Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2020-2024 Canonical, Inc. / NASL script (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-4659-1.NASL
HistoryDec 02, 2020 - 12:00 a.m.

Ubuntu 20.10 : Linux kernel vulnerabilities (USN-4659-1)

2020-12-0200:00:00
Ubuntu Security Notice (C) 2020-2024 Canonical, Inc. / NASL script (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
90

7.7 High

AI Score

Confidence

High

JSON

The remote Ubuntu 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4659-1 advisory.

  • In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:
    A-161151868References: N/A (CVE-2020-0423)

  • IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
    (CVE-2020-4788)

  • Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key. (CVE-2020-10135)

  • A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.
    Kernel versions before 5.10 may be vulnerable to this issue. (CVE-2020-25705)

  • An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9. (CVE-2020-27152)

  • A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. (CVE-2020-28915)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-4659-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('compat.inc');

if (description)
{
  script_id(143429);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/07");

  script_cve_id(
    "CVE-2020-0423",
    "CVE-2020-4788",
    "CVE-2020-10135",
    "CVE-2020-14351",
    "CVE-2020-25705",
    "CVE-2020-27152",
    "CVE-2020-28915"
  );
  script_xref(name:"USN", value:"4659-1");
  script_xref(name:"CEA-ID", value:"CEA-2020-0138");

  script_name(english:"Ubuntu 20.10 : Linux kernel vulnerabilities (USN-4659-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the
USN-4659-1 advisory.

  - In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could
    lead to local escalation of privilege in the kernel with no additional execution privileges needed. User
    interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:
    A-161151868References: N/A (CVE-2020-0423)

  - IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive
    information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
    (CVE-2020-4788)

  - Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2
    and earlier may allow an unauthenticated user to complete authentication without pairing credentials via
    adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or
    slave to pair with a previously paired remote device to successfully complete the authentication procedure
    without knowing the link key. (CVE-2020-10135)

  - A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows
    to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source
    port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly
    integrity, because software that relies on UDP source port randomization are indirectly affected as well.
    Kernel versions before 5.10 may be vulnerable to this issue. (CVE-2020-25705)

  - An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before
    5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering,
    aka CID-77377064c3a9. (CVE-2020-27152)

  - A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be
    used by local attackers to read kernel memory, aka CID-6735b4632def. (CVE-2020-28915)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-4659-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-0423");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2020-14351");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/19");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/12/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/12/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.10");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1008-raspi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1008-raspi-nolpae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1011-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1011-oracle");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1012-gcp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1013-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1014-aws");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-31-generic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-31-generic-64k");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-31-generic-lpae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-31-lowlatency");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k-hwe-20.04-edge");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-hwe-20.04-edge");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-hwe-20.04-edge");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-hwe-20.04-edge");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-nolpae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-hwe-20.04-edge");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2020-2024 Canonical, Inc. / NASL script (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('audit.inc');
include('ubuntu.inc');
include('ksplice.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item('Host/Ubuntu/release');
if ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
release = chomp(release);
if (! preg(pattern:"^(20\.10)$", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.10', 'Ubuntu ' + release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
  rm_kb_item(name:'Host/uptrack-uname-r');
  cve_list = make_list('CVE-2020-0423', 'CVE-2020-4788', 'CVE-2020-10135', 'CVE-2020-14351', 'CVE-2020-25705', 'CVE-2020-27152', 'CVE-2020-28915');
  if (ksplice_cves_check(cve_list))
  {
    audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-4659-1');
  }
  else
  {
    _ubuntu_report = ksplice_reporting_text();
  }
}

pkgs = [
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1008-raspi', 'pkgver': '5.8.0-1008.11'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1008-raspi-nolpae', 'pkgver': '5.8.0-1008.11'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1011-kvm', 'pkgver': '5.8.0-1011.12'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1011-oracle', 'pkgver': '5.8.0-1011.11'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1012-gcp', 'pkgver': '5.8.0-1012.12'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1013-azure', 'pkgver': '5.8.0-1013.14'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-1014-aws', 'pkgver': '5.8.0-1014.15'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-31-generic', 'pkgver': '5.8.0-31.33'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-31-generic-64k', 'pkgver': '5.8.0-31.33'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-31-generic-lpae', 'pkgver': '5.8.0-31.33'},
    {'osver': '20.10', 'pkgname': 'linux-image-5.8.0-31-lowlatency', 'pkgver': '5.8.0-31.33'},
    {'osver': '20.10', 'pkgname': 'linux-image-aws', 'pkgver': '5.8.0.1014.16'},
    {'osver': '20.10', 'pkgname': 'linux-image-azure', 'pkgver': '5.8.0.1013.13'},
    {'osver': '20.10', 'pkgname': 'linux-image-gcp', 'pkgver': '5.8.0.1012.12'},
    {'osver': '20.10', 'pkgname': 'linux-image-generic', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-generic-64k', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-generic-64k-hwe-20.04', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-generic-64k-hwe-20.04-edge', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-generic-hwe-20.04', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-generic-hwe-20.04-edge', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-generic-lpae', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-generic-lpae-hwe-20.04', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-generic-lpae-hwe-20.04-edge', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-gke', 'pkgver': '5.8.0.1012.12'},
    {'osver': '20.10', 'pkgname': 'linux-image-kvm', 'pkgver': '5.8.0.1011.12'},
    {'osver': '20.10', 'pkgname': 'linux-image-lowlatency', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-lowlatency-hwe-20.04', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-lowlatency-hwe-20.04-edge', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-oracle', 'pkgver': '5.8.0.1011.11'},
    {'osver': '20.10', 'pkgname': 'linux-image-raspi', 'pkgver': '5.8.0.1008.11'},
    {'osver': '20.10', 'pkgname': 'linux-image-raspi-nolpae', 'pkgver': '5.8.0.1008.11'},
    {'osver': '20.10', 'pkgname': 'linux-image-virtual', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-virtual-hwe-20.04', 'pkgver': '5.8.0.31.36'},
    {'osver': '20.10', 'pkgname': 'linux-image-virtual-hwe-20.04-edge', 'pkgver': '5.8.0.31.36'}
];

flag = 0;
foreach package_array ( pkgs ) {
  osver = NULL;
  pkgname = NULL;
  pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-image-5.8.0-1008-raspi / linux-image-5.8.0-1008-raspi-nolpae / etc');
}
VendorProductVersionCPE
canonicalubuntu_linux20.10cpe:/o:canonical:ubuntu_linux:20.10
canonicalubuntu_linuxlinux-image-5.8.0-1008-raspip-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1008-raspi
canonicalubuntu_linuxlinux-image-5.8.0-1008-raspi-nolpaep-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1008-raspi-nolpae
canonicalubuntu_linuxlinux-image-5.8.0-1011-kvmp-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1011-kvm
canonicalubuntu_linuxlinux-image-5.8.0-1011-oraclep-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1011-oracle
canonicalubuntu_linuxlinux-image-5.8.0-1012-gcpp-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1012-gcp
canonicalubuntu_linuxlinux-image-5.8.0-1013-azurep-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1013-azure
canonicalubuntu_linuxlinux-image-5.8.0-1014-awsp-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-1014-aws
canonicalubuntu_linuxlinux-image-5.8.0-31-genericp-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-31-generic
canonicalubuntu_linuxlinux-image-5.8.0-31-generic-64kp-cpe:/a:canonical:ubuntu_linux:linux-image-5.8.0-31-generic-64k
Rows per page:
1-10 of 361

Related

openvas 22
ubuntu 8
osv 14
nessus 52
redhat 9
almalinux 3
oraclelinux 11
suse 3
cve 7
veracode 4
debiancve 6
prion 7
redhatcve 8
ubuntucve 7
cbl_mariner 4
githubexploit 2
ibm 10
f5 2
cert 1
openwrt 1
ics 1
cloudfoundry 3
huawei 1
thn 1
aix 1
zdi 1
rocky 2
lenovo 2
fedora 2
mageia 2
debian 1
centos 1
openvas
openvas
Ubuntu: Security Advisory (USN-4659-2)
2020-12-14 00:00:00
Ubuntu: Security Advisory (USN-4659-1)
2020-12-02 00:00:00
Ubuntu: Security Advisory (USN-4658-1)
2020-12-02 00:00:00
ubuntu
ubuntu
Linux kernel regression
2020-12-13 00:00:00
Linux kernel vulnerabilities
2020-12-02 00:00:00
Linux kernel regression
2020-12-13 00:00:00
osv
osv
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 regression
2020-12-13 22:41:46
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
2020-12-03 23:07:43
linux, linux-aws, linux-azure, linux-kvm, linux-lts-trusty, linux-raspi2, linux-snapdragon vulnerabilities
2020-12-02 01:54:29
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-4658-1)
2020-12-02 00:00:00
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4657-1)
2020-12-02 00:00:00
NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2021-0126)
2021-10-28 00:00:00
redhat
redhat
(RHSA-2021:0558) Important: kernel security, bug fix, and enhancement update
2021-02-16 07:36:08
(RHSA-2021:0537) Important: kernel-rt security and bug fix update
2021-02-16 07:32:29
(RHSA-2021:0686) Important: kernel security and bug fix update
2021-03-02 10:00:53
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2021-02-16 07:36:08
Important: kernel-rt security and bug fix update
2022-06-28 00:00:00
Important: kernel security and bug fix update
2022-06-30 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2021-02-17 00:00:00
Unbreakable Enterprise kernel security update
2021-01-12 00:00:00
Unbreakable Enterprise kernel security update
2021-01-12 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2020-11-26 00:00:00
Security update for the Linux Kernel (important)
2020-12-05 00:00:00
Security update for the Linux Kernel (important)
2020-12-15 00:00:00
cve
cve
CVE-2020-27152
2020-11-06 08:15:00
CVE-2020-28915
2020-11-18 08:15:00
CVE-2020-14351
2020-12-03 17:15:00
veracode
veracode
Denial Of Service (DoS)
2020-12-06 02:18:48
Denial Of Service (DoS)
2022-09-08 21:51:29
Source Port UDP Randomization Bypass
2020-12-06 02:21:40
debiancve
debiancve
CVE-2020-27152
2020-11-06 08:15:00
CVE-2020-28915
2020-11-18 08:15:00
CVE-2020-25705
2020-11-17 02:15:00
prion
prion
Input validation
2020-11-06 08:15:00
Buffer overflow
2020-11-18 08:15:00
Design/Logic Flaw
2020-11-17 02:15:00
redhatcve
redhatcve
CVE-2020-27152
2020-10-16 06:30:57
CVE-2020-28915
2020-11-18 17:09:54
CVE-2020-10135
2020-05-19 14:25:45
ubuntucve
ubuntucve
CVE-2020-27152
2020-11-06 00:00:00
CVE-2020-25705
2020-11-17 00:00:00
CVE-2020-28915
2020-11-18 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-27152 affecting package kernel 5.4.91-6
2021-01-29 07:40:05
CVE-2020-25705 affecting package kernel 5.4.91-6
2021-01-29 07:40:05
CVE-2020-28915 affecting package kernel 5.4.91-6
2021-01-29 07:40:05
githubexploit
githubexploit
Exploit for Use of Insufficiently Random Values in Linux Linux Kernel
2020-11-14 08:53:13
Exploit for Authentication Bypass by Spoofing in Bluetooth Bluetooth Core
2020-06-01 07:36:37
ibm
ibm
Security Bulletin: UDP source port randomization flaw in IBM DataPower Gateway (CVE-2020-25705)
2022-12-16 18:57:51
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
2021-03-08 10:24:18
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer over-read flaw in Linux Kernel (CVE-2020-28915)
2023-01-12 21:59:00
f5
f5
K09604370 : Linux kernel vulnerability CVE-2020-25705
2020-12-23 00:00:00
BIG-IP TMM vulnerability CVE-2022-26071
2022-05-04 11:52:00
cert
cert
Bluetooth devices supporting BR/EDR are vulnerable to impersonation attacks
2020-05-18 00:00:00
openwrt
openwrt
Security Advisory 2020-12-09-1 - Linux kernel - ICMP rate limiting can be used to facilitate DNS poisoning attack (CVE-2020-25705)
2020-12-09 16:52:08
ics
ics
Siemens Linux-based Products (Update J)
2022-08-18 12:00:00
cloudfoundry
cloudfoundry
USN-4680-1: Linux kernel vulnerabilities | Cloud Foundry
2021-02-10 00:00:00
USN-4660-2: Linux kernel regression | Cloud Foundry
2021-02-10 00:00:00
USN-4660-1: Linux kernel vulnerabilities | Cloud Foundry
2021-01-12 00:00:00
huawei
huawei
Security Advisory - Improper Authentication Vulnerability in Bluetooth Affect Several Huawei Products
2020-08-05 00:00:00
thn
thn
SAD DNS — New Flaws Re-Enable DNS Cache Poisoning Attacks
2020-11-13 07:12:00
aix
aix
IBM has released AIX iFixes in response to a vulnerability in IBM POWER9,IBM has released VIOS iFixes in response to a vulnerability in IBM POWER9
2020-11-19 17:01:56
zdi
zdi
Linux Kernel Performance Counters Race Condition Privilege Escalation Vulnerability
2020-11-22 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2022-06-28 10:55:48
kernel security and bug fix update
2022-06-28 10:52:11
lenovo
lenovo
Encryption Key Negotiation of Bluetooth Vulnerability - Lenovo Support US
2019-08-13 15:18:05
Encryption Key Negotiation of Bluetooth Vulnerability - Lenovo Support US
2019-08-13 15:18:05
fedora
fedora
[SECURITY] Fedora 33 Update: kernel-5.9.10-200.fc33
2020-11-25 01:36:33
[SECURITY] Fedora 32 Update: kernel-5.9.10-100.fc32
2020-11-25 01:43:27
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2021-01-15 15:31:01
Updated kernel packages fix security vulnerabilities
2021-01-15 15:31:01
debian
debian
[SECURITY] [DLA 2483-1] linux-4.19 security update
2020-12-10 11:11:34
centos
centos
bpftool, kernel, perf, python security update
2021-03-18 23:24:41

7.7 High

AI Score

Confidence

High

JSON
Related for UBUNTU_USN-4659-1.NASL
openvas22ubuntu8osv14nessus52redhat9almalinux3oraclelinux11suse3cve7veracode4debiancve6prion7redhatcve8ubuntucve7cbl_mariner4githubexploit2ibm10f52cert1openwrt1ics1cloudfoundry3huawei1thn1aix1zdi1rocky2lenovo2fedora2mageia2debian1centos1