The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5095 advisory.

    Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation,     denial of service or information leaks. CVE-2020-36310 A flaw was discovered in the KVM implementation for     AMD processors, which could lead to an infinite loop. A malicious VM guest could exploit this to cause a     denial of service. CVE-2022-0001 (INTEL-SA-00598) Researchers at VUSec discovered that the Branch History     Buffer in Intel processors can be exploited to create information side channels with speculative     execution. This issue is similar to Spectre variant 2, but requires additional mitigations on some     processors. This can be exploited to obtain sensitive information from a different security context, such     as from user-space to the kernel, or from a KVM guest to the kernel. CVE-2022-0002 (INTEL-SA-00598) This     is a similar issue to CVE-2022-0001, but covers exploitation within a security context, such as from JIT-     compiled code in a sandbox to hosting code in the same process. This is partly mitigated by disabling eBPF     for unprivileged users with the sysctl: kernel.unprivileged_bpf_disabled=2. This is already the default in     Debian 11 bullseye. CVE-2022-0487 A use-after-free was discovered in the MOXART SD/MMC Host Controller     support driver. This flaw does not impact the Debian binary packages as CONFIG_MMC_MOXART is not set.
    CVE-2022-0492 Yiqi Sun and Kevin Wang reported that the cgroup-v1 subsystem does not properly restrict     access to the release-agent feature. A local user can take advantage of this flaw for privilege escalation     and bypass of namespace isolation. CVE-2022-0617 butt3rflyh4ck discovered a NULL pointer dereference in     the UDF filesystem. A local user that can mount a specially crafted UDF image can use this flaw to crash     the system. CVE-2022-25636 Nick Gregory reported a heap out-of-bounds write flaw in the netfilter     subsystem. A user with the CAP_NET_ADMIN capability could use this for denial of service or possibly for     privilege escalation. For the stable distribution (bullseye), these problems have been fixed in version     5.10.103-1. This update additionally includes many more bug fixes from stable updates 5.10.93-5.10.103     inclusive. We recommend that you upgrade your linux packages. For the detailed security status of linux     please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Debian DSA-5095-1 : linux - security update

high Nessus Plugin ID 158762

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.7 Jan 24, 2025, 9:25 PM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin metadata Plugin Feed: 202501242125
Version 1.6 Mar 27, 2024, 7:16 PM Detection (Debian kernel vulns will now be evaluated against the running kernel version instead of the highest installed version) Plugin Feed: 202403271916
Version 1.5 Dec 7, 2023, 3:25 PM Exploit attributes ("Exploit framework metasploit" set to "True") Plugin Feed: 202312071525
Version 1.4 Jan 16, 2023, 4:07 PM Exploit attributes ("Exploit framework core" set to "True") Plugin Feed: 202301161607