Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:136141256231112202467431HistoryApr 22, 2024 - 12:00 a.m.
Ubuntu: Security Advisory (USN-6743-1)
2024-04-2200:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
5
linux
linux-aws
linux-azure
linux-gcp
linux-hwe-6.5
linux-laptop
linux-lowlatency
linux-nvidia-6.5
linux-oem-6.5
linux-oracle
linux-oracle-6.5
linux-raspi
linux-starfive
cve-2023-52600
cve-2023-52603
cve-2024-26581
cve-2024-26589
cve-2024-26591
system compromise
security update
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
13.1%
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.12.2024.6743.1");
script_cve_id("CVE-2023-52600", "CVE-2023-52603", "CVE-2024-26581", "CVE-2024-26589", "CVE-2024-26591");
script_tag(name:"creation_date", value:"2024-04-22 04:09:21 +0000 (Mon, 22 Apr 2024)");
script_version("2024-04-23T05:05:27+0000");
script_tag(name:"last_modification", value:"2024-04-23 05:05:27 +0000 (Tue, 23 Apr 2024)");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-03-18 17:56:56 +0000 (Mon, 18 Mar 2024)");
script_name("Ubuntu: Security Advisory (USN-6743-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(22\.04\ LTS|23\.10)");
script_xref(name:"Advisory-ID", value:"USN-6743-1");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-6743-1");
script_tag(name:"summary", value:"The remote host is missing an update for the 'linux, linux-aws, linux-aws-6.5, linux-azure, linux-gcp, linux-gcp-6.5, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-nvidia-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-raspi, linux-starfive, linux-starfive-6.5' package(s) announced via the USN-6743-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- JFS file system,
- BPF subsystem,
- Netfilter,
(CVE-2023-52600, CVE-2024-26589, CVE-2024-26591, CVE-2024-26581,
CVE-2023-52603)");
script_tag(name:"affected", value:"'linux, linux-aws, linux-aws-6.5, linux-azure, linux-gcp, linux-gcp-6.5, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-nvidia-6.5, linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-raspi, linux-starfive, linux-starfive-6.5' package(s) on Ubuntu 22.04, Ubuntu 23.10.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU22.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1012-starfive", ver:"6.5.0-1012.13~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1015-nvidia", ver:"6.5.0-1015.15", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1015-nvidia-64k", ver:"6.5.0-1015.15", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1018-aws", ver:"6.5.0-1018.18~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1018-gcp", ver:"6.5.0-1018.18~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1020-oem", ver:"6.5.0-1020.21", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1021-oracle", ver:"6.5.0-1021.21~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1021-oracle-64k", ver:"6.5.0-1021.21~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-28-generic", ver:"6.5.0-28.29~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-28-generic-64k", ver:"6.5.0-28.29~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-aws", ver:"6.5.0.1018.18~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-gcp", ver:"6.5.0.1018.18~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-64k-hwe-22.04", ver:"6.5.0.28.29~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-hwe-22.04", ver:"6.5.0.28.29~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia-6.5", ver:"6.5.0.1015.20", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia-64k-6.5", ver:"6.5.0.1015.20", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia-64k-hwe-22.04", ver:"6.5.0.1015.20", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia-hwe-22.04", ver:"6.5.0.1015.20", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oem-22.04", ver:"6.5.0.1020.22", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oem-22.04a", ver:"6.5.0.1020.22", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oem-22.04b", ver:"6.5.0.1020.22", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oem-22.04c", ver:"6.5.0.1020.22", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oem-22.04d", ver:"6.5.0.1020.22", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oracle", ver:"6.5.0.1021.21~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oracle-64k", ver:"6.5.0.1021.21~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-starfive", ver:"6.5.0.1012.13~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-virtual-hwe-22.04", ver:"6.5.0.28.29~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU23.10") {
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1012-starfive", ver:"6.5.0-1012.13", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1014-laptop", ver:"6.5.0-1014.17", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1015-raspi", ver:"6.5.0-1015.18", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1018-aws", ver:"6.5.0-1018.18", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1018-gcp", ver:"6.5.0-1018.18", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1019-azure", ver:"6.5.0-1019.20", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1019-azure-fde", ver:"6.5.0-1019.20", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1021-oracle", ver:"6.5.0-1021.21", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-1021-oracle-64k", ver:"6.5.0-1021.21", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-28-generic", ver:"6.5.0-28.29", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-28-generic-64k", ver:"6.5.0-28.29", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-28-lowlatency", ver:"6.5.0-28.29.1", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.5.0-28-lowlatency-64k", ver:"6.5.0-28.29.1", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-aws", ver:"6.5.0.1018.18", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-azure", ver:"6.5.0.1019.23", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-azure-fde", ver:"6.5.0.1019.23", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-gcp", ver:"6.5.0.1018.18", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic", ver:"6.5.0.28.28", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-64k", ver:"6.5.0.28.28", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-lpae", ver:"6.5.0.28.28", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-kvm", ver:"6.5.0.28.28", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-laptop-23.10", ver:"6.5.0.1014.17", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency", ver:"6.5.0.28.29.1", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency-64k", ver:"6.5.0.28.29.1", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oracle", ver:"6.5.0.1021.23", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oracle-64k", ver:"6.5.0.1021.23", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-raspi", ver:"6.5.0.1015.16", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-raspi-nolpae", ver:"6.5.0.1015.16", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-starfive", ver:"6.5.0.1012.14", rls:"UBUNTU23.10"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-virtual", ver:"6.5.0.28.28", rls:"UBUNTU23.10"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
osv
osv
linux-azure-6.5 vulnerabilities
2024-04-24 22:56:25
linux-lowlatency-hwe-6.5 vulnerabilities
2024-04-22 17:40:26
openvas
openvas
Ubuntu: Security Advisory (USN-6743-3)
2024-04-26 00:00:00
Ubuntu: Security Advisory (USN-6743-2)
2024-04-24 00:00:00
Ubuntu: Security Advisory (USN-6741-1)
2024-04-22 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-04-19 00:00:00
Linux kernel (Azure) vulnerabilities
2024-04-24 00:00:00
Linux kernel (Low Latency) vulnerabilities
2024-04-22 00:00:00
nessus
nessus
Ubuntu 22.04 LTS : Linux kernel (Low Latency) vulnerabilities (USN-6743-2)
2024-04-23 00:00:00
Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6743-3)
2024-04-25 00:00:00
Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6743-1)
2024-04-19 00:00:00
debiancve
debiancve
prion
prion
Null pointer dereference
2024-02-22 17:15:00
Spoofing
2024-02-20 13:15:00
Design/Logic Flaw
2024-02-22 17:15:00
ubuntucve
ubuntucve
nvd
nvd
cbl_mariner
cbl_mariner
cvelist
cvelist
CVE-2024-26591 bpf: Fix re-attachment branch in bpf_tracing_prog_attach
2024-02-22 16:21:43
CVE-2024-26589 bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS
2024-02-22 16:13:33
CVE-2024-26581 netfilter: nft_set_rbtree: skip end interval element from gc
2024-02-20 12:52:57
cve
cve
redhatcve
redhatcve
vulnrichment
vulnrichment
CVE-2023-52600 jfs: fix uaf in jfs_evict_inode
2024-03-06 06:45:28
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0738
2024-03-19 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0586
2024-03-29 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2024-06-05 19:11:11
debian
debian
[SECURITY] [DSA 5658-1] linux security update
2024-04-13 06:38:27
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
13.1%
Related for OPENVAS:136141256231112202467431