The version of kernel installed on the remote host is prior to 5.4.186-102.354. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-024 advisory.

  - In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks     in 'dbgfs_target_ids_write()' DAMON debugfs interface increases the reference counts of 'struct pid's for     targets from the 'target_ids' file write callback ('dbgfs_target_ids_write()'), but decreases the counts     only in DAMON monitoring termination callback ('dbgfs_before_terminate()'). Therefore, when 'target_ids'     file is repeatedly written without DAMON monitoring start/termination, the reference count is not     decreased and therefore memory for the 'struct pid' cannot be freed. This commit fixes this issue by     decreasing the reference counts when 'target_ids' is written. (CVE-2021-46937)

  - A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem.
    This flaw allows a local user to cause an out-of-bounds write issue. (CVE-2022-1015)

  - A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a     use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel     information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)

  - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain     privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past     commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)

  - net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges     because of a heap out-of-bounds write. This is related to nf_tables_offload. (CVE-2022-25636)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-024)

high Nessus Plugin ID 160422

Version 1.10