN-5791-3.NASL", "href": "https://www.tenable.com/plugins/nessus/169883", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5791-3. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169883);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/11\");\n\n script_cve_id(\n \"CVE-2022-2663\",\n \"CVE-2022-3061\",\n \"CVE-2022-3303\",\n \"CVE-2022-3586\",\n \"CVE-2022-3646\",\n \"CVE-2022-4095\",\n \"CVE-2022-20421\",\n \"CVE-2022-39842\",\n \"CVE-2022-40307\",\n \"CVE-2022-43750\"\n );\n script_xref(name:\"USN\", value:\"5791-3\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5791-3)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the USN-5791-3 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver\n through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by\n zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can\n actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5791-3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-43750\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1100-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1100-azurefde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azurefde\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(18\\.04|20\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.4.0-\\d{4}-(azure|azure-fde))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.4.0-\\d{4}-azure\" : \"5.4.0-1100\",\n \"5.4.0-\\d{4}-azure-fde\" : \"5.4.0-1100\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5791-3');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-2663', 'CVE-2022-3061', 'CVE-2022-3303', 'CVE-2022-3586', 'CVE-2022-3646', 'CVE-2022-4095', 'CVE-2022-20421', 'CVE-2022-39842', 'CVE-2022-40307', 'CVE-2022-43750');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5791-3');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-23T02:40:46", "description": "The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-2 advisory.\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-10T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0171", "CVE-2022-20421", "CVE-2022-2663", "CVE-2022-3061", "CVE-2022-3303", "CVE-2022-3586", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-39188", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-4095", "CVE-2022-43750"], "modified": "2023-03-22T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1027-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1030-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1030-azurefde", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azurefde"], "id": "UBUNTU_USN-5792-2.NASL", "href": "https://www.tenable.com/plugins/nessus/169726", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5792-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169726);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-0171\",\n \"CVE-2022-2663\",\n \"CVE-2022-3061\",\n \"CVE-2022-3303\",\n \"CVE-2022-3586\",\n \"CVE-2022-3646\",\n \"CVE-2022-3649\",\n \"CVE-2022-4095\",\n \"CVE-2022-20421\",\n \"CVE-2022-39188\",\n \"CVE-2022-39842\",\n \"CVE-2022-40307\",\n \"CVE-2022-43750\"\n );\n script_xref(name:\"USN\", value:\"5792-2\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the USN-5792-2 advisory.\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root\n (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD\n CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver\n through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by\n zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after\n free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can\n actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5792-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-20421\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1027-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1030-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1030-azurefde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azurefde\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(20\\.04|22\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 22.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.15.0-\\d{4}-(aws|azure|azure-fde))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.15.0-\\d{4}-aws\" : \"5.15.0-1027\",\n \"5.15.0-\\d{4}-azure\" : \"5.15.0-1030\",\n \"5.15.0-\\d{4}-azure-fde\" : \"5.15.0-1030\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5792-2');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-0171', 'CVE-2022-2663', 'CVE-2022-3061', 'CVE-2022-3303', 'CVE-2022-3586', 'CVE-2022-3646', 'CVE-2022-3649', 'CVE-2022-4095', 'CVE-2022-20421', 'CVE-2022-39188', 'CVE-2022-39842', 'CVE-2022-40307', 'CVE-2022-43750');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5792-2');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-22T22:41:36", "description": "The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5792-1 advisory.\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-07T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0171", "CVE-2022-20421", "CVE-2022-2663", "CVE-2022-3061", "CVE-2022-3303", "CVE-2022-3586", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-39188", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-4095", "CVE-2022-43750"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1012-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1022-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1024-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1025-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1026-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-lowlatency-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency"], "id": "UBUNTU_USN-5792-1.NASL", "href": "https://www.tenable.com/plugins/nessus/169688", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5792-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169688);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-0171\",\n \"CVE-2022-2663\",\n \"CVE-2022-3061\",\n \"CVE-2022-3303\",\n \"CVE-2022-3586\",\n \"CVE-2022-3646\",\n \"CVE-2022-3649\",\n \"CVE-2022-4095\",\n \"CVE-2022-20421\",\n \"CVE-2022-39188\",\n \"CVE-2022-39842\",\n \"CVE-2022-40307\",\n \"CVE-2022-43750\"\n );\n script_xref(name:\"USN\", value:\"5792-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5792-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the USN-5792-1 advisory.\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root\n (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD\n CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver\n through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by\n zero error. (CVE-2022-3061)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after\n free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - ** DISPUTED ** An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can\n actually happen. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5792-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-20421\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1012-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1022-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1024-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1025-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1026-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-57-lowlatency-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(20\\.04|22\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 22.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.15.0-\\d{2}-(generic|generic-64k|generic-lpae|lowlatency|lowlatency-64k)|5.15.0-\\d{4}-(gcp|gke|gkeop|ibm|kvm))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.15.0-\\d{2}-(generic|generic-64k|generic-lpae)\" : \"5.15.0-57\",\n \"5.15.0-\\d{2}-(generic|generic-64k|generic-lpae|lowlatency|lowlatency-64k)\" : \"5.15.0-57\",\n \"5.15.0-\\d{4}-gcp\" : \"5.15.0-1026\",\n \"5.15.0-\\d{4}-gke\" : \"5.15.0-1024\",\n \"5.15.0-\\d{4}-gkeop\" : \"5.15.0-1012\",\n \"5.15.0-\\d{4}-ibm\" : \"5.15.0-1022\",\n \"5.15.0-\\d{4}-kvm\" : \"5.15.0-1025\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5792-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-0171', 'CVE-2022-2663', 'CVE-2022-3061', 'CVE-2022-3303', 'CVE-2022-3586', 'CVE-2022-3646', 'CVE-2022-3649', 'CVE-2022-4095', 'CVE-2022-20421', 'CVE-2022-39188', 'CVE-2022-39842', 'CVE-2022-40307', 'CVE-2022-43750');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5792-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-28T19:55:29", "description": "The version of kernel installed on the remote host is prior to 4.14.299-152.520. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1645 advisory.\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-2978)\n\n - A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is the identifier assigned to this vulnerability. (CVE-2022-3542)\n\n - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\n - drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use- after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. (CVE-2022-41850)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-10T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2022-1645)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-20369", "CVE-2022-26373", "CVE-2022-2978", "CVE-2022-3542", "CVE-2022-3564", "CVE-2022-3565", "CVE-2022-3594", "CVE-2022-3621", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-39842", "CVE-2022-40768", "CVE-2022-41849", "CVE-2022-41850", "CVE-2022-43750"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2022-1645.NASL", "href": "https://www.tenable.com/plugins/nessus/168612", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1645.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168612);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-2978\",\n \"CVE-2022-3542\",\n \"CVE-2022-3564\",\n \"CVE-2022-3565\",\n \"CVE-2022-3594\",\n \"CVE-2022-3621\",\n \"CVE-2022-3646\",\n \"CVE-2022-3649\",\n \"CVE-2022-20369\",\n \"CVE-2022-26373\",\n \"CVE-2022-39842\",\n \"CVE-2022-40768\",\n \"CVE-2022-41849\",\n \"CVE-2022-41850\",\n \"CVE-2022-43750\"\n );\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2022-1645)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.299-152.520. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS-2022-1645 advisory.\n\n - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input\n validation. This could lead to local escalation of privilege with System execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-223375145References: Upstream kernel (CVE-2022-20369)\n\n - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow\n an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)\n\n - A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function\n security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use\n this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-2978)\n\n - A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the\n function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is\n the identifier assigned to this vulnerability. (CVE-2022-3542)\n\n - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the\n function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated\n identifier of this vulnerability is VDB-211087. (CVE-2022-3564)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue\n is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier\n of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The\n manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to\n apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads\n to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a\n patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after\n free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information\n from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\n - drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-\n after-free if a physically proximate attacker removes a USB device while calling open(), aka a race\n condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition\n and resultant use-after-free in certain situations where a report is received while copying a\n report->value is in progress. (CVE-2022-41850)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2022-1645.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-20369.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26373.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2978.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3542.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3564.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3565.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3594.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3621.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3646.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3649.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-39842.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-40768.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-41849.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-41850.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-43750.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3565\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2022-2978\", \"CVE-2022-3542\", \"CVE-2022-3564\", \"CVE-2022-3565\", \"CVE-2022-3594\", \"CVE-2022-3621\", \"CVE-2022-3646\", \"CVE-2022-3649\", \"CVE-2022-20369\", \"CVE-2022-26373\", \"CVE-2022-39842\", \"CVE-2022-40768\", \"CVE-2022-41849\", \"CVE-2022-41850\", \"CVE-2022-43750\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALAS-2022-1645\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-i686-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.299-152.520.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.299-152.520.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:38:23", "description": "The version of kernel installed on the remote host is prior to 5.4.224-128.414. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-039 advisory.\n\n - A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability. (CVE-2021-3759)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.\n The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)\n\n - A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the component mvpp2. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier VDB-211033 was assigned to this vulnerability. (CVE-2022-3535)\n\n - A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is the identifier assigned to this vulnerability. (CVE-2022-3542)\n\n - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use- after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. (CVE-2022-41850)\n\n - A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816) (CVE-2022-2602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-14T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-039)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3759", "CVE-2022-23816", "CVE-2022-2602", "CVE-2022-3524", "CVE-2022-3535", "CVE-2022-3542", "CVE-2022-3564", "CVE-2022-3565", "CVE-2022-3594", "CVE-2022-3649", "CVE-2022-41849", "CVE-2022-41850"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALASKERNEL-5_4-2022-039.NASL", "href": "https://www.tenable.com/plugins/nessus/168727", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.4-2022-039.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168727);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2021-3759\",\n \"CVE-2022-2602\",\n \"CVE-2022-3524\",\n \"CVE-2022-3535\",\n \"CVE-2022-3542\",\n \"CVE-2022-3564\",\n \"CVE-2022-3565\",\n \"CVE-2022-3594\",\n \"CVE-2022-3649\",\n \"CVE-2022-41849\",\n \"CVE-2022-41850\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-039)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.4.224-128.414. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-039 advisory.\n\n - A memory overflow vulnerability was found in the Linux kernel's ipc functionality of the memcg subsystem,\n in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local\n user to starve the resources, causing a denial of service. The highest threat from this vulnerability is\n to system availability. (CVE-2021-3759)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to\n memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.\n The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)\n\n - A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the\n function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the\n component mvpp2. The manipulation leads to memory leak. It is recommended to apply a patch to fix this\n issue. The identifier VDB-211033 was assigned to this vulnerability. (CVE-2022-3535)\n\n - A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the\n function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is\n the identifier assigned to this vulnerability. (CVE-2022-3542)\n\n - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the\n function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated\n identifier of this vulnerability is VDB-211087. (CVE-2022-3564)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue\n is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier\n of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The\n manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to\n apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after\n free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-\n after-free if a physically proximate attacker removes a USB device while calling open(), aka a race\n condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition\n and resultant use-after-free in certain situations where a report is received while copying a\n report->value is in progress. (CVE-2022-41850)\n\n - A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary\n speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816)\n (CVE-2022-2602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-039.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-3759.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2602.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3524.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3535.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3542.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3564.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3565.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3594.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-3649.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-41849.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-41850.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3565\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2021-3759\", \"CVE-2022-2602\", \"CVE-2022-3524\", \"CVE-2022-3535\", \"CVE-2022-3542\", \"CVE-2022-3564\", \"CVE-2022-3565\", \"CVE-2022-3594\", \"CVE-2022-3649\", \"CVE-2022-41849\", \"CVE-2022-41850\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.4-2022-039\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-aarch64-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-x86_64-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.224-128.414.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.224-128.414.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.224-128.414.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:31", "description": "The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5700-1 advisory.\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after- free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722)\n\n - A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816) (CVE-2022-2602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-26T00:00:00", "type": "nessus", "title": "Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5700-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-23816", "CVE-2022-2602", "CVE-2022-41674", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:22.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1006-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1006-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1009-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1009-lowlatency-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1011-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-23-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-23-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-23-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-nolpae"], "id": "UBUNTU_USN-5700-1.NASL", "href": "https://www.tenable.com/plugins/nessus/166559", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5700-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166559);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\n \"CVE-2022-2602\",\n \"CVE-2022-41674\",\n \"CVE-2022-42719\",\n \"CVE-2022-42720\",\n \"CVE-2022-42721\",\n \"CVE-2022-42722\"\n );\n script_xref(name:\"USN\", value:\"5700-1\");\n\n script_name(english:\"Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5700-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nUSN-5700-1 advisory.\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could\n cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through\n 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and\n potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through\n 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-\n free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before\n 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in\n turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the\n mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon\n protection of P2P devices. (CVE-2022-42722)\n\n - A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary\n speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816)\n (CVE-2022-2602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5700-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42719\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1006-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1006-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1009-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1009-lowlatency-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1010-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1011-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-23-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-23-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-23-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-nolpae\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(22\\.10)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 22.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.19.0-\\d{2}-(generic|generic-64k|generic-lpae)|5.19.0-\\d{4}-(aws|azure|gcp|ibm|kvm|lowlatency|lowlatency-64k|oracle|raspi|raspi-nolpae))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.19.0-\\d{2}-(generic|generic-64k|generic-lpae)\" : \"5.19.0-23\",\n \"5.19.0-\\d{4}-(azure|gcp|ibm|kvm|oracle)\" : \"5.19.0-1010\",\n \"5.19.0-\\d{4}-(lowlatency|lowlatency-64k)\" : \"5.19.0-1009\",\n \"5.19.0-\\d{4}-(raspi|raspi-nolpae)\" : \"5.19.0-1006\",\n \"5.19.0-\\d{4}-aws\" : \"5.19.0-1011\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5700-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-2602', 'CVE-2022-41674', 'CVE-2022-42719', 'CVE-2022-42720', 'CVE-2022-42721', 'CVE-2022-42722');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5700-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:16", "description": "The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5752-1 advisory.\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after- free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722)\n\n - A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816) (CVE-2022-2602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-01T00:00:00", "type": "nessus", "title": "Ubuntu 22.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5752-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-23816", "CVE-2022-2602", "CVE-2022-41674", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1024-azurefde", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azurefde"], "id": "UBUNTU_USN-5752-1.NASL", "href": "https://www.tenable.com/plugins/nessus/168317", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5752-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168317);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\n \"CVE-2022-2602\",\n \"CVE-2022-41674\",\n \"CVE-2022-42719\",\n \"CVE-2022-42720\",\n \"CVE-2022-42721\",\n \"CVE-2022-42722\"\n );\n script_xref(name:\"USN\", value:\"5752-1\");\n\n script_name(english:\"Ubuntu 22.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5752-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-5752-1 advisory.\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could\n cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through\n 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and\n potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through\n 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-\n free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before\n 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in\n turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the\n mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon\n protection of P2P devices. (CVE-2022-42722)\n\n - A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary\n speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816)\n (CVE-2022-2602)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5752-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42719\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1024-azurefde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azurefde\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(22\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 22.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.15.0-\\d{4}-azure-fde)$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.15.0-\\d{4}-azure-fde\" : \"5.15.0-1024\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5752-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-2602', 'CVE-2022-41674', 'CVE-2022-42719', 'CVE-2022-42720', 'CVE-2022-42721', 'CVE-2022-42722');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5752-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:37:05", "description": "The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5693-1 advisory.\n\n - There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. (CVE-2022-2318)\n\n - A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-2978)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after- free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-19T00:00:00", "type": "nessus", "title": "Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5693-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2318", "CVE-2022-2602", "CVE-2022-2978", "CVE-2022-3028", "CVE-2022-40768", "CVE-2022-41674", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.17.0-1020-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem"], "id": "UBUNTU_USN-5693-1.NASL", "href": "https://www.tenable.com/plugins/nessus/166272", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5693-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166272);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\n \"CVE-2022-2318\",\n \"CVE-2022-2602\",\n \"CVE-2022-2978\",\n \"CVE-2022-3028\",\n \"CVE-2022-40768\",\n \"CVE-2022-41674\",\n \"CVE-2022-42719\",\n \"CVE-2022-42720\",\n \"CVE-2022-42721\",\n \"CVE-2022-42722\"\n );\n script_xref(name:\"USN\", value:\"5693-1\");\n\n script_name(english:\"Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5693-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-5693-1 advisory.\n\n - There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that\n allow attackers to crash linux kernel without any privileges. (CVE-2022-2318)\n\n - A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function\n security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use\n this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-2978)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information\n from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could\n cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through\n 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and\n potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through\n 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-\n free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before\n 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in\n turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the\n mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon\n protection of P2P devices. (CVE-2022-42722)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5693-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2318\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-42719\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.17.0-1020-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(22\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 22.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.17.0-\\d{4}-oem)$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.17.0-\\d{4}-oem\" : \"5.17.0-1020\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5693-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-2318', 'CVE-2022-2602', 'CVE-2022-2978', 'CVE-2022-3028', 'CVE-2022-40768', 'CVE-2022-41674', 'CVE-2022-42719', 'CVE-2022-42720', 'CVE-2022-42721', 'CVE-2022-42722');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5693-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T18:37:35", "description": "The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3173 advisory.\n\n - A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS. (CVE-2021-4037)\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel's filesystem sub- component. This flaw allows a local attacker with a user privilege to cause a denial of service.\n (CVE-2022-1184)\n\n - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1679)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel (CVE-2022-20422)\n\n - A flaw was found in the Linux kernel's KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. (CVE-2022-2153)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data. (CVE-2022-2905)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. (CVE-2022-3028)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. (CVE-2022-3061)\n\n - There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (CVE-2022-3176)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability. (CVE-2022-3625)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability. (CVE-2022-3629)\n\n - A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function j1939_session_destroy of the file net/can/j1939/transport.c of the component IPsec. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211932. (CVE-2022-3633)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the identifier assigned to this vulnerability. (CVE-2022-3635)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. (CVE-2022-39190)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move. (CVE-2022-41222)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after- free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-02T00:00:00", "type": "nessus", "title": "Debian DLA-3173-1 : linux-5.10 - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13405", "CVE-2021-4037", "CVE-2022-0171", "CVE-2022-1184", "CVE-2022-1679", "CVE-2022-20421", "CVE-2022-20422", "CVE-2022-2153", "CVE-2022-2602", "CVE-2022-2663", "CVE-2022-2905", "CVE-2022-3028", "CVE-2022-3061", "CVE-2022-3176", "CVE-2022-3303", "CVE-2022-3586", "CVE-2022-3621", "CVE-2022-3625", "CVE-2022-3629", "CVE-2022-3633", "CVE-2022-3635", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-39188", "CVE-2022-3919", "CVE-2022-39190", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-41222", "CVE-2022-4167", "CVE-2022-41674", "CVE-2022-42719", "CVE-2022-4272", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722", "CVE-2022-43750"], "modified": "2022-11-03T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-config-5.10", "p-cpe:/a:debian:debian_linux:linux-doc-5.10", "p-cpe:/a:debian:debian_linux:linux-headers-5.10-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5.10-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-686", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-cloud-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-cloud-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-common", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-common-rt", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-rt-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-686", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-cloud-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-cloud-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-common", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-common-rt", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-rt-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-amd64-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-5.10-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-arm64-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-5.10-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-5.10-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-i386-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-686-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-cloud-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-cloud-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-686-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-cloud-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-cloud-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-kbuild-5.10", "p-cpe:/a:debian:debian_linux:linux-perf-5.10", "p-cpe:/a:debian:debian_linux:linux-source-5.10", "p-cpe:/a:debian:debian_linux:linux-support-5.10.0-0.deb10.17", "p-cpe:/a:debian:debian_linux:linux-support-5.10.0-0.deb10.19", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3173.NASL", "href": "https://www.tenable.com/plugins/nessus/166822", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3173. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166822);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/03\");\n\n script_cve_id(\n \"CVE-2021-4037\",\n \"CVE-2022-0171\",\n \"CVE-2022-1184\",\n \"CVE-2022-1679\",\n \"CVE-2022-2153\",\n \"CVE-2022-2602\",\n \"CVE-2022-2663\",\n \"CVE-2022-2905\",\n \"CVE-2022-3028\",\n \"CVE-2022-3061\",\n \"CVE-2022-3176\",\n \"CVE-2022-3303\",\n \"CVE-2022-3586\",\n \"CVE-2022-3621\",\n \"CVE-2022-3625\",\n \"CVE-2022-3629\",\n \"CVE-2022-3633\",\n \"CVE-2022-3635\",\n \"CVE-2022-3646\",\n \"CVE-2022-3649\",\n \"CVE-2022-3919\",\n \"CVE-2022-4167\",\n \"CVE-2022-4272\",\n \"CVE-2022-20421\",\n \"CVE-2022-20422\",\n \"CVE-2022-39188\",\n \"CVE-2022-39190\",\n \"CVE-2022-39842\",\n \"CVE-2022-40307\",\n \"CVE-2022-41222\",\n \"CVE-2022-41674\",\n \"CVE-2022-42719\",\n \"CVE-2022-42720\",\n \"CVE-2022-42721\",\n \"CVE-2022-42722\",\n \"CVE-2022-43750\"\n );\n\n script_name(english:\"Debian DLA-3173-1 : linux-5.10 - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-3173 advisory.\n\n - A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that\n allows local users to create files for the XFS file-system with an unintended group ownership and with\n group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a\n certain group and is writable by a user who is not a member of this group. This can lead to excessive\n permissions granted in case when they should not. This vulnerability is similar to the previous\n CVE-2018-13405 and adds the missed fix for the XFS. (CVE-2021-4037)\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root\n (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD\n CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel's filesystem sub-\n component. This flaw allows a local attacker with a user privilege to cause a denial of service.\n (CVE-2022-1184)\n\n - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user\n forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local\n user to crash or potentially escalate their privileges on the system. (CVE-2022-1679)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race\n condition. This could lead to local escalation of privilege with no additional execution privileges\n needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid\n ID: A-237540956References: Upstream kernel (CVE-2022-20422)\n\n - A flaw was found in the Linux kernel's KVM when attempting to set a SynIC IRQ. This issue makes it\n possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This\n flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel\n oops condition that results in a denial of service. (CVE-2022-2153)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the\n bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to\n gain unauthorized access to data. (CVE-2022-2905)\n\n - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)\n when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to\n potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read\n and copying it into a socket. (CVE-2022-3028)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver\n through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by\n zero error. (CVE-2022-3061)\n\n - There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a\n waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before\n the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free\n to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We\n recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (CVE-2022-3176)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads\n to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a\n patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function\n devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier\n VDB-211929 was assigned to this vulnerability. (CVE-2022-3625)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects\n the function vsock_connect of the file net/vmw_vsock/af_vsock.c of the component IPsec. The manipulation\n leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier\n assigned to this vulnerability. (CVE-2022-3629)\n\n - A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function\n j1939_session_destroy of the file net/can/j1939/transport.c of the component IPsec. The manipulation leads\n to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability\n is VDB-211932. (CVE-2022-3633)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue\n is the function tst_timer of the file drivers/atm/idt77252.c of the component IPsec. The manipulation\n leads to use after free. It is recommended to apply a patch to fix this issue. VDB-211934 is the\n identifier assigned to this vulnerability. (CVE-2022-3635)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after\n free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of\n service can occur upon binding to an already bound chain. (CVE-2022-39190)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is\n not held during a PUD move. (CVE-2022-41222)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could\n cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through\n 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and\n potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through\n 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-\n free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before\n 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in\n turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the\n mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon\n protection of P2P devices. (CVE-2022-42722)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1017425\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/linux-5.10\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3173\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0171\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-20421\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-20422\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2905\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3176\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3621\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3633\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-39188\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3919\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-39190\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-39842\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-40307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-41222\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-4167\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-41674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-4272\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-43750\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/linux-5.10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux-5.10 packages.\n\nFor Debian 10 buster, these problems have been fixed in version 5.10.149-2~deb10u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1679\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3649\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/11/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-config-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-cloud-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-cloud-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-rt-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.17-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-cloud-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-cloud-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-rt-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-0.deb10.19-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-amd64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-arm64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-i386-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10-rt-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-686-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-cloud-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-cloud-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.17-rt-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-686-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-cloud-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-cloud-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-0.deb10.19-rt-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-kbuild-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-5.10.0-0.deb10.17\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-5.10.0-0.deb10.19\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar debian_release = get_kb_item('Host/Debian/release');\nif ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');\ndebian_release = chomp(debian_release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'linux-config-5.10', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-doc-5.10', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10-armmp-lpae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10-rt-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-686', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-686-pae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-amd64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-arm64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-armmp-lpae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-cloud-amd64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-cloud-arm64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-common', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-common-rt', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-rt-686-pae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-rt-amd64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-rt-arm64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.17-rt-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-686', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-686-pae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-amd64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-arm64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-armmp-lpae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-cloud-amd64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-cloud-arm64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-common', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-common-rt', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-rt-686-pae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-rt-amd64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-rt-arm64', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-headers-5.10.0-0.deb10.19-rt-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-686-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-686-pae-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-amd64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-amd64-signed-template', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-arm64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-arm64-signed-template', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-armmp-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-armmp-lpae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-armmp-lpae-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-cloud-amd64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-cloud-arm64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-i386-signed-template', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-rt-686-pae-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-rt-amd64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-rt-arm64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-rt-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10-rt-armmp-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-686-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-686-pae-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-686-pae-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-686-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-amd64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-amd64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-arm64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-arm64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-armmp-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-armmp-lpae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-armmp-lpae-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-cloud-amd64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-cloud-amd64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-cloud-arm64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-cloud-arm64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-rt-686-pae-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-rt-686-pae-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-rt-amd64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-rt-amd64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-rt-arm64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-rt-arm64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-rt-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.17-rt-armmp-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-686-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-686-pae-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-686-pae-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-686-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-amd64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-amd64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-arm64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-arm64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-armmp-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-armmp-lpae', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-armmp-lpae-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-cloud-amd64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-cloud-amd64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-cloud-arm64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-cloud-arm64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-rt-686-pae-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-rt-686-pae-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-rt-amd64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-rt-amd64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-rt-arm64-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-rt-arm64-unsigned', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-rt-armmp', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-image-5.10.0-0.deb10.19-rt-armmp-dbg', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-kbuild-5.10', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-perf-5.10', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-source-5.10', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-support-5.10.0-0.deb10.17', 'reference': '5.10.149-2~deb10u1'},\n {'release': '10.0', 'prefix': 'linux-support-5.10.0-0.deb10.19', 'reference': '5.10.149-2~deb10u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var _release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (_release && prefix && reference) {\n if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-config-5.10 / linux-doc-5.10 / linux-headers-5.10-armmp / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:37:25", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.\n The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)\n\n - A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability. (CVE-2022-3545)\n\n - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this vulnerability. (CVE-2022-3566)\n\n - A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier assigned to this vulnerability. (CVE-2022-3567)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability. (CVE-2022-3625)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability. (CVE-2022-3629)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. (CVE-2022-41850)\n\n - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.\n (CVE-2022-42703)\n\n - There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past commit https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e https://www.google.com/url (CVE-2022-42895)\n\n - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively) remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within proximity of the victim. We recommend upgrading past commit https://www.google.com/url https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4 https://www.google.com/url (CVE-2022-42896)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\n - A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges. (CVE-2022-3628)\n\n - A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information. (CVE-2022-41858)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-06T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-1126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3524", "CVE-2022-3542", "CVE-2022-3545", "CVE-2022-3564", "CVE-2022-3565", "CVE-2022-3566", "CVE-2022-3567", "CVE-2022-3586", "CVE-2022-3594", "CVE-2022-3625", "CVE-2022-3628", "CVE-2022-3629", "CVE-2022-41674", "CVE-2022-41850", "CVE-2022-41858", "CVE-2022-42703", "CVE-2022-42895", "CVE-2022-42896", "CVE-2022-43750"], "modified": "2023-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2023-1126.NASL", "href": "https://www.tenable.com/plugins/nessus/169624", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169624);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/06\");\n\n script_cve_id(\n \"CVE-2022-3524\",\n \"CVE-2022-3542\",\n \"CVE-2022-3545\",\n \"CVE-2022-3564\",\n \"CVE-2022-3565\",\n \"CVE-2022-3566\",\n \"CVE-2022-3567\",\n \"CVE-2022-3586\",\n \"CVE-2022-3594\",\n \"CVE-2022-3625\",\n \"CVE-2022-3628\",\n \"CVE-2022-3629\",\n \"CVE-2022-41674\",\n \"CVE-2022-41850\",\n \"CVE-2022-41858\",\n \"CVE-2022-42703\",\n \"CVE-2022-42895\",\n \"CVE-2022-42896\",\n \"CVE-2022-43750\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-1126)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to\n memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.\n The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)\n\n - A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability\n is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the\n component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this\n issue. The identifier VDB-211045 was assigned to this vulnerability. (CVE-2022-3545)\n\n - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the\n function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated\n identifier of this vulnerability is VDB-211087. (CVE-2022-3564)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue\n is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier\n of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function\n tcp_getsockopt/tcp_setsockopt of the component TCP Handler. The manipulation leads to race condition. It\n is recommended to apply a patch to fix this issue. The identifier VDB-211089 was assigned to this\n vulnerability. (CVE-2022-3566)\n\n - A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects\n the function inet6_stream_ops/inet6_dgram_ops of the component IPv6 Handler. The manipulation leads to\n race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the identifier\n assigned to this vulnerability. (CVE-2022-3567)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The\n manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to\n apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function\n devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier\n VDB-211929 was assigned to this vulnerability. (CVE-2022-3625)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects\n the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It\n is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this\n vulnerability. (CVE-2022-3629)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could\n cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition\n and resultant use-after-free in certain situations where a report is received while copying a\n report->value is in progress. (CVE-2022-41850)\n\n - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.\n (CVE-2022-42703)\n\n - There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req\n function which can be used to leak kernel pointers remotely. We recommend upgrading past commit\n https://github.com/torvalds/linux/commit/b1a2cd50c0357f243b7435a732b4e62ba3157a2e\n https://www.google.com/url (CVE-2022-42895)\n\n - There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect\n and l2cap_le_connect_req functions which may allow code execution and leaking kernel memory (respectively)\n remotely via Bluetooth. A remote attacker could execute code leaking kernel memory via Bluetooth if within\n proximity of the victim. We recommend upgrading past commit https://www.google.com/url\n https://github.com/torvalds/linux/commit/711f8c3fb3db61897080468586b970c87c61d9e4\n https://www.google.com/url (CVE-2022-42896)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\n - A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs\n when a user connects to a malicious USB device. This can allow a local user to crash the system or\n escalate their privileges. (CVE-2022-3628)\n\n - A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in\n progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to\n crash the system or leak internal kernel information. (CVE-2022-41858)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1126\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?513f979a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42896\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.18.0-147.5.1.6.h902.eulerosv2r9\",\n \"kernel-tools-4.18.0-147.5.1.6.h902.eulerosv2r9\",\n \"kernel-tools-libs-4.18.0-147.5.1.6.h902.eulerosv2r9\",\n \"python3-perf-4.18.0-147.5.1.6.h902.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-28T20:39:27", "description": "The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3897-1 advisory.\n\n - A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS. (CVE-2021-4037)\n\n - A flaw was found in the Linux kernel's KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. (CVE-2022-2153)\n\n - A flaw was found in the Linux kernel's driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.\n (CVE-2022-2964)\n\n - A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-2978)\n\n - A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect. (CVE-2022-3169)\n\n - There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (CVE-2022-3176)\n\n - A use-after-free flaw was found in the Linux kernel's SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-3424)\n\n - A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability. (CVE-2022-3521)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.\n The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)\n\n - A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability. (CVE-2022-3545)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's Kid-friendly Wired Controller driver.\n This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.\n (CVE-2022-3577)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability. (CVE-2022-3623)\n\n - A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211929 was assigned to this vulnerability. (CVE-2022-3625)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this vulnerability. (CVE-2022-3629)\n\n - A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211944. (CVE-2022-3640)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations. (CVE-2022-39189)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.\n (CVE-2022-42703)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after- free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2022:3897-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13405", "CVE-2021-4037", "CVE-2022-2153", "CVE-2022-28748", "CVE-2022-2964", "CVE-2022-2978", "CVE-2022-3169", "CVE-2022-3176", "CVE-2022-3424", "CVE-2022-3521", "CVE-2022-3524", "CVE-2022-3535", "CVE-2022-3542", "CVE-2022-3545", "CVE-2022-3565", "CVE-2022-3577", "CVE-2022-3586", "CVE-2022-3594", "CVE-2022-3621", "CVE-2022-3623", "CVE-2022-3625", "CVE-2022-3629", "CVE-2022-3640", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-39189", "CVE-2022-40768", "CVE-2022-41674", "CVE-2022-42703", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722", "CVE-2022-43750"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-azure", "p-cpe:/a:novell:suse_linux:kernel-azure-devel", "p-cpe:/a:novell:suse_linux:kernel-devel-azure", "p-cpe:/a:novell:suse_linux:kernel-source-azure", "p-cpe:/a:novell:suse_linux:kernel-syms-azure", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-3897-1.NASL", "href": "https://www.tenable.com/plugins/nessus/167218", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3897-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167218);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2021-4037\",\n \"CVE-2022-2153\",\n \"CVE-2022-2964\",\n \"CVE-2022-2978\",\n \"CVE-2022-3169\",\n \"CVE-2022-3176\",\n \"CVE-2022-3424\",\n \"CVE-2022-3521\",\n \"CVE-2022-3524\",\n \"CVE-2022-3535\",\n \"CVE-2022-3542\",\n \"CVE-2022-3545\",\n \"CVE-2022-3565\",\n \"CVE-2022-3577\",\n \"CVE-2022-3586\",\n \"CVE-2022-3594\",\n \"CVE-2022-3621\",\n \"CVE-2022-3623\",\n \"CVE-2022-3625\",\n \"CVE-2022-3629\",\n \"CVE-2022-3640\",\n \"CVE-2022-3646\",\n \"CVE-2022-3649\",\n \"CVE-2022-28748\",\n \"CVE-2022-39189\",\n \"CVE-2022-40768\",\n \"CVE-2022-41674\",\n \"CVE-2022-42703\",\n \"CVE-2022-42719\",\n \"CVE-2022-42720\",\n \"CVE-2022-42721\",\n \"CVE-2022-42722\",\n \"CVE-2022-43750\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3897-1\");\n\n script_name(english:\"SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2022:3897-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:3897-1 advisory.\n\n - A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that\n allows local users to create files for the XFS file-system with an unintended group ownership and with\n group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a\n certain group and is writable by a user who is not a member of this group. This can lead to excessive\n permissions granted in case when they should not. This vulnerability is similar to the previous\n CVE-2018-13405 and adds the missed fix for the XFS. (CVE-2021-4037)\n\n - A flaw was found in the Linux kernel's KVM when attempting to set a SynIC IRQ. This issue makes it\n possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This\n flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel\n oops condition that results in a denial of service. (CVE-2022-2153)\n\n - A flaw was found in the Linux kernel's driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet\n Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.\n (CVE-2022-2964)\n\n - A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function\n security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use\n this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-2978)\n\n - A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request\n of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting\n in a PCIe link disconnect. (CVE-2022-3169)\n\n - There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a\n waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before\n the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free\n to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We\n recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (CVE-2022-3176)\n\n - A use-after-free flaw was found in the Linux kernel's SGI GRU driver in the way the first\n gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the\n gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate\n their privileges on the system. (CVE-2022-3424)\n\n - A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects\n the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to\n race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier\n assigned to this vulnerability. (CVE-2022-3521)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to\n memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.\n The identifier VDB-211021 was assigned to this vulnerability. (CVE-2022-3524)\n\n - A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability\n is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the\n component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this\n issue. The identifier VDB-211045 was assigned to this vulnerability. (CVE-2022-3545)\n\n - A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue\n is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier\n of this vulnerability is VDB-211088. (CVE-2022-3565)\n\n - An out-of-bounds memory write flaw was found in the Linux kernel's Kid-friendly Wired Controller driver.\n This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in\n bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have\n inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.\n (CVE-2022-3577)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The\n manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to\n apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211363.\n (CVE-2022-3594)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads\n to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a\n patch to fix this issue. The identifier of this vulnerability is VDB-211920. (CVE-2022-3621)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation\n leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix\n this issue. The identifier VDB-211921 was assigned to this vulnerability. (CVE-2022-3623)\n\n - A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function\n devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The\n manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier\n VDB-211929 was assigned to this vulnerability. (CVE-2022-3625)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects\n the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. It\n is recommended to apply a patch to fix this issue. VDB-211930 is the identifier assigned to this\n vulnerability. (CVE-2022-3629)\n\n - A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function\n l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads\n to use after free. It is recommended to apply a patch to fix this issue. The identifier of this\n vulnerability is VDB-211944. (CVE-2022-3640)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after\n free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users\n can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED\n situations. (CVE-2022-39189)\n\n - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information\n from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.\n (CVE-2022-40768)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could\n cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.\n (CVE-2022-42703)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through\n 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and\n potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through\n 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-\n free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before\n 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in\n turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the\n mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon\n protection of P2P devices. (CVE-2022-42722)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1032323\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1152489\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201725\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202638\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1202700\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203066\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203290\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203391\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203496\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203770\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1203802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204059\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204060\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204354\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204355\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204382\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204402\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204415\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204417\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204431\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204439\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204470\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204479\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204574\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204575\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204635\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204637\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204647\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204653\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204728\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204753\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204754\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-November/012838.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?076d9a2f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-4037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28748\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2964\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-2978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3169\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3176\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3424\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3524\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3565\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3577\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3586\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3621\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3623\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3629\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3640\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3646\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-3649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39189\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-40768\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-41674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42703\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-43750\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42719\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SUSE15\\.3)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-azure-5.3.18-150300.38.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-azure-devel-5.3.18-150300.38.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-devel-azure-5.3.18-150300.38.83.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-source-azure-5.3.18-150300.38.83.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-syms-azure-5.3.18-150300.38.83.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']},\n {'reference':'cluster-md-kmp-azure-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dlm-kmp-azure-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'gfs2-kmp-azure-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-azure-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-azure-devel-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-azure-extra-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-azure-livepatch-devel-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-azure-optional-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-devel-azure-5.3.18-150300.38.83.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-source-azure-5.3.18-150300.38.83.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kernel-syms-azure-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'kselftests-kmp-azure-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'ocfs2-kmp-azure-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'reiserfs-kmp-azure-5.3.18-150300.38.83.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-azure / dlm-kmp-azure / gfs2-kmp-azure / kernel-azure / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:37:04", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5257 advisory.\n\n - A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS. (CVE-2021-4037)\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel's filesystem sub- component. This flaw allows a local attacker with a user privilege to cause a denial of service.\n (CVE-2022-1184)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by zero error. (CVE-2022-3061)\n\n - There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (CVE-2022-3176)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after- free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-19T00:00:00", "type": "nessus", "title": "Debian DSA-5257-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-13405", "CVE-2021-4037", "CVE-2022-0171", "CVE-2022-1184", "CVE-2022-20421", "CVE-2022-2602", "CVE-2022-2663", "CVE-2022-3061", "CVE-2022-3176", "CVE-2022-3303", "CVE-2022-39188", "CVE-2022-39842", "CVE-2022-40307", "CVE-2022-41674", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722"], "modified": "2022-12-01T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:bpftool", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:hyperv-daemons", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:libcpupower-dev", "p-cpe:/a:debian:debian_linux:libcpupower1", "p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-arm", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-s390", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-x86", "p-cpe:/a:debian:debian_linux:linux-config-5.10", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:linux-cpupower", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-doc", "p-cpe:/a:debian:debian_linux:linux-doc-5.10", "p-cpe:/a:debian:debian_linux:linux-headers-4kc-malta", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-5kc-malta", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-686", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-amd64", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-armmp", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-armmp-lpae", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-cloud-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-cloud-arm64", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-common", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-common-rt", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-loongson-3", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-marvell", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-octeon", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rpi", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rt-amd64", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rt-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rt-armmp", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-s390x", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-headers-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-armmp", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:linux-headers-armmp-lpae", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:linux-headers-loongson-3", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:linux-headers-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-octeon", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:linux-headers-powerpc64le", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-headers-rpi", "p-cpe:/a:debian:debian_linux:linux-headers-rt-armmp", "p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:linux-headers-s390x", "p-cpe:/a:debian:debian_linux:linux-image-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-4kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-4kc-malta", "p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-4kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-5kc-malta", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-5kc-malta-dbg", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-686-dbg", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-686-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-amd64-dbg", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-arm64-dbg", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-arm64-unsigned", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-armmp-lpae", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-cloud-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-cloud-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-loongson-3", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-loongson-3-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-marvell", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-octeon", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-octeon-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-powerpc64le-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-armmp-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rpi", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-s390x", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rpi-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-s390x-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-perf", "p-cpe:/a:debian:debian_linux:linux-perf-5.10", "p-cpe:/a:debian:debian_linux:linux-source", "p-cpe:/a:debian:debian_linux:linux-source-5.10", "p-cpe:/a:debian:debian_linux:linux-image-5kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-support-5.10.0-16", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-686-dbg", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-amd64-dbg", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:linux-image-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-armmp", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-image-armmp-dbg", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae-dbg", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-image-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:linux-image-loongson-3", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:linux-image-loongson-3-dbg", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:linux-image-marvell", "p-cpe:/a:debian:debian_linux:linux-image-marvell-dbg", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-image-octeon", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-octeon-dbg", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:linux-image-powerpc64le", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:linux-image-powerpc64le-dbg", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-rpi", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-rpi-dbg", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:linux-image-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:linux-image-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-rt-armmp", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:linux-image-rt-armmp-dbg", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:linux-image-s390x", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-image-s390x-dbg", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-kbuild-5.10", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:speakup-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:speakup-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-s390x-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-s390x-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-16-powerpc64le-di", "cpe:/o:debian:debian_linux:11.0", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-armmp-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-marvell-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-octeon-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-armmp-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-marvell-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-octeon-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usbip", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-4kc-malta-di"], "id": "DEBIAN_DSA-5257.NASL", "href": "https://www.tenable.com/plugins/nessus/166232", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5257. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166232);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/01\");\n\n script_cve_id(\n \"CVE-2021-4037\",\n \"CVE-2022-0171\",\n \"CVE-2022-1184\",\n \"CVE-2022-2602\",\n \"CVE-2022-2663\",\n \"CVE-2022-3061\",\n \"CVE-2022-3176\",\n \"CVE-2022-3303\",\n \"CVE-2022-20421\",\n \"CVE-2022-39188\",\n \"CVE-2022-39842\",\n \"CVE-2022-40307\",\n \"CVE-2022-41674\",\n \"CVE-2022-42719\",\n \"CVE-2022-42720\",\n \"CVE-2022-42721\",\n \"CVE-2022-42722\"\n );\n\n script_name(english:\"Debian DSA-5257-1 : linux - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5257 advisory.\n\n - A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that\n allows local users to create files for the XFS file-system with an unintended group ownership and with\n group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a\n certain group and is writable by a user who is not a member of this group. This can lead to excessive\n permissions granted in case when they should not. This vulnerability is similar to the previous\n CVE-2018-13405 and adds the missed fix for the XFS. (CVE-2021-4037)\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root\n (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD\n CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel's filesystem sub-\n component. This flaw allows a local attacker with a user privilege to cause a denial of service.\n (CVE-2022-1184)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver\n through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by\n zero error. (CVE-2022-3061)\n\n - There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a\n waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before\n the queue is freed. Unfortunately, the io_uring poll doesn't handle POLLFREE. This allows a use-after-free\n to occur if a signalfd or binder fd is polled with io_uring poll, and the waitqueue gets freed. We\n recommend upgrading past commit fc78b2fc21f10c4c9c4d5d659a685710ffa63659 (CVE-2022-3176)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race\n condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale\n TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)\n\n - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in\n drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an\n integer overflow and bypassing the size check. After that, because it is used as the third argument to\n copy_from_user(), a heap overflow may occur. (CVE-2022-39842)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could\n cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through\n 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and\n potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through\n 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-\n free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before\n 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in\n turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the\n mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon\n protection of P2P devices. (CVE-2022-42722)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5257\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0171\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-20421\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2602\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3176\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3303\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-39188\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-39842\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-40307\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-41674\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/linux\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 5.10.149-1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42719\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hyperv-daemons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-config-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-cpupower\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-cloud-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-cloud-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rt-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-16-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-4kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-5kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-686-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-cloud-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-cloud-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-loongson-3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-octeon-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-powerpc64le-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rpi-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-rt-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-16-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp-lpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-loongson-3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-octeon-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-powerpc64le-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rpi-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-armmp-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-kbuild-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-5.10.0-16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loop-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppp-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:speakup-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:speakup-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-armmp-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usbip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-16-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-18-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'bpftool', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'dasd-extra-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'dasd-extra-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'dasd-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'dasd-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'efi-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'efi-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fancontrol-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fancontrol-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'hyperv-daemons', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'hypervisor-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'hypervisor-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ipv6-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ipv6-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jffs2-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jffs2-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'libcpupower-dev', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'libcpupower1', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-arm', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-s390', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-x86', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-config-5.10', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-cpupower', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-doc', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-doc-5.10', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-4kc-malta', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-4kc-malta', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-5kc-malta', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-686', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-686-pae', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-amd64', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-arm64', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-armmp', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-armmp-lpae', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-cloud-amd64', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-cloud-arm64', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-common', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-common-rt', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-loongson-3', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-marvell', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-octeon', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-powerpc64le', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-rpi', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-rt-686-pae', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-rt-amd64', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-rt-arm64', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-rt-armmp', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-16-s390x', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5kc-malta', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-armmp', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-armmp-lpae', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-loongson-3', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-marvell', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-octeon', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-powerpc64le', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-rpi', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-rt-armmp', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-headers-s390x', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-4kc-malta', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-4kc-malta-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-4kc-malta', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-4kc-malta-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-5kc-malta', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-5kc-malta-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-686-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-686-pae-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-686-pae-unsigned', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-686-unsigned', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-amd64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-amd64-unsigned', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-arm64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-arm64-unsigned', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-armmp', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-armmp-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-armmp-lpae', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-armmp-lpae-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-cloud-amd64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-cloud-amd64-unsigned', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-cloud-arm64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-cloud-arm64-unsigned', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-loongson-3', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-loongson-3-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-marvell', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-marvell-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-octeon', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-octeon-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-powerpc64le', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-powerpc64le-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rpi', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rpi-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rt-686-pae-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rt-686-pae-unsigned', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rt-amd64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rt-amd64-unsigned', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rt-arm64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rt-arm64-unsigned', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rt-armmp', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-rt-armmp-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-s390x', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-16-s390x-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5kc-malta', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-5kc-malta-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-686-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-686-pae-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-amd64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-amd64-signed-template', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-arm64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-arm64-signed-template', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-armmp', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-lpae', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-lpae-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-cloud-amd64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-cloud-arm64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-i386-signed-template', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-loongson-3', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-loongson-3-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-marvell', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-marvell-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-octeon', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-octeon-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-powerpc64le', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-powerpc64le-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-rpi', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-rpi-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-686-pae-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-amd64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-arm64-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-armmp', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-armmp-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-s390x', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-image-s390x-dbg', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-kbuild-5.10', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-libc-dev', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-perf', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-perf-5.10', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-source', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-source-5.10', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'linux-support-5.10.0-16', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nfs-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nfs-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'rtc-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'rtc-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'serial-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'serial-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'speakup-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'speakup-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-16-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-16-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-18-armmp-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-18-marvell-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'usbip', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-16-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-16-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-16-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-16-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-16-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-16-s390x-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-18-4kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-18-5kc-malta-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-18-loongson-3-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-18-octeon-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-18-powerpc64le-di', 'reference': '5.10.149-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-18-s390x-di', 'reference': '5.10.149-1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'affs-modules-5.10.0-16-4kc-malta-di / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:37:05", "description": "The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5692-1 advisory.\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after- free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices. (CVE-2022-42722)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-19T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5692-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2602", "CVE-2022-41674", "CVE-2022-42719", "CVE-2022-42720", "CVE-2022-42721", "CVE-2022-42722"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.14.0-1054-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1007-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1017-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1019-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1020-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1021-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1021-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1022-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1022-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-lowlatency-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle"], "id": "UBUNTU_USN-5692-1.NASL", "href": "https://www.tenable.com/plugins/nessus/166276", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5692-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166276);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\n \"CVE-2022-2602\",\n \"CVE-2022-41674\",\n \"CVE-2022-42719\",\n \"CVE-2022-42720\",\n \"CVE-2022-42721\",\n \"CVE-2022-42722\"\n );\n script_xref(name:\"USN\", value:\"5692-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5692-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the USN-5692-1 advisory.\n\n - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could\n cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)\n\n - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through\n 5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and\n potentially execute code. (CVE-2022-42719)\n\n - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through\n 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-\n free conditions to potentially execute code. (CVE-2022-42720)\n\n - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before\n 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in\n turn, potentially execute code. (CVE-2022-42721)\n\n - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the\n mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon\n protection of P2P devices. (CVE-2022-42722)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5692-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42719\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.14.0-1054-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1007-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1017-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1019-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1020-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1021-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1021-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1022-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1022-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-52-lowlatency-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(20\\.04|22\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 22.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.14.0-\\d{4}-oem|5.15.0-\\d{2}-(generic|generic-64k|generic-lpae|lowlatency|lowlatency-64k)|5.15.0-\\d{4}-(aws|azure|gcp|gke|gkeop|ibm|kvm|oracle))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.14.0-\\d{4}-oem\" : \"5.14.0-1054\",\n \"5.15.0-\\d{2}-(generic|generic-64k|generic-lpae|lowlatency|lowlatency-64k)\" : \"5.15.0-52\",\n \"5.15.0-\\d{4}-aws\" : \"5.15.0-1022\",\n \"5.15.0-\\d{4}-azure\" : \"5.15.0-1022\",\n \"5.15.0-\\d{4}-gcp\" : \"5.15.0-1021\",\n \"5.15.0-\\d{4}-gke\" : \"5.15.0-1019\",\n \"5.15.0-\\d{4}-gkeop\" : \"5.15.0-1007\",\n \"5.15.0-\\d{4}-ibm\" : \"5.15.0-1017\",\n \"5.15.0-\\d{4}-kvm\" : \"5.15.0-1020\",\n \"5.15.0-\\d{4}-oracle\" : \"5.15.0-1021\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5692-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-2602', 'CVE-2022-41674', 'CVE-2022-42719', 'CVE-2022-42720', 'CVE-2022-42721', 'CVE-2022-42722');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5692-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-22T22:41:18", "description": "The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-1 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A vulnerability classified as critical has been found in Linux Kernel. This affects the function spl2sw_nvmem_get_mac_address of the file drivers/net/ethernet/sunplus/spl2sw_driver.c of the component BPF. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211041 was assigned to this vulnerability. (CVE-2022-3541)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043. (CVE-2022-3543)\n\n - A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211044. (CVE-2022-3544)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assigned to this vulnerability. (CVE-2022-3623)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and should not be put separately. We recommend upgrading past commit https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 (CVE-2022-3910)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use- after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free in certain situations where a report is received while copying a report->value is in progress. (CVE-2022-41850)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-07T00:00:00", "type": "nessus", "title": "Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5793-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-20421", "CVE-2022-2663", "CVE-2022-3303", "CVE-2022-3541", "CVE-2022-3543", "CVE-2022-3544", "CVE-2022-3586", "CVE-2022-3623", "CVE-2022-3646", "CVE-2022-3649", "CVE-2022-3910", "CVE-2022-3977", "CVE-2022-40307", "CVE-2022-4095", "CVE-2022-41849", "CVE-2022-41850", "CVE-2022-43750"], "modified": "2023-03-22T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:22.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1011-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1011-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1014-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1014-lowlatency-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1015-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1016-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-28-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-28-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-28-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-nolpae"], "id": "UBUNTU_USN-5793-1.NASL", "href": "https://www.tenable.com/plugins/nessus/169691", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5793-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169691);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-2663\",\n \"CVE-2022-3303\",\n \"CVE-2022-3541\",\n \"CVE-2022-3543\",\n \"CVE-2022-3544\",\n \"CVE-2022-3586\",\n \"CVE-2022-3623\",\n \"CVE-2022-3646\",\n \"CVE-2022-3649\",\n \"CVE-2022-3910\",\n \"CVE-2022-3977\",\n \"CVE-2022-4095\",\n \"CVE-2022-20421\",\n \"CVE-2022-40307\",\n \"CVE-2022-41849\",\n \"CVE-2022-41850\",\n \"CVE-2022-43750\"\n );\n script_xref(name:\"USN\", value:\"5793-1\");\n\n script_name(english:\"Ubuntu 22.10 : Linux kernel vulnerabilities (USN-5793-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nUSN-5793-1 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and\n incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted\n IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead\n to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or\n member of the audio group) could use this flaw to crash the system, resulting in a denial of service\n condition (CVE-2022-3303)\n\n - A vulnerability classified as critical has been found in Linux Kernel. This affects the function\n spl2sw_nvmem_get_mac_address of the file drivers/net/ethernet/sunplus/spl2sw_driver.c of the component\n BPF. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The\n identifier VDB-211041 was assigned to this vulnerability. (CVE-2022-3541)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The\n associated identifier of this vulnerability is VDB-211043. (CVE-2022-3543)\n\n - A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function\n damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to\n memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is\n VDB-211044. (CVE-2022-3544)\n\n - A flaw was found in the Linux kernel's networking code. A use-after-free was found in the way the sch_sfb\n enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed)\n into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of\n service. (CVE-2022-3586)\n\n - A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this\n vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation\n leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix\n this issue. The identifier VDB-211921 was assigned to this vulnerability. (CVE-2022-3623)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects\n the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The\n manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a\n patch to fix this issue. The identifier VDB-211961 was assigned to this vulnerability. (CVE-2022-3646)\n\n - A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function\n nilfs_new_inode of the file fs/nilfs2/inode.c of the component BPF. The manipulation leads to use after\n free. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.\n The identifier of this vulnerability is VDB-211992. (CVE-2022-3649)\n\n - Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference\n Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked\n with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to\n Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and\n should not be put separately. We recommend upgrading past commit\n https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679\n https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 (CVE-2022-3910)\n\n - In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free.\n This could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-239630375References: Upstream kernel (CVE-2022-20421)\n\n - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a\n race condition with a resultant use-after-free. (CVE-2022-40307)\n\n - drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-\n after-free if a physically proximate attacker removes a USB device while calling open(), aka a race\n condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)\n\n - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition\n and resultant use-after-free in certain situations where a report is received while copying a\n report->value is in progress. (CVE-2022-41850)\n\n - drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-\n space client to corrupt the monitor's internal memory. (CVE-2022-43750)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5793-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3623\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-3977\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1011-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1011-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1014-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1014-lowlatency-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1015-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-1016-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-28-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-28-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.19.0-28-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-nolpae\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2023 Canonical, Inc. / NASL script (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(22\\.10)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 22.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.19.0-\\d{2}-(generic|generic-64k|generic-lpae)|5.19.0-\\d{4}-(aws|kvm|lowlatency|lowlatency-64k|raspi|raspi-nolpae))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.19.0-\\d{2}-(generic|generic-64k|generic-lpae)\" : \"5.19.0-28\",\n \"5.19.0-\\d{4}-(lowlatency|lowlatency-64k)\" : \"5.19.0-1014\",\n \"5.19.0-\\d{4}-(raspi|raspi-nolpae)\" : \"5.19.0-1011\",\n \"5.19.0-\\d{4}-aws\" : \"5.19.0-1016\",\n \"5.19.0-\\d{4}-kvm\" : \"5.19.0-1015\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5793-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-2663', 'CVE-2022-3303', 'CVE-2022-3541', 'CVE-2022-3543', 'CVE-2022-3544', 'CVE-2022-3586', 'CVE-2022-3623', 'CVE-2022-3646', 'CVE-2022-3649', 'CVE-2022-3910', 'CVE-2022-3977', 'CVE-2022-4095', 'CVE-2022-20421', 'CVE-2022-40307', 'CVE-2022-41849', 'CVE-2022-41850', 'CVE-2022-43750');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5793-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-22T22:41:19", "description": "The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-4 advisory.\n\n - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. (CVE-2022-2663)\n\n - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition (CVE-2022-3303)\n\n - A vulnerability classified as critical has been found in Linux Kernel. This affects the function spl2sw_nvmem_get_mac_address of the file drivers/net/ethernet/sunplus/spl2sw_driver.c of the component BPF. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211041 was assigned to this vulnerability. (CVE-2022-3541)\n\n - A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF.\n The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043. (CVE-2022-3543)\n\n - A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifi