The version of kernel installed on the remote host is prior to 5.10.130-118.517. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-018 advisory.

    An out-of-bounds write flaw was found in the Linux kernel's framebuffer-based console driver     functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a     local user to crash or potentially escalate their privileges on the system. (CVE-2021-33655)

    There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that     allow attackers to crash linux kernel without any privileges. (CVE-2022-2318)

    Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text     explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device     frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
    Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to     unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend     (CVE-2022-33741, CVE-2022-33742). (CVE-2022-26365)

    Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text     explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device     frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
    Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to     unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend     (CVE-2022-33741, CVE-2022-33742). (CVE-2022-33740)

    Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text     explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device     frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
    Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to     unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend     (CVE-2022-33741, CVE-2022-33742). (CVE-2022-33741)

    Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text     explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device     frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
    Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to     unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend     (CVE-2022-33741, CVE-2022-33742). (CVE-2022-33742)

    network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data     Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further     processing to nevertheless be freed. (CVE-2022-33743)

    Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an rbtree     to keep track of the foreign mappings. Updating of that rbtree is not always done completely with the     related lock held, resulting in a small race window, which can be used by unprivileged guests via PV     devices to cause inconsistencies of the rbtree. These inconsistencies can lead to Denial of Service (DoS)     of dom0, e.g. by causing crashes or the inability to perform further mappings of other guests' memory     pages. (CVE-2022-33744)

    A heap buffer overflow flaw was found in the Linux kernel's Netfilter subsystem in the way a user provides     incorrect input of the NFT_DATA_VERDICT type. This flaw allows a local user to crash or potentially     escalate their privileges on the system. (CVE-2022-34918)

    In the Linux kernel, the following vulnerability has been resolved:

    usbnet: fix memory leak in error case (CVE-2022-49657)

    In the Linux kernel, the following vulnerability has been resolved:

    tunnels: do not assume mac header is set in skb_tunnel_check_pmtu() (CVE-2022-49663)

    In the Linux kernel, the following vulnerability has been resolved:

    net: bonding: fix use-after-free after 802.3ad slave unbind (CVE-2022-49667)

    In the Linux kernel, the following vulnerability has been resolved:

    dm raid: fix KASAN warning in raid5_add_disks (CVE-2022-49673)

    In the Linux kernel, the following vulnerability has been resolved:

    virtio_net: fix xdp_rxq_info bug after suspend/resume (CVE-2022-49687)

    In the Linux kernel, the following vulnerability has been resolved:

    erspan: do not assume transport header is always set (CVE-2022-49691)

    In the Linux kernel, the following vulnerability has been resolved:

    igb: fix a use-after-free issue in igb_clean_tx_ring (CVE-2022-49695)

    In the Linux kernel, the following vulnerability has been resolved:

    tipc: fix use-after-free Read in tipc_named_reinit (CVE-2022-49696)

    In the Linux kernel, the following vulnerability has been resolved:

    mm/slub: add missing TID updates on slab deactivation (CVE-2022-49700)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-018)

high Nessus Plugin ID 163382

Version 1.12

Version 1.10

Version 1.8

Version 1.6

Version 1.5

Version 1.3

Version 1.12 Apr 11, 2025, 11:54 AM Exploit attributes ("Exploit framework core" set to "True") Exploit attributes ("Exploit framework metasploit" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202504111154
Version 1.10 Mar 17, 2025, 12:07 PM Exploit attributes ("Exploit framework core" set to "True") Exploit attributes ("Exploit framework metasploit" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202503171207
Version 1.8 Dec 12, 2024, 9:55 AM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin metadata Plugin Feed: 202412120955
Version 1.6 Sep 5, 2023, 10:10 PM Detection Plugin requirements Plugin Feed: 202309052210
Version 1.5 Jan 13, 2023, 4:18 PM Exploit attributes ("Exploit framework core" set to "True") Plugin Feed: 202301131618
Version 1.3 Sep 29, 2022, 12:06 AM CVSS temporal metrics Exploit attributes Plugin Feed: 202209290006