Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:136141256231112202470201HistorySep 19, 2024 - 12:00 a.m.
Ubuntu: Security Advisory (USN-7020-1)
2024-09-1900:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
Low
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.12.2024.7020.1");
script_cve_id("CVE-2024-41009", "CVE-2024-42154", "CVE-2024-42159", "CVE-2024-42160", "CVE-2024-42224", "CVE-2024-42228");
script_tag(name:"creation_date", value:"2024-09-19 04:07:37 +0000 (Thu, 19 Sep 2024)");
script_version("2024-09-19T05:05:57+0000");
script_tag(name:"last_modification", value:"2024-09-19 05:05:57 +0000 (Thu, 19 Sep 2024)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-08-08 15:02:01 +0000 (Thu, 08 Aug 2024)");
script_name("Ubuntu: Security Advisory (USN-7020-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(22\.04\ LTS|24\.04\ LTS)");
script_xref(name:"Advisory-ID", value:"USN-7020-1");
script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-7020-1");
script_tag(name:"summary", value:"The remote host is missing an update for the 'linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle' package(s) announced via the USN-7020-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers,
- Network drivers,
- SCSI drivers,
- F2FS file system,
- BPF subsystem,
- IPv4 networking,
(CVE-2024-42160, CVE-2024-42159, CVE-2024-42154, CVE-2024-41009,
CVE-2024-42228, CVE-2024-42224)");
script_tag(name:"affected", value:"'linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle' package(s) on Ubuntu 22.04, Ubuntu 24.04.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "UBUNTU22.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1014-nvidia", ver:"6.8.0-1014.15~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1014-nvidia-64k", ver:"6.8.0-1014.15~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-45-lowlatency", ver:"6.8.0-45.45.1~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-45-lowlatency-64k", ver:"6.8.0-45.45.1~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency-64k-hwe-22.04", ver:"6.8.0-45.45.1~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency-hwe-22.04", ver:"6.8.0-45.45.1~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia-6.8", ver:"6.8.0-1014.15~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia-64k-6.8", ver:"6.8.0-1014.15~22.04.1", rls:"UBUNTU22.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "UBUNTU24.04 LTS") {
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1011-gke", ver:"6.8.0-1011.14", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1013-ibm", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1013-oem", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1013-oracle", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1013-oracle-64k", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1014-nvidia", ver:"6.8.0-1014.15", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1014-nvidia-64k", ver:"6.8.0-1014.15", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1014-nvidia-lowlatency", ver:"6.8.0-1014.15.1", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1014-nvidia-lowlatency-64k", ver:"6.8.0-1014.15.1", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1015-gcp", ver:"6.8.0-1015.17", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-1016-aws", ver:"6.8.0-1016.17", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-45-generic", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-45-generic-64k", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-45-lowlatency", ver:"6.8.0-45.45.1", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-6.8.0-45-lowlatency-64k", ver:"6.8.0-45.45.1", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-aws", ver:"6.8.0-1016.17", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-gcp", ver:"6.8.0-1015.17", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-64k", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-64k-hwe-24.04", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-hwe-24.04", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-lpae", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-gke", ver:"6.8.0-1011.14", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-ibm", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-ibm-classic", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-ibm-lts-24.04", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-kvm", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency", ver:"6.8.0-45.45.1", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency-64k", ver:"6.8.0-45.45.1", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia", ver:"6.8.0-1014.15", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia-64k", ver:"6.8.0-1014.15", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia-lowlatency", ver:"6.8.0-1014.15.1", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-nvidia-lowlatency-64k", ver:"6.8.0-1014.15.1", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oem-24.04", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oem-24.04a", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oracle", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-oracle-64k", ver:"6.8.0-1013.13", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-virtual", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"linux-image-virtual-hwe-24.04", ver:"6.8.0-45.45", rls:"UBUNTU24.04 LTS"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
nessus
nessus
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7020-1)
2024-09-18 00:00:00
Photon OS 3.0: Linux PHSA-2024-3.0-0780
2024-08-14 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7021-1)
2024-09-18 00:00:00
osv
osv
photon
photon
Critical Photon OS Security Update - PHSA-2024-3.0-0780
2024-08-13 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0373
2024-09-11 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0687
2024-09-08 00:00:00
vulnrichment
vulnrichment
CVE-2024-42159 scsi: mpi3mr: Sanitise num_phys
2024-07-30 07:47:01
CVE-2024-42154 tcp_metrics: validate source addr length
2024-07-30 07:46:51
debiancve
debiancve
openvas
openvas
Ubuntu: Security Advisory (USN-7021-1)
2024-09-19 00:00:00
Ubuntu: Security Advisory (USN-7022-1)
2024-09-19 00:00:00
Debian: Security Advisory (DSA-5747-1)
2024-08-13 00:00:00
ubuntucve
ubuntucve
cbl_mariner
cbl_mariner
CVE-2024-42159 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
CVE-2024-42160 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
CVE-2024-42228 affecting package kernel for versions less than 6.6.43.1-7
2024-08-14 20:43:58
nvd
nvd
redhatcve
redhatcve
cvelist
cvelist
CVE-2024-42159 scsi: mpi3mr: Sanitise num_phys
2024-07-30 07:47:01
cve
cve
redhat
redhat
(RHSA-2024:6753) Moderate: kernel security update
2024-09-18 11:08:17
mageia
mageia
Updated kernel, kmod-xtables-addons & kmod-virtualbox packages fix security vulnerabilities
2024-08-07 08:49:38
Updated kernel-linus packages fix security vulnerabilities
2024-08-07 08:49:38
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2024-09-11 00:00:00
Unbreakable Enterprise kernel security update
2024-09-10 00:00:00
Unbreakable Enterprise kernel security update
2024-09-12 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.5
Confidence
Low
Related for OPENVAS:136141256231112202470201