The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5207 advisory.

  - Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution     under certain microarchitecture-dependent conditions. (CVE-2022-29900)

  - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow     an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)

  - Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their     retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can     hijack return instructions to achieve arbitrary speculative code execution under certain     microarchitecture-dependent conditions. (CVE-2022-29901)

  - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in     net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)

  - nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote     attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte     nfta_payload attribute, an skb_pull can encounter a negative skb->len. (CVE-2022-36946)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Debian DSA-5207-1 : linux - security update

high Nessus Plugin ID 164150

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.7 Mar 27, 2024, 7:16 PM Detection (Debian kernel vulns will now be evaluated against the running kernel version instead of the highest installed version) Plugin Feed: 202403271916
Version 1.6 Jan 15, 2024, 2:36 PM CVSSv3 score source (changed from "CVE-2022-29901" to "CVE-2022-2588") CVSSv3 severity (based on CVE-2022-2588, severity increased from "Medium" to "High") CVSS metrics ("CVSSv3 score" set to 7.8. "CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H") Plugin Feed: 202401151436
Version 1.5 Mar 21, 2023, 7:30 PM Plugin metadata Plugin Feed: 202303211930
Version 1.4 Jan 12, 2023, 6:19 PM Exploit attributes ("Exploit framework core" set to "True") Plugin Feed: 202301121819
Version 1.3 Sep 29, 2022, 12:06 AM CVSS temporal metrics Exploit attributes Plugin Feed: 202209290006