Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2023 Greenbone AGOPENVAS:136141256231112202358511
HistoryFeb 10, 2023 - 12:00 a.m.

Ubuntu: Security Advisory (USN-5851-1)

2023-02-1000:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
4
ubuntu
security
advisory
usn-5851-1
memory leak
denial of service
bounds checking
vulnerability
linux kernel
bluetooth
usb device
race condition

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.1%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.12.2023.5851.1");
  script_cve_id("CVE-2022-3543", "CVE-2022-3619", "CVE-2022-3623", "CVE-2022-3628", "CVE-2022-3640", "CVE-2022-41849", "CVE-2022-41850", "CVE-2022-42895", "CVE-2022-47940", "CVE-2023-0590");
  script_tag(name:"creation_date", value:"2023-02-10 04:25:54 +0000 (Fri, 10 Feb 2023)");
  script_version("2024-02-02T05:06:10+0000");
  script_tag(name:"last_modification", value:"2024-02-02 05:06:10 +0000 (Fri, 02 Feb 2024)");
  script_tag(name:"cvss_base", value:"8.3");
  script_tag(name:"cvss_base_vector", value:"AV:A/AC:L/Au:N/C:C/I:C/A:C");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2022-10-24 18:50:47 +0000 (Mon, 24 Oct 2022)");

  script_name("Ubuntu: Security Advisory (USN-5851-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2023 Greenbone AG");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU(20\.04\ LTS|22\.04\ LTS)");

  script_xref(name:"Advisory-ID", value:"USN-5851-1");
  script_xref(name:"URL", value:"https://ubuntu.com/security/notices/USN-5851-1");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'linux, linux-azure, linux-azure-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi' package(s) announced via the USN-5851-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"It was discovered that a memory leak existed in the Unix domain socket
implementation of the Linux kernel. A local attacker could use this to
cause a denial of service (memory exhaustion). (CVE-2022-3543)

It was discovered that the Bluetooth HCI implementation in the Linux kernel
did not properly deallocate memory in some situations. An attacker could
possibly use this cause a denial of service (memory exhaustion).
(CVE-2022-3619)

It was discovered that the hugetlb implementation in the Linux kernel
contained a race condition in some situations. A local attacker could use
this to cause a denial of service (system crash) or expose sensitive
information (kernel memory). (CVE-2022-3623)

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform bounds checking in some situations. A
physically proximate attacker could use this to craft a malicious USB
device that when inserted, could cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2022-3628)

It was discovered that a use-after-free vulnerability existed in the
Bluetooth stack in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3640)

It was discovered that a race condition existed in the SMSC UFX USB driver
implementation in the Linux kernel, leading to a use-after-free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-41849)

It was discovered that a race condition existed in the Roccat HID driver in
the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-41850)

Tamas Koczka discovered that the Bluetooth L2CAP implementation in the
Linux kernel did not properly initialize memory in some situations. A
physically proximate attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2022-42895)

Arnaud Gatignol, Quentin Minster, Florent Saudel and Guillaume Teissier
discovered that the KSMBD implementation in the Linux kernel did not
properly validate user-supplied data in some situations. An authenticated
attacker could use this to cause a denial of service (system crash), expose
sensitive information (kernel memory) or possibly execute arbitrary code.
(CVE-2022-47940)

It was discovered that a race condition existed in the qdisc implementation
in the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-0590)");

  script_tag(name:"affected", value:"'linux, linux-azure, linux-azure-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi' package(s) on Ubuntu 20.04, Ubuntu 22.04.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "UBUNTU20.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-1029-oracle", ver:"5.15.0-1029.35~20.04.1", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-1033-azure", ver:"5.15.0-1033.40~20.04.1", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-generic", ver:"5.15.0-60.66~20.04.1", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-generic-64k", ver:"5.15.0-60.66~20.04.1", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-generic-lpae", ver:"5.15.0-60.66~20.04.1", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-lowlatency", ver:"5.15.0-60.66~20.04.1", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-lowlatency-64k", ver:"5.15.0-60.66~20.04.1", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-azure", ver:"5.15.0.1033.40~20.04.23", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-64k-hwe-20.04", ver:"5.15.0.60.66~20.04.26", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-hwe-20.04", ver:"5.15.0.60.66~20.04.26", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-lpae-hwe-20.04", ver:"5.15.0.60.66~20.04.26", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency-64k-hwe-20.04", ver:"5.15.0.60.66~20.04.23", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency-hwe-20.04", ver:"5.15.0.60.66~20.04.23", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-oracle", ver:"5.15.0.1029.35~20.04.1", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-virtual-hwe-20.04", ver:"5.15.0.60.66~20.04.26", rls:"UBUNTU20.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU22.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-1015-gkeop", ver:"5.15.0-1015.19", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-1024-raspi", ver:"5.15.0-1024.26", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-1024-raspi-nolpae", ver:"5.15.0-1024.26", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-1025-ibm", ver:"5.15.0-1025.28", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-1028-kvm", ver:"5.15.0-1028.33", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-1029-oracle", ver:"5.15.0-1029.35", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-1033-azure", ver:"5.15.0-1033.40", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-generic", ver:"5.15.0-60.66", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-generic-64k", ver:"5.15.0-60.66", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-generic-lpae", ver:"5.15.0-60.66", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-lowlatency", ver:"5.15.0-60.66", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-5.15.0-60-lowlatency-64k", ver:"5.15.0-60.66", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-azure", ver:"5.15.0.1033.29", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-azure-lts-22.04", ver:"5.15.0.1033.29", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic", ver:"5.15.0.60.58", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-64k", ver:"5.15.0.60.58", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-64k-hwe-22.04", ver:"5.15.0.60.58", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-hwe-22.04", ver:"5.15.0.60.58", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-lpae", ver:"5.15.0.60.58", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-generic-lpae-hwe-22.04", ver:"5.15.0.60.58", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-gkeop", ver:"5.15.0.1015.14", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-gkeop-5.15", ver:"5.15.0.1015.14", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-ibm", ver:"5.15.0.1025.21", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-kvm", ver:"5.15.0.1028.24", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency", ver:"5.15.0.60.53", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency-64k", ver:"5.15.0.60.53", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency-64k-hwe-22.04", ver:"5.15.0.60.53", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-lowlatency-hwe-22.04", ver:"5.15.0.60.53", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-oracle", ver:"5.15.0.1029.24", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-raspi", ver:"5.15.0.1024.21", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-raspi-nolpae", ver:"5.15.0.1024.21", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-virtual", ver:"5.15.0.60.58", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"linux-image-virtual-hwe-22.04", ver:"5.15.0.60.58", rls:"UBUNTU22.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Related

osv 17
nessus 32
openvas 26
ubuntu 21
mageia 2
prion 10
cbl_mariner 10
debiancve 10
cve 10
redhatcve 10
cnvd 4
ubuntucve 10
nvd 10
cvelist 10
veracode 5
oraclelinux 5
redhat 2
fedora 3
debian 2
osv
osv
linux-aws, linux-aws-5.15, linux-azure-fde, linux-gcp, linux-gcp-5.15, linux-intel-iotg vulnerabilities
2023-02-15 22:31:07
linux, linux-azure, linux-azure-5.15, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities
2023-02-09 15:20:34
linux-gke vulnerabilities
2023-02-09 22:31:43
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5851-1)
2023-02-09 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5876-1)
2023-02-16 00:00:00
Ubuntu 22.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5860-1)
2023-02-09 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5876-1)
2023-02-16 00:00:00
Ubuntu: Security Advisory (USN-5860-1)
2023-02-10 00:00:00
Ubuntu: Security Advisory (USN-5850-1)
2023-02-10 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2023-02-15 00:00:00
Linux kernel vulnerabilities
2023-02-09 00:00:00
Linux kernel (Azure) vulnerabilities
2023-02-16 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2022-11-27 23:51:49
Updated kernel packages fix security vulnerabilities
2022-11-27 23:51:49
prion
prion
Input validation
2022-12-23 16:15:00
Design/Logic Flaw
2022-11-23 15:15:00
Race condition
2022-09-30 06:15:00
cbl_mariner
cbl_mariner
CVE-2022-47940 affecting package hyperv-daemons for versions less than 5.15.92.1-1
2023-02-14 20:21:22
CVE-2022-47940 affecting package kernel for versions less than 5.15.92.1-2
2023-02-24 01:53:51
CVE-2022-41849 affecting package kernel for versions less than 5.15.82.1-1
2022-12-19 20:13:00
debiancve
debiancve
CVE-2022-47940
2022-12-23 16:15:12
CVE-2022-41849
2022-09-30 06:15:12
CVE-2022-3543
2022-10-17 12:15:10
cve
cve
CVE-2022-47940
2022-12-23 16:15:12
CVE-2022-41849
2022-09-30 06:15:12
CVE-2022-3543
2022-10-17 12:15:10
redhatcve
redhatcve
CVE-2022-47940
2022-12-23 17:35:12
CVE-2022-42895
2022-11-23 19:26:02
CVE-2022-41849
2022-11-06 14:26:00
cnvd
cnvd
Linux kernel buffer overflow vulnerability (CNVD-2023-58993)
2023-01-04 00:00:00
Linux kernel resource management error vulnerability (CNVD-2022-69187)
2022-10-09 00:00:00
Linux kernel hid-roccat.c resource management error vulnerability
2022-10-09 00:00:00
ubuntucve
ubuntucve
CVE-2022-47940
2022-12-23 00:00:00
CVE-2022-3543
2022-10-17 00:00:00
CVE-2022-41849
2022-09-30 00:00:00
nvd
nvd
CVE-2022-47940
2022-12-23 16:15:12
CVE-2022-41849
2022-09-30 06:15:12
CVE-2022-3543
2022-10-17 12:15:10
cvelist
cvelist
CVE-2022-47940
2022-12-23 00:00:00
CVE-2022-3543 Linux Kernel BPF af_unix.c unix_release_sock memory leak
2022-10-17 00:00:00
CVE-2022-41849
2022-09-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-03-06 19:20:26
Information Disclosure
2023-02-10 20:04:27
Denial Of Service (DoS)
2023-03-06 19:20:27
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2023-02-13 00:00:00
Unbreakable Enterprise kernel-container security update
2023-02-14 00:00:00
Unbreakable Enterprise kernel security update
2023-02-07 00:00:00
redhat
redhat
(RHSA-2024:2621) Important: kernel security, bug fix, and enhancement update
2024-04-30 16:31:58
(RHSA-2024:1877) Moderate: kernel security and bug fix update
2024-04-18 00:58:28
fedora
fedora
[SECURITY] Fedora 35 Update: kernel-6.0.8-100.fc35
2022-11-15 01:28:15
[SECURITY] Fedora 36 Update: kernel-6.0.8-200.fc36
2022-11-15 01:24:33
[SECURITY] Fedora 37 Update: kernel-6.0.8-300.fc37
2022-11-15 01:17:47
debian
debian
[SECURITY] [DLA 3244-1] linux-5.10 security update
2022-12-22 13:40:03
[SECURITY] [DLA 3245-1] linux security update
2022-12-23 22:16:58

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.1%

JSON
Related for OPENVAS:136141256231112202358511
osv17nessus32openvas26ubuntu21mageia2prion10cbl_mariner10debiancve10cve10redhatcve10cnvd4ubuntucve10nvd10cvelist10veracode5oraclelinux5redhat2fedora3debian2