The version of kernel installed on the remote host is prior to 4.14.285-147.501. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1604 advisory.

    A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in     the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or     CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)

    An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c function in     RPCRDMA_HDRLEN_MIN (7) (in rpcrdma_max_call_header_size, rpcrdma_max_reply_header_size). This flaw allows     an attacker with normal user privileges to leak kernel information. (CVE-2022-0812)

    Due to the small table perturb size, a memory leak flaw was found in the Linux kernel's TCP source port     generation algorithm in the net/ipv4/tcp.c function. This flaw allows an attacker to leak information and     may cause a denial of service. (CVE-2022-1012)

    A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel's filesystem sub-     component. This flaw allows a local attacker with a user privilege to cause a denial of service.
    (CVE-2022-1184)

    A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in     net/netfilter/nf_tables_api.c. This flaw allows a local attacker with user access to cause a privilege     escalation issue. (CVE-2022-1966)

    net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create     user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to     a use-after-free. (CVE-2022-32250)

    The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are     used. (CVE-2022-32296)

    An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer     overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point     registers. (CVE-2022-32981)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Amazon Linux AMI : kernel (ALAS-2022-1604)

high Nessus Plugin ID 162830

Version 1.8