The version of kernel installed on the remote host is prior to 5.10.118-111.515. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-014 advisory.

  - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in     the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or     CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)

  - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.
    This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)

  - A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged     user to gain root privileges. The bug allows to build several exploit primitives such as kernel address     information leak, arbitrary execution, etc. (CVE-2022-1729)

  - A use-after-free flaw was found in the Linux kernel's io_uring subsystem in the way a user sets up a ring     with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a     local user to crash or escalate their privileges on the system. (CVE-2022-1786)

  - In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. This could     lead to local escalation of privilege with no additional execution privileges needed. User interaction is     not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220738351References:
    Upstream kernel (CVE-2022-20568)

  - kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of     the availability of pointer arithmetic via certain *_OR_NULL pointer types. (CVE-2022-23222)

  - An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of     actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size()     function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This     flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2639)

  - The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets     are in the intended state. (CVE-2022-28893)

  - Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to     cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14     and later versions. (CVE-2022-29581)

  - An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause     a denial of service (panic) because input_set_capability mishandles the situation in which an event code     falls outside of a bitmap. (CVE-2022-48619)

  - A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network     subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the     system, and could even lead to a kernel information leak problem. (CVE-2023-1838)

  - A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in     VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash     the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a     kernel information leak problem. (CVE-2023-4387)

  - A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in     the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with     normal user privilege to cause a denial of service due to a missing sanity check during cleanup.
    (CVE-2023-4459)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-014)

high Nessus Plugin ID 162002

Version 1.5