The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5875-1 advisory.

    It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC     messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service     (system crash) or possibly execute arbitrary code. (CVE-2022-43945)

    Tams Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained     multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial     of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896)

    It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform     bounds checking in some situations. A physically proximate attacker could use this to craft a malicious     USB device that when inserted, could cause a denial of service (system crash) or possibly execute     arbitrary code. (CVE-2022-3628)

    It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel.
    A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary     code. (CVE-2022-3640)

    It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets     structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service     (host NIC availability). (CVE-2022-3643)

    Khalid Masum discovered that the NILFS2 file system implementation in the Linux kernel did not properly     handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use     this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-3649)

    It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux     kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause     a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849)

    It was discovered that a race condition existed in the Roccat HID driver in the Linux kernel, leading to a     use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash)     or possibly execute arbitrary code. (CVE-2022-41850)

    Tams Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly     initialize memory in some situations. A physically proximate attacker could possibly use this to expose     sensitive information (kernel memory). (CVE-2022-42895)

    It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux     kernel. A physically proximate attacker could use this to cause a denial of service (system crash).
    (CVE-2022-45934)

    It was discovered that the binder IPC implementation in the Linux kernel contained a use-after-free     vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly     execute arbitrary code. (CVE-2023-20928)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5875-1)

high Nessus Plugin ID 171577

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.0

Version 1.5 Aug 28, 2024, 11:02 PM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin metadata Plugin Feed: 202408282302
Version 1.4 Jan 9, 2024, 6:56 PM Detection (updated detection logic) Plugin Feed: 202401091856
Version 1.3 Oct 21, 2023, 5:06 AM Plugin metadata Detection Plugin Feed: 202310210506
Version 1.2 Sep 4, 2023, 4:15 PM CVSS metrics ("CVSSv2 score" changed from 10.0 to 8.3. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" to "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C" to "CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C". "CVSSv3 score" changed from 10.0 to 8.8) CVSSv2 score source (changed from "CVE-2022-3643" to "CVE-2022-42896") CVSSv3 score source (set to "CVE-2022-42896") Plugin Feed: 202309041615
Version 1.1 Feb 17, 2023, 10:07 PM Exploit attributes ("Exploit available" set to "True". "Exploit available" set to "True". "Exploit available" set to "True". "Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202302172207
Version 1.0 Feb 17, 2023, 1:59 AM New Plugin Feed: 202302170159