The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5402 advisory.

  - A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with     capabilities was found in the Linux kernel's OverlayFS subsystem in how a user copies a capable file from     a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges     on the system. (CVE-2023-0386)

  - qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write     because lmax can exceed QFQ_MIN_LMAX. (CVE-2023-31436)

  - In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests     can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users     can obtain root privileges. This occurs because anonymous sets are mishandled. (CVE-2023-32233)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Debian DSA-5402-1 : linux - security update

high Nessus Plugin ID 175664

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.0

Version 1.4 Mar 27, 2024, 7:16 PM Detection (Debian kernel vulns will now be evaluated against the running kernel version instead of the highest installed version) Plugin Feed: 202403271916
Version 1.3 Oct 4, 2023, 4:16 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202310041616
Version 1.2 Aug 23, 2023, 4:09 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") Exploit attributes ("Exploit framework core" set to "True") Plugin Feed: 202308231609
Version 1.1 May 24, 2023, 8:43 PM Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") CVSSv3 score source (set to "CVE-2023-32233") CVSSv2 score source (changed from "CVE-2023-31436" to "CVE-2023-32233") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Plugin Feed: 202305242043
Version 1.0 May 14, 2023, 5:59 PM New Plugin Feed: 202305141759