The version of kernel installed on the remote host is prior to 4.14.318-240.529. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2100 advisory.

    It was discovered that a nft object or expression could reference a nft set on a different nft table,     leading to a use-after-free once that table was deleted. (CVE-2022-2586)

    A heap buffer overflow flaw was found in the Linux kernel's Netfilter subsystem in the way a user provides     incorrect input of the NFT_DATA_VERDICT type. This flaw allows a local user to crash or potentially     escalate their privileges on the system. (CVE-2022-34918)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() (CVE-2022-50067)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: do not allow SET_ID to refer to another table (CVE-2022-50213)

    A denial of service problem was found, due to a possible recursive locking scenario, resulting in a     deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-     component. (CVE-2023-2269)

    do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading     to a race condition (with a resultant use-after-free or NULL pointer dereference). (CVE-2023-28466)

    A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to     achieve local privilege escalation.

    The out-of-bounds write is caused by missing skb->cb  initialization in the ipvlan network driver. The     vulnerability is reachable if CONFIG_IPVLAN is enabled.

    We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e. (CVE-2023-3090)

    A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the     Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling     btrfs_ioctl_defrag(). (CVE-2023-3111)

    A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the     Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading     to a kernel information leak. (CVE-2023-3141)

    An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in     lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an     offset. (CVE-2023-34256)

    In the Linux kernel, the following vulnerability has been resolved:

    serial: 8250: Reinit port->pm on port specific driver unbind (CVE-2023-53176)

    In the Linux kernel, the following vulnerability has been resolved:

    ACPICA: Avoid undefined behavior: applying zero offset to null pointer (CVE-2023-53182)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: add bounds checking in get_max_inline_xattr_value_size() (CVE-2023-53285)

    In the Linux kernel, the following vulnerability has been resolved:

    md/raid10: fix leak of 'r10bio->remaining' for recovery (CVE-2023-53299)

    In the Linux kernel, the following vulnerability has been resolved:

    nilfs2: do not write dirty data after degenerating to read-only (CVE-2023-53337)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: remove a BUG_ON in ext4_mb_release_group_pa() (CVE-2023-53450)

    In the Linux kernel, the following vulnerability has been resolved:

    lib: cpu_rmap: Avoid use after free on rmap->obj array entries (CVE-2023-53484)

    In the Linux kernel, the following vulnerability has been resolved:

    tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. (CVE-2023-53489)

    In the Linux kernel, the following vulnerability has been resolved:

    ext2: Check block size validity during mount (CVE-2023-53569)

    In the Linux kernel, the following vulnerability has been resolved:

    ring-buffer: Sync IRQ works before buffer destruction (CVE-2023-53587)

    In the Linux kernel, the following vulnerability has been resolved:

    dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (CVE-2023-53604)

    In the Linux kernel, the following vulnerability has been resolved:

    net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize (CVE-2023-53667)

    In the Linux kernel, the following vulnerability has been resolved:

    fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() (CVE-2023-53683)

    In the Linux kernel, the following vulnerability has been resolved:

    ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705)

    In the Linux kernel, the following vulnerability has been resolved:

    dm flakey: fix a crash with invalid table line (CVE-2023-53786)

    In the Linux kernel, the following vulnerability has been resolved:

    nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode() (CVE-2023-53804)

    In the Linux kernel, the following vulnerability has been resolved:

    nilfs2: fix infinite loop in nilfs_mdt_get_block() (CVE-2023-53845)

    In the Linux kernel, the following vulnerability has been resolved:

    netlink: annotate accesses to nlk->cb_running (CVE-2023-53853)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: set goal start correctly in ext4_mb_normalize_request (CVE-2023-54021)

    In the Linux kernel, the following vulnerability has been resolved:

    spmi: Add a check for remove callback when removing a SPMI driver (CVE-2023-54044)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: fix invalid free tracking in ext4_xattr_move_to_block() (CVE-2023-54062)

    In the Linux kernel, the following vulnerability has been resolved:

    USB: sisusbvga: Add endpoint checks (CVE-2023-54213)

    In the Linux kernel, the following vulnerability has been resolved:

    net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs(). (CVE-2023-54218)

    In the Linux kernel, the following vulnerability has been resolved:

    ACPI: EC: Fix oops when removing custom query handlers (CVE-2023-54244)

    A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This     flaw allows a local user to cause an information leak problem while freeing the old quota file names     before a potential failure, leading to a use-after-free. (CVE-2024-0775)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Amazon Linux 2 : kernel, --advisory ALAS2-2023-2100 (ALAS-2023-2100)

high Nessus Plugin ID 177862

Version 1.22