The version of kernel installed on the remote host is prior to 5.10.82-83.359. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2024-049 advisory.

    A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could     happen if removing device (that is not common to remove video card physically without power-off, but same     happens if unbind the driver). (CVE-2020-27820)

    A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the     way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del()     together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A     privileged local user could use this flaw to crash the system or escalate their privileges on the system.
    (CVE-2021-3640)

    A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP     association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and     the attacker can send packets with spoofed IP addresses. (CVE-2021-3772)

    A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and     bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special     privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. (CVE-2021-4001)

    A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some     regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the     memory pages. A local user could use this flaw to get unauthorized access to some data. (CVE-2021-4002)

    A flaw heap buffer overflow in the Linux kernel's AMD Radeon graphics card driver was found in the way     user writes some malicious data to the AMD GPU Display Driver Debug Filesystem (to the VGA sub-directory     of the /sys/kernel/debug/ directory). A local user could use this flaw to crash the system or escalate     their privileges on the system. (CVE-2021-42327)

    In the Linux kernel, the following vulnerability has been resolved:

    i40e: Fix NULL ptr dereference on VSI filter sync (CVE-2021-47184)

    In the Linux kernel, the following vulnerability has been resolved:

    tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (CVE-2021-47185)

    In the Linux kernel, the following vulnerability has been resolved:

    tipc: check for null after calling kmemdup (CVE-2021-47186)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: fix memory ordering between normal and ordered work functions (CVE-2021-47189)

    In the Linux kernel, the following vulnerability has been resolved:

    perf bpf: Avoid memory leak from perf_env__insert_btf() (CVE-2021-47190)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() (CVE-2021-47191)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: core: sysfs: Fix hang when device state is set via sysfs (CVE-2021-47192)

    In the Linux kernel, the following vulnerability has been resolved:

    net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() (CVE-2021-47197)

    In the Linux kernel, the following vulnerability has been resolved:

    iavf: free q_vectors before queues in iavf_disable_vf (CVE-2021-47201)

    In the Linux kernel, the following vulnerability has been resolved:

    thermal: Fix NULL pointer dereferences in of_thermal_ functions (CVE-2021-47202)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() (CVE-2021-47203)

    In the Linux kernel, the following vulnerability has been resolved:

    x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails (CVE-2021-47217)

    In the Linux kernel, the following vulnerability has been resolved:

    selinux: fix NULL-pointer dereference when hashtab allocation fails (CVE-2021-47218)

    In the Linux kernel, the following vulnerability has been resolved:

    scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (CVE-2021-47219)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: fix possible UAF when remounting r/o a mmp-protected file system (CVE-2021-47342)

    In the Linux kernel, the following vulnerability has been resolved:

    can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (CVE-2021-47459)

    In the Linux kernel, the following vulnerability has been resolved:

    audit: fix possible null-pointer dereference in audit_filter_rules (CVE-2021-47464)

    In the Linux kernel, the following vulnerability has been resolved:

    regmap: Fix possible double-free in regcache_rbtree_exit() (CVE-2021-47483)

    In the Linux kernel, the following vulnerability has been resolved:

    net/tls: Fix flipped sign in tls_err_abort() calls (CVE-2021-47496)

    A use-after-free flaw was found in the Linux kernel's Ext4 File System in how a user triggers several file     operations simultaneously with the overlay FS usage. This flaw allows a local user to crash or potentially     escalate their privileges on the system. (CVE-2023-1252)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-049)

high Nessus Plugin ID 190033

Version 1.11

Version 1.9

Version 1.8

Version 1.7

Version 1.6

Version 1.4

Version 1.3

Version 1.2

Version 1.0

Version 1.11 Mar 17, 2025, 12:07 PM Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202503171207
Version 1.9 Feb 3, 2025, 7:29 AM Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202502030729
Version 1.8 Feb 1, 2025, 2:46 AM CVE (set "CVE" coverage to "CVE-2020-27820,CVE-2021-3640,CVE-2021-3772,CVE-2021-4001,CVE-2021-4002,CVE-2021-42327,CVE-2021-47184,CVE-2021-47185,CVE-2021-47186,CVE-2021-47189,CVE-2021-47190,CVE-2021-47191,CVE-2021-47192,CVE-2021-47197,CVE-2021-47201,CVE-2021-47202,CVE-2021-47203,CVE-2021-47217,CVE-2021-47218,CVE-2021-47219,CVE-2021-47459,CVE-2021-47483,CVE-2023-1252") CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Exploit attributes ("Exploitability ease" changed from "Exploits are available" to "No known exploits are available") Plugin metadata Plugin Feed: 202502010246
Version 1.7 Dec 12, 2024, 9:55 AM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Detection (updated detection logic) Plugin Feed: 202412120955
Version 1.6 Aug 29, 2024, 7:18 AM Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202408290718
Version 1.4 May 16, 2024, 8:03 AM Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202405160803
Version 1.3 May 16, 2024, 12:59 AM CVE (set "CVE" coverage to "CVE-2020-27820,CVE-2021-3640,CVE-2021-3772,CVE-2021-4001,CVE-2021-4002,CVE-2021-42327,CVE-2023-1252") Detection (updated detection logic) Exploit attributes ("Exploitability ease" changed from "Exploits are available" to "No known exploits are available") Plugin metadata Plugin Feed: 202405160059
Version 1.2 Feb 20, 2024, 3:54 PM Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202402201554
Version 1.0 Feb 6, 2024, 12:33 PM New Plugin Feed: 202402061233