The version of kernel installed on the remote host is prior to 4.14.219-119.340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1480 advisory.

  - A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was     a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a     denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege     to a kernel information leak threat. (CVE-2020-27825)

  - In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking     in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal     in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker     has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are     proxied via an attacker-selected backstore. (CVE-2020-28374)

  - ** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a     subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via     READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this     attack; see also the exports(5) no_subtree_check default behavior. (CVE-2021-3178)

  - An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free     during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.
    (CVE-2021-3347)

  - nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-     free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a     certain point during device setup, aka CID-b98e762e3d71. (CVE-2021-3348)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Detections

Analytics

Amazon Linux AMI : kernel (ALAS-2021-1480)

high Nessus Plugin ID 146569

Version 1.5