Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2022-9273.NASL
HistoryApr 11, 2022 - 12:00 a.m.

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9273)

2022-04-1100:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
55

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.975 High

EPSS

Percentile

100.0%

JSON

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9273 advisory.

  • Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. (CVE-2021-26341)

  • LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
    (CVE-2021-26401)

  • Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. (CVE-2022-23960)

  • An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim’s TCP session or terminate that session. (CVE-2020-36516)

  • An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. (CVE-2022-26966)

  • A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem.
    This flaw allows a local user to cause an out-of-bounds write issue. (CVE-2022-1015) (CVE-2022-1016)

  • A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 (CVE-2021-22600)

  • A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)

  • An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor. (CVE-2022-24448)

  • kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Oracle Linux Security Advisory ELSA-2022-9273.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(159642);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/13");

  script_cve_id(
    "CVE-2020-36516",
    "CVE-2021-22600",
    "CVE-2021-26341",
    "CVE-2021-26401",
    "CVE-2022-0617",
    "CVE-2022-1016",
    "CVE-2022-1158",
    "CVE-2022-22942",
    "CVE-2022-23960",
    "CVE-2022-24448",
    "CVE-2022-26966"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/05/02");

  script_name(english:"Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9273)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Oracle Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in
the ELSA-2022-9273 advisory.

  - Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result
    in data leakage. (CVE-2021-26341)

  - LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
    (CVE-2021-26401)

  - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation,
    aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to
    influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive
    information. (CVE-2022-23960)

  - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the
    hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session
    or terminate that session. (CVE-2020-36516)

  - An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to
    obtain sensitive information from heap memory via crafted frame lengths from a device. (CVE-2022-26966)

  - A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem.
    This flaw allows a local user to cause an out-of-bounds write issue. (CVE-2022-1015) (CVE-2022-1016)

  - A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through
    crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected
    versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 (CVE-2021-22600)

  - A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way
    user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw
    to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)

  - An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the
    O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a
    regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file
    descriptor. (CVE-2022-24448)

  - kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://linux.oracle.com/errata/ELSA-2022-9273.html");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-22600");
  script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2022-22942");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'vmwgfx Driver File Descriptor Handling Priv Esc');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/01/26");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/04/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/04/11");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:8");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-debug");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:kernel-uek-tools-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:perf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:python-perf");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Oracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("linux_alt_patch_detect.nasl", "ssh_get_info.nasl");
  script_require_keys("Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/local_checks_enabled");

  exit(0);
}


include('ksplice.inc');
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');
var release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');
var os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');
var os_ver = os_ver[1];
if (! preg(pattern:"^(7|8)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7 / 8', 'Oracle Linux ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);

var machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');
if (machine_uptrack_level)
{
  var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:"\.(x86_64|i[3-6]86|aarch64)$", replace:'');
  var fixed_uptrack_levels = ['5.4.17-2136.306.1.3.el7uek', '5.4.17-2136.306.1.3.el8uek'];
  foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {
    if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)
    {
      audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9273');
    }
  }
  __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\n\n';
}

var kernel_major_minor = get_kb_item('Host/uname/major_minor');
if (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');
var expected_kernel_major_minor = '5.4';
if (kernel_major_minor != expected_kernel_major_minor)
  audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);

var pkgs = [
    {'reference':'kernel-uek-5.4.17-2136.306.1.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},
    {'reference':'kernel-uek-5.4.17-2136.306.1.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},
    {'reference':'kernel-uek-debug-5.4.17-2136.306.1.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},
    {'reference':'kernel-uek-debug-5.4.17-2136.306.1.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},
    {'reference':'kernel-uek-debug-devel-5.4.17-2136.306.1.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},
    {'reference':'kernel-uek-debug-devel-5.4.17-2136.306.1.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},
    {'reference':'kernel-uek-devel-5.4.17-2136.306.1.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},
    {'reference':'kernel-uek-devel-5.4.17-2136.306.1.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},
    {'reference':'kernel-uek-doc-5.4.17-2136.306.1.3.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'},
    {'reference':'kernel-uek-tools-5.4.17-2136.306.1.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},
    {'reference':'kernel-uek-tools-5.4.17-2136.306.1.3.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},
    {'reference':'kernel-uek-tools-libs-5.4.17-2136.306.1.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-5.4.17'},
    {'reference':'perf-5.4.17-2136.306.1.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'python-perf-5.4.17-2136.306.1.3.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},
    {'reference':'kernel-uek-5.4.17-2136.306.1.3.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},
    {'reference':'kernel-uek-5.4.17-2136.306.1.3.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},
    {'reference':'kernel-uek-debug-5.4.17-2136.306.1.3.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},
    {'reference':'kernel-uek-debug-5.4.17-2136.306.1.3.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},
    {'reference':'kernel-uek-debug-devel-5.4.17-2136.306.1.3.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},
    {'reference':'kernel-uek-debug-devel-5.4.17-2136.306.1.3.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},
    {'reference':'kernel-uek-devel-5.4.17-2136.306.1.3.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},
    {'reference':'kernel-uek-devel-5.4.17-2136.306.1.3.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},
    {'reference':'kernel-uek-doc-5.4.17-2136.306.1.3.el8uek', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'}
];

var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var release = NULL;
  var sp = NULL;
  var cpu = NULL;
  var el_string = NULL;
  var rpm_spec_vers_cmp = NULL;
  var epoch = NULL;
  var allowmaj = NULL;
  var exists_check = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (reference && release) {
    if (exists_check) {
        if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    } else {
        if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    }
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');
}
VendorProductVersionCPE
oraclelinuxperfp-cpe:/a:oracle:linux:perf
oraclelinuxpython-perfp-cpe:/a:oracle:linux:python-perf
oraclelinux7cpe:/o:oracle:linux:7
oraclelinux8cpe:/o:oracle:linux:8
oraclelinuxkernel-uekp-cpe:/a:oracle:linux:kernel-uek
oraclelinuxkernel-uek-debugp-cpe:/a:oracle:linux:kernel-uek-debug
oraclelinuxkernel-uek-debug-develp-cpe:/a:oracle:linux:kernel-uek-debug-devel
oraclelinuxkernel-uek-develp-cpe:/a:oracle:linux:kernel-uek-devel
oraclelinuxkernel-uek-docp-cpe:/a:oracle:linux:kernel-uek-doc
oraclelinuxkernel-uek-toolsp-cpe:/a:oracle:linux:kernel-uek-tools
Rows per page:
1-10 of 111

Related

oraclelinux 10
nessus 52
amd 2
debiancve 8
cve 9
nvd 9
redhatcve 10
xen 1
prion 9
cvelist 9
f5 1
ubuntucve 8
redhat 5
openvas 11
amazon 5
ubuntu 7
osv 10
rosalinux 1
centos 1
photon 1
githubexploit 1
veracode 9
thn 1
citrix 1
cisa_kev 1
cbl_mariner 6
cnvd 4
attackerkb 1
ibm 1
packetstorm 1
broadcom 1
zdt 1
metasploit 1
mscve 1
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2022-04-11 00:00:00
Unbreakable Enterprise kernel security update
2022-04-11 00:00:00
Unbreakable Enterprise kernel security update
2022-04-25 00:00:00
nessus
nessus
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9274)
2022-04-11 00:00:00
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9313)
2022-04-25 00:00:00
Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-9314)
2022-04-25 00:00:00
amd
amd
LFENCE/JMP Mitigation Update for CVE-2017-5715
2022-03-08 00:00:00
AMD CPUs May Transiently Execute Beyond Unconditional Direct Branch
2022-03-08 00:00:00
debiancve
debiancve
CVE-2021-26401
2022-03-11 18:15:11
CVE-2020-36516
2022-02-26 04:15:06
CVE-2021-22600
2022-01-26 14:15:08
cve
cve
CVE-2021-26401
2022-03-11 18:15:11
CVE-2020-36516
2022-02-26 04:15:06
CVE-2021-26341
2022-03-11 18:15:10
nvd
nvd
CVE-2021-26401
2022-03-11 18:15:11
CVE-2021-26341
2022-03-11 18:15:10
CVE-2021-22600
2022-01-26 14:15:08
redhatcve
redhatcve
CVE-2021-26401
2022-03-09 10:23:54
CVE-2022-1016
2022-03-29 03:50:29
CVE-2020-36516
2022-03-02 11:24:33
xen
xen
Multiple speculative security issues
2022-03-08 18:12:00
prion
prion
Design/Logic Flaw
2022-03-11 18:15:00
Double free
2022-01-26 14:15:00
Code injection
2022-03-11 18:15:00
cvelist
cvelist
CVE-2021-26401
2022-03-08 00:00:00
CVE-2021-26341
2022-03-08 00:00:00
CVE-2021-22600 Double Free in net/packet/af_packet.c leading to priviledge escalation
2022-01-26 00:00:00
f5
f5
K000137188 : AMD CPU vulnerability CVE-2021-26401
2023-10-09 00:00:00
ubuntucve
ubuntucve
CVE-2021-26401
2022-03-11 00:00:00
CVE-2020-36516
2022-02-26 00:00:00
CVE-2021-22600
2022-01-26 00:00:00
redhat
redhat
(RHSA-2023:0187) Moderate: kernel security update
2023-01-17 08:48:58
(RHSA-2023:0399) Important: kernel security and bug fix update
2023-01-24 09:46:52
(RHSA-2023:0400) Important: kernel-rt security and bug fix update
2023-01-24 09:46:52
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1537)
2022-04-25 00:00:00
Ubuntu: Security Advisory (USN-5383-1)
2022-04-21 00:00:00
Ubuntu: Security Advisory (USN-5384-1)
2022-04-21 00:00:00
amazon
amazon
Important: kernel
2022-04-04 23:21:00
Important: kernel
2022-03-07 23:32:00
Important: kernel
2022-04-04 23:46:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-04-20 00:00:00
Linux kernel vulnerabilities
2022-04-20 00:00:00
Linux kernel vulnerabilities
2022-04-26 00:00:00
osv
osv
linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13, linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities
2022-04-20 23:48:40
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
2022-04-20 23:51:42
linux-raspi vulnerabilities
2022-05-03 21:04:19
rosalinux
rosalinux
Advisory ROSA-SA-2023-2097
2023-02-07 10:10:41
centos
centos
bpftool, kernel, perf, python security update
2023-01-30 16:50:20
photon
photon
Moderate Photon OS Security Update - PHSA-2022-0459
2022-04-01 00:00:00
githubexploit
githubexploit
Exploit for CVE-2022-1015
2022-04-02 22:49:40
veracode
veracode
Privilege Escalation
2022-02-08 18:01:01
Spoofing Attack
2023-01-28 00:46:14
Information Disclosure
2022-06-23 22:13:13
thn
thn
Google Releases Android Update to Patch Actively Exploited Vulnerability
2022-05-06 05:13:00
citrix
citrix
Citrix Hypervisor Security Update
2022-03-07 14:55:18
cisa_kev
cisa_kev
Linux Kernel Privilege Escalation Vulnerability
2022-04-11 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-22600 affecting package kernel for versions less than 5.15.18.1-1
2022-04-09 06:52:47
CVE-2022-24448 affecting package kernel 5.10.189.1-1
2022-03-10 23:47:45
CVE-2022-26966 affecting package kernel 5.10.189.1-1
2022-05-12 02:17:02
cnvd
cnvd
Linux kernel buffer overflow vulnerability (CNVD-2022-07634)
2022-01-28 00:00:00
Linux kernel has unspecified vulnerabilities (CNVD-2022-17770)
2022-03-01 00:00:00
Linux kernel has unspecified vulnerabilities (CNVD-2022-68615)
2022-02-11 00:00:00
attackerkb
attackerkb
CVE-2021-22600
2022-01-26 00:00:00
ibm
ibm
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
2022-05-26 12:33:32
packetstorm
packetstorm
vmwgfx Driver File Descriptor Handling Privilege Escalation
2023-02-01 00:00:00
broadcom
broadcom
nfs_atomic_open() performs a regular lookup
2023-08-01 00:00:00
zdt
zdt
vmwgfx Driver File Descriptor Handling Privilege Escalation Exploit
2023-02-01 00:00:00
metasploit
metasploit
vmwgfx Driver File Descriptor Handling Priv Esc
2023-01-17 20:30:36
mscve
mscve
Arm: CVE-2022-23960 Cache Speculation Restriction Vulnerability
2022-09-13 07:00:00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.975 High

EPSS

Percentile

100.0%

JSON
Related for ORACLELINUX_ELSA-2022-9273.NASL
oraclelinux10nessus52amd2debiancve8cve9nvd9redhatcve10xen1prion9cvelist9f51ubuntucve8redhat5openvas11amazon5ubuntu7osv10rosalinux1centos1photon1githubexploit1veracode9thn1citrix1cisa_kev1cbl_mariner6cnvd4attackerkb1ibm1packetstorm1broadcom1zdt1metasploit1mscve1