The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0930 advisory.

  - kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory (CVE-2021-33655)

  - kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks     (CVE-2022-2196)

  - kernel: media: em28xx: initialize refcount before kref_get (CVE-2022-3239)

  - kernel: use-after-free after failed devlink reload in devlink_param_get (CVE-2022-3625)

  - kernel: net/packet: slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368)

  - hw: cpu: arm64: Spectre-BHB (CVE-2022-23960)

  - kernel: use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581)

  - kernel: vmwgfx: integer overflow in vmwgfx_execbuf.c (CVE-2022-36402)

  - kernel: vmwgfx: NULL pointer dereference in vmw_cmd_dx_define_query (CVE-2022-38096)

  - kernel: vmwgfx: use-after-free in vmw_cmd_res_check (CVE-2022-38457)

  - kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context (CVE-2022-40133)

  - kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)

  - kernel: GSM multiplexing race condition leads to privilege escalation (CVE-2023-6546)

  - kernel: Out of boundary write in perf_read_group() as result of overflow a perf_event's read_size     (CVE-2023-6931)

  - kernel: KVM: nVMX: missing consistency checks for CR0 and CR4 (CVE-2023-30456)

  - kernel: blocking operation in dvb_frontend_get_event and wait_event_interruptible (CVE-2023-31084)

  - kernel: use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c     (CVE-2023-51042)

  - kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function (CVE-2024-1086)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 8 : kernel (RHSA-2024:0930)

high Nessus Plugin ID 190828

Version 1.3

Version 1.2

Version 1.1

Version 1.0

Version 1.3 Apr 28, 2024, 2:25 PM Detection (updated detection logic) Plugin metadata Reference Plugin Feed: 202404281425
Version 1.2 Apr 5, 2024, 1:58 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202404051358
Version 1.1 Feb 23, 2024, 3:16 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") Exploit attributes ("Exploit framework core" set to "True") Plugin Feed: 202402231516
Version 1.0 Feb 21, 2024, 6:41 AM New Plugin Feed: 202402210641