The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7683 advisory.

    - x86/speculation: Add LFENCE to RSB fill sequence (Waiman Long) [2115080] {CVE-2022-26373}
    - x86/speculation: Add RSB VM Exit protections (Waiman Long) [2115080] {CVE-2022-26373}
    - net_sched: cls_route: remove from list when handle is 0 (Felix Maurer) [2116328] {CVE-2022-2588}
    - netfilter: nf_tables: do not allow RULE_ID to refer to another chain (Florian Westphal) [2116356]     {CVE-2022-2586}
    - netfilter: nf_tables: do not allow SET_ID to refer to another table (Florian Westphal) [2116356]     {CVE-2022-2586}
    - netfilter: nf_queue: do not allow packet truncation below transport header offset (Florian Westphal)     [2116159] {CVE-2022-36946}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Oracle Linux 8 : kernel (ELSA-2022-7683)

high Nessus Plugin ID 167577

Version 1.8

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.8 Nov 2, 2024, 5:10 AM CVSS metrics ("Cvssv4 score" set to 8.6) Detection (updated detection logic) Plugin Feed: 202411020510
Version 1.7 Oct 23, 2024, 10:51 PM CVSS metrics ("Cvssv4 score" set to 8.6) Detection (updated detection logic) Plugin Feed: 202410232251
Version 1.6 Oct 23, 2024, 7:37 AM CVSS metrics ("Cvssv4 threat vector" set to "CVSS:4.0/E:A") Plugin Feed: 202410230737
Version 1.5 Oct 22, 2024, 9:14 PM CVSS metrics ("Cvssv4 score" set to 8.6) CVSS metrics ("Cvssv4 vector" set to "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N") Detection (updated detection logic) Plugin metadata Plugin Feed: 202410222114
Version 1.4 Jun 26, 2024, 11:05 PM CISA reference Plugin Feed: 202406262305
Version 1.3 Dec 13, 2022, 2:03 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202212131403
Version 1.2 Nov 16, 2022, 12:10 PM New Plugin Feed: 202211161210