The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5935-1 advisory.

    It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly     handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability.
    A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary     code. (CVE-2023-0461)

    Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN     headers in some situations. A local attacker could use this to cause a denial of service (system crash) or     possibly execute arbitrary code. (CVE-2023-0179)

    It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some     situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3169)

    Maxim Levitsky discovered that the KVM nested virtualization (SVM) implementation for AMD processors in     the Linux kernel did not properly handle nested shutdown execution. An attacker in a guest vm could use     this to cause a denial of service (host kernel crash) (CVE-2022-3344)

    Gwangun Jung discovered a race condition in the IPv4 implementation in the Linux kernel when deleting     multipath routes, resulting in an out-of-bounds read. An attacker could use this to cause a denial of     service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-3435)

    It was discovered that a race condition existed in the Kernel Connection Multiplexor (KCM) socket     implementation in the Linux kernel when releasing sockets in certain situations. A local attacker could     use this to cause a denial of service (system crash). (CVE-2022-3521)

    It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free     vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly     execute arbitrary code. (CVE-2022-3545)

    It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush     in some situations. A local attacker could use this to cause a denial of service or possibly execute     arbitrary code. (CVE-2022-4139)

    It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when     handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service     (kernel deadlock). (CVE-2022-42328, CVE-2022-42329)

    It was discovered that the NFSD implementation in the Linux kernel contained a use-after-free     vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or     execute arbitrary code. (CVE-2022-4379)

    It was discovered that a race condition existed in the x86 KVM subsystem implementation in the Linux     kernel when nested virtualization and the TDP MMU are enabled. An attacker in a guest vm could use this to     cause a denial of service (host OS crash). (CVE-2022-45869)

    It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate the number     of channels, leading to an out-of-bounds write vulnerability. An attacker could use this to cause a denial     of service (system crash) or possibly execute arbitrary code. (CVE-2022-47518)

    It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate specific     attributes, leading to an out-of-bounds write vulnerability. An attacker could use this to cause a denial     of service (system crash) or possibly execute arbitrary code. (CVE-2022-47519)

    It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate offsets,     leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service     (system crash). (CVE-2022-47520)

    It was discovered that the Atmel WILC1000 driver in the Linux kernel did not properly validate specific     attributes, leading to a heap-based buffer overflow. An attacker could use this to cause a denial of     service (system crash) or possibly execute arbitrary code. (CVE-2022-47521)

    Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null     pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system     crash). (CVE-2023-0468)

    It was discovered that the file system writeback functionality in the Linux kernel contained a user-after-     free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash)     or execute arbitrary code. (CVE-2023-26605)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-5935-1)

high Nessus Plugin ID 172246

Version 1.4

Version 1.3

Version 1.2

Version 1.2

Version 1.1

Version 1.0

Version 1.4 Aug 28, 2024, 11:02 PM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin metadata Plugin Feed: 202408282302
Version 1.3 Jan 10, 2024, 8:45 AM Detection (updated detection logic) Plugin metadata Plugin Feed: 202401100845
Version 1.2 Oct 23, 2023, 6:27 PM CVE (set "CVE" coverage to "CVE-2022-3169,CVE-2022-3344,CVE-2022-3435,CVE-2022-3521,CVE-2022-3545,CVE-2022-4139,CVE-2022-4379,CVE-2022-42328,CVE-2022-42329,CVE-2022-45869,CVE-2022-47518,CVE-2022-47519,CVE-2022-47520,CVE-2022-47521,CVE-2023-0179,CVE-2023-0461,CVE-2023-0468,CVE-2023-26605") CVSSv2 score source (changed from "CVE-2023-0461" to "CVE-2023-26605") Detection Plugin metadata Plugin Feed: 202310231827
Version 1.2 Jan 9, 2024, 6:56 PM Detection (updated detection logic) Plugin metadata Plugin Feed: 202401091856
Version 1.1 Aug 31, 2023, 2:16 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") CVSSv2 score source (changed from "CVE-2022-47521" to "CVE-2023-0461") CVSSv3 score source (set to "CVE-2023-0461") Exploit attributes ("Exploit available" set to "True". "Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202308311416
Version 1.0 Mar 8, 2023, 5:08 AM New Plugin Feed: 202303080508