The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5466-1 advisory.

  - A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP     association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and     the attacker can send packets with spoofed IP addresses. (CVE-2021-3772)

  - A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an     improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of     service (DOS) due to a deadlock problem. (CVE-2021-4149)

  - A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a     use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel     information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)

  - The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount     of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will     access the freed drm_vgem_gem_object. (CVE-2022-1419)

  - KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown.
    An attacker with access to a serial port could trigger the debugger so it is important that the debugger     respect the lockdown mode when/if it is triggered. (CVE-2022-21499)

  - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)

  - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
    (CVE-2022-28390)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5466-1)

high Nessus Plugin ID 161954

Version 1.6