Detections
Analytics

MiracleLinux 9 : kernel-5.14.0-362.8.1.el9_3 (AXSA:2023-7038:31)

high Nessus Plugin ID 293731

Synopsis

The remote MiracleLinux host is missing one or more security updates.

Description

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7038:31 advisory.

 * kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails (CVE-2023-3609)
 * kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)
 * kernel: eBPF: insufficient stack type checks in dynptr (CVE-2023-39191)
 * Kernel: race when faulting a device private page in memory manager (CVE-2022-3523)
 * kernel: use-after-free in l1oip timer handlers (CVE-2022-3565)
 * kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)
 * kernel: vmwgfx: use-after-free in vmw_cmd_res_check (CVE-2022-38457)
 * kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context (CVE-2022-40133)
 * hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)
 * kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c (CVE-2022-42895)
 * kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)
 * kernel: HID: check empty report_list in hid_validate_values() (CVE-2023-1073)
 * kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)
 * kernel: hid: Use After Free in asus_remove() (CVE-2023-1079)
 * kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)
 * kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)
 * Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (CVE-2023-1652)
 * kernel: Use after free bug in btsdio_remove due to race condition (CVE-2023-1989)
 * kernel: fbcon: shift-out-of-bounds in fbcon_set_font() (CVE-2023-3161)
 * kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)
 * kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params() (CVE-2023-3772)
 * kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr (CVE-2023-3773)
 * kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability (CVE-2023-4155)
 * kernel: exFAT: stack overflow in exfat_get_uniname_from_ext_entry (CVE-2023-4273)
 * kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)
 * kernel: KVM: nVMX: missing consistency checks for CR0 and CR4 (CVE-2023-30456)
 * kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove() (CVE-2023-33203)
 * kernel: vmwgfx: race condition leading to information disclosure vulnerability (CVE-2023-33951)
 * kernel: vmwgfx: double free within the handling of vmw_buffer_object objects (CVE-2023-33952)
 * kernel: r592: race condition leading to use-after-free in r592_remove() (CVE-2023-35825)
 * kernel: net/tls: tls_is_tx_ready() checked list_entry (CVE-2023-1075)
 * kernel: tap: tap_open(): correctly initialize socket uid (CVE-2023-1076)
 * kernel: missing mmap_lock in file_files_note that could possibly lead to a use after free in the coredump code (CVE-2023-1249)
 * kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)
 * kernel: Use after free bug in r592_remove (CVE-2023-3141)
 * kernel: gfs2: NULL pointer dereference in gfs2_evict_inode() (CVE-2023-3212)
 * kernel: NULL pointer dereference due to missing kalloc() return value check in shtp_cl_get_dma_send_buf() (CVE-2023-3358)
 * kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid (CVE-2023-4194)

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/18222

Plugin Details

Severity: High

ID: 293731

File Name: miracle_linux_AXSA-2023-7038.nasl

Version: 1.1

Type: local

Published: 1/20/2026

Updated: 1/20/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2023-1079

CVSS v3

Risk Factor: High

Base Score: 8.2

Temporal Score: 7.4

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2023-39191

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:kernel-modules, p-cpe:/a:miracle:linux:rv, p-cpe:/a:miracle:linux:kernel-uki-virt, p-cpe:/a:miracle:linux:rtla, p-cpe:/a:miracle:linux:kernel-tools-libs-devel, p-cpe:/a:miracle:linux:kernel-debug-modules-core, p-cpe:/a:miracle:linux:kernel-devel, p-cpe:/a:miracle:linux:kernel-core, p-cpe:/a:miracle:linux:kernel-abi-stablelists, p-cpe:/a:miracle:linux:kernel-modules-extra, p-cpe:/a:miracle:linux:kernel-debug, p-cpe:/a:miracle:linux:kernel-tools-libs, p-cpe:/a:miracle:linux:perf, p-cpe:/a:miracle:linux:libperf, p-cpe:/a:miracle:linux:kernel-debug-modules, p-cpe:/a:miracle:linux:kernel-debug-devel, p-cpe:/a:miracle:linux:kernel-cross-headers, p-cpe:/a:miracle:linux:kernel-tools, p-cpe:/a:miracle:linux:kernel-modules-core, cpe:/o:miracle:linux:9, p-cpe:/a:miracle:linux:kernel-debug-devel-matched, p-cpe:/a:miracle:linux:kernel, p-cpe:/a:miracle:linux:kernel-debug-uki-virt, p-cpe:/a:miracle:linux:kernel-devel-matched, p-cpe:/a:miracle:linux:python3-perf, p-cpe:/a:miracle:linux:bpftool, p-cpe:/a:miracle:linux:kernel-headers, p-cpe:/a:miracle:linux:kernel-debug-core, p-cpe:/a:miracle:linux:kernel-debug-modules-extra

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/20/2024

Vulnerability Publication Date: 7/21/2021

Reference Information

CVE: CVE-2022-3523, CVE-2022-3565, CVE-2022-3594, CVE-2022-38457, CVE-2022-40133, CVE-2022-40982, CVE-2022-42895, CVE-2023-0597, CVE-2023-1073, CVE-2023-1074, CVE-2023-1075, CVE-2023-1076, CVE-2023-1079, CVE-2023-1206, CVE-2023-1249, CVE-2023-1252, CVE-2023-1652, CVE-2023-1855, CVE-2023-1989, CVE-2023-26545, CVE-2023-30456, CVE-2023-3141, CVE-2023-3161, CVE-2023-3212, CVE-2023-3268, CVE-2023-33203, CVE-2023-3358, CVE-2023-33951, CVE-2023-33952, CVE-2023-3609, CVE-2023-3772, CVE-2023-3773, CVE-2023-39191, CVE-2023-4155, CVE-2023-4194, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208, CVE-2023-4273