Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-5361-1) - Nessus
Medium Plugin ID: 159387This page contains detailed information about the Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-5361-1) Nessus plugin including available exploits and PoCs found on GitHub, in Metasploit or Exploit-DB for verifying of this vulnerability.
Plugin Overview
ID: 159387
Name: Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-5361-1)
Filename: ubuntu_USN-5361-1.nasl
Vulnerability Published: 2020-05-15
This Plugin Published: 2022-04-01
Last Modification Time: 2022-04-26
Plugin Version: 1.3
Plugin Type: local
Plugin Family: Ubuntu Local Security Checks
Dependencies:
linux_alt_patch_detect.nasl, ssh_get_info.nasl
Required KB Items [?]: Host/cpu, Host/Debian/dpkg-l, Host/Ubuntu, Host/Ubuntu/release
Vulnerability Information
Severity: Medium
Vulnerability Published: 2020-05-15
Patch Published: 2022-04-01
CVE [?]: CVE-2020-3702, CVE-2020-12888, CVE-2020-26141, CVE-2020-26145, CVE-2021-0920, CVE-2021-0935, CVE-2021-4083, CVE-2021-28964, CVE-2021-31916, CVE-2021-37159, CVE-2021-39636, CVE-2021-42739, CVE-2021-43976, CVE-2021-45486
CPE [?]: cpe:/o:canonical:ubuntu_linux:16.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws, p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-4.4.0-1139, p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-4.4.0-1139, p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-4.4.0-1139, p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.4.0-223-generic, p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.4.0-223-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.4.0-1104-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.4.0-1139-aws, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-223, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-223-generic, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-223-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-1104-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-1139-aws, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-crashdump, p-cpe:/a:canonical:ubuntu_linux:linux-generic, p-cpe:/a:canonical:ubuntu_linux:linux-generic-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-generic-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-generic-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-generic-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-223, p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-223-generic, p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-223-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-1104-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-1139-aws, p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws, p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic, p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual, p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-generic-trusty, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-virtual-trusty, p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-223-generic, p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-223-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1104-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1139-aws, p-cpe:/a:canonical:ubuntu_linux:linux-image-aws, p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual, p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-image-generic, p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-image-hwe-generic-trusty, p-cpe:/a:canonical:ubuntu_linux:linux-image-hwe-virtual-trusty, p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.4.0-223-generic, p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.4.0-223-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual, p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-kvm-cloud-tools-4.4.0-1104, p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-4.4.0-1104, p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-4.4.0-1104, p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.4.0-223-generic, p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.4.0-223-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.4.0-1104-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.4.0-1139-aws, p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.4.0-223-generic, p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.4.0-1139-aws, p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws, p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic, p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic, p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-source, p-cpe:/a:canonical:ubuntu_linux:linux-source-4.4.0, p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-223, p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-223-generic, p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-223-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-1104-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-1139-aws, p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws, p-cpe:/a:canonical:ubuntu_linux:linux-tools-common, p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic, p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-tools-host, p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-tools-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual, p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-virtual, p-cpe:/a:canonical:ubuntu_linux:linux-virtual-lts-utopic, p-cpe:/a:canonical:ubuntu_linux:linux-virtual-lts-vivid, p-cpe:/a:canonical:ubuntu_linux:linux-virtual-lts-wily, p-cpe:/a:canonical:ubuntu_linux:linux-virtual-lts-xenial
Synopsis
The remote Ubuntu host is missing one or more security updates.
Description
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5361-1 advisory.
- u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)
- The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. (CVE-2020-12888)
- An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data- confidentiality protocol. (CVE-2020-26141)
- An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration. (CVE-2020-26145)
- In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel (CVE-2021-0920)
- In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References: Upstream kernel (CVE-2021-0935)
- A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4. (CVE-2021-4083)
- A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc. (CVE-2021-28964)
- An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi- device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. (CVE-2021-31916)
- hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. (CVE-2021-37159)
- In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information due to uninitialized data. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-120612905References: Upstream kernel (CVE-2021-39636)
- The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking. (CVE-2021-42739)
- In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic). (CVE-2021-43976)
- In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. (CVE-2021-45486)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.
Public Exploits
Target Network Port(s): N/A
Target Asset(s): N/A
Exploit Available: True (GitHub)
Exploit Ease: Exploits are available
Here's the list of publicly known exploits and PoCs for verifying the Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-5361-1) vulnerability:
- GitHub: https://github.com/vanhoefm/fragattacks
[CVE-2020-26145] - GitHub: https://github.com/enterprisemodules/vulnerability_demo
[CVE-2021-0920] - GitHub: https://github.com/JamesGeee/CVE-2021-31916
[CVE-2021-31916: PoC for exploiting CVE-2021-31916] - GitHub: https://github.com/JaskaranNarula/Host_Errata_Info
[CVE-2021-42739]
Before running any exploit against any system, make sure you are authorized by the owner of the target system(s) to perform such activity. In any other case, this would be considered as an illegal activity.
WARNING: Beware of using unverified exploits from sources such as GitHub or Exploit-DB. These exploits and PoCs could contain malware. For more information, see how to use exploits safely.
Risk Information
CVSS Score Source [?]: CVE-2021-0935
CVSS V2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C
| CVSS Base Score: | 7.2 (High) |
| Impact Subscore: | 10.0 |
| Exploitability Subscore: | 3.9 |
| CVSS Temporal Score: | 5.6 (Medium) |
| CVSS Environmental Score: | NA (None) |
| Modified Impact Subscore: | NA |
| Overall CVSS Score: | 5.6 (Medium) |
| CVSS Base Score: | 6.7 (Medium) |
| Impact Subscore: | 5.9 |
| Exploitability Subscore: | 0.8 |
| CVSS Temporal Score: | 6.0 (Medium) |
| CVSS Environmental Score: | NA (None) |
| Modified Impact Subscore: | NA |
| Overall CVSS Score: | 6.0 (Medium) |
Go back to menu.
Plugin Source
This is the ubuntu_USN-5361-1.nasl nessus plugin source code. Ubuntu Security Notice (C) 2022 Canonical, Inc. / NASL script (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-5361-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(159387);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/04/26");
script_cve_id(
"CVE-2020-3702",
"CVE-2020-12888",
"CVE-2020-26141",
"CVE-2020-26145",
"CVE-2021-0920",
"CVE-2021-0935",
"CVE-2021-4083",
"CVE-2021-28964",
"CVE-2021-31916",
"CVE-2021-37159",
"CVE-2021-39636",
"CVE-2021-42739",
"CVE-2021-43976",
"CVE-2021-45486"
);
script_xref(name:"USN", value:"5361-1");
script_name(english:"Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-5361-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in
the USN-5361-1 advisory.
- u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to
improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for
a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon
Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon
Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W,
MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)
- The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory
space. (CVE-2020-12888)
- An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation
does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can
abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-
confidentiality protocol. (CVE-2020-26141)
- An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3
implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process
them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets
independent of the network configuration. (CVE-2020-26145)
- In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This
could lead to local escalation of privilege with System execution privileges needed. User interaction is
not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References:
Upstream kernel (CVE-2021-0920)
- In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could
lead to local escalation of privilege with System execution privileges needed. User interaction is not
needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References:
Upstream kernel (CVE-2021-0935)
- A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket
file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race
condition. This flaw allows a local user to crash the system or escalate their privileges on the system.
This flaw affects Linux kernel versions prior to 5.16-rc4. (CVE-2021-4083)
- A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It
allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer
before a cloning operation, aka CID-dbcc7d57bffc. (CVE-2021-28964)
- An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-
device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with
special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or
a leak of internal kernel information. The highest threat from this vulnerability is to system
availability. (CVE-2021-31916)
- hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev
without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
(CVE-2021-37159)
- In do_ipt_get_ctl and do_ipt_set_ctl of ip_tables.c, there is a possible way to leak kernel information
due to uninitialized data. This could lead to local information disclosure with system execution
privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android
kernelAndroid ID: A-120612905References: Upstream kernel (CVE-2021-39636)
- The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to
drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt
mishandles bounds checking. (CVE-2021-42739)
- In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows
an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
(CVE-2021-43976)
- In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak
because the hash table is very small. (CVE-2021-45486)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-5361-1");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-0935");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/05/15");
script_set_attribute(attribute:"patch_publication_date", value:"2022/04/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/04/01");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04:-:lts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-cloud-tools-4.4.0-1139");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-headers-4.4.0-1139");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-aws-tools-4.4.0-1139");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.4.0-1104-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.4.0-1139-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.4.0-223-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-4.4.0-223-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-1104-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-1139-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-223");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-223-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-4.4.0-223-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-generic-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-lowlatency-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-cloud-tools-virtual-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-crashdump");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-generic-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-1104-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-1139-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-223");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-223-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-4.4.0-223-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-generic-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-lowlatency-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-virtual-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-generic-trusty");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-hwe-virtual-trusty");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1104-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-1139-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-223-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4.0-223-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-extra-virtual-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-hwe-generic-trusty");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-hwe-virtual-trusty");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.4.0-223-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-4.4.0-223-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-cloud-tools-4.4.0-1104");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-headers-4.4.0-1104");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-kvm-tools-4.4.0-1104");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.4.0-1104-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.4.0-1139-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.4.0-223-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-modules-4.4.0-223-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.4.0-1139-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-4.4.0-223-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-modules-extra-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-generic-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-generic-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-image-lowlatency-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-signed-lowlatency-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-4.4.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-1104-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-1139-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-223");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-223-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-4.4.0-223-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-aws");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-generic-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-host");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-kvm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lowlatency-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-virtual-lts-xenial");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-virtual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-lts-utopic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-lts-vivid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-lts-wily");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-virtual-lts-xenial");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Ubuntu Local Security Checks");
script_copyright(english:"Ubuntu Security Notice (C) 2022 Canonical, Inc. / NASL script (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include('ubuntu.inc');
include('ksplice.inc');
if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item('Host/Ubuntu/release');
if ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
var release = chomp(release);
if (! preg(pattern:"^(16\.04)$", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);
if (get_one_kb_item('Host/ksplice/kernel-cves'))
{
rm_kb_item(name:'Host/uptrack-uname-r');
var cve_list = make_list('CVE-2020-3702', 'CVE-2020-12888', 'CVE-2020-26141', 'CVE-2020-26145', 'CVE-2021-0920', 'CVE-2021-0935', 'CVE-2021-4083', 'CVE-2021-28964', 'CVE-2021-31916', 'CVE-2021-37159', 'CVE-2021-39636', 'CVE-2021-42739', 'CVE-2021-43976', 'CVE-2021-45486');
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5361-1');
}
else
{
_ubuntu_report = ksplice_reporting_text();
}
}
var pkgs = [
{'osver': '16.04', 'pkgname': 'linux-aws', 'pkgver': '4.4.0.1139.144'},
{'osver': '16.04', 'pkgname': 'linux-aws-cloud-tools-4.4.0-1139', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-aws-headers-4.4.0-1139', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-aws-tools-4.4.0-1139', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-buildinfo-4.4.0-1104-kvm', 'pkgver': '4.4.0-1104.113'},
{'osver': '16.04', 'pkgname': 'linux-buildinfo-4.4.0-1139-aws', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-buildinfo-4.4.0-223-generic', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-buildinfo-4.4.0-223-lowlatency', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.4.0-1104-kvm', 'pkgver': '4.4.0-1104.113'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.4.0-1139-aws', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.4.0-223', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.4.0-223-generic', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-4.4.0-223-lowlatency', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-common', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-generic-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-lowlatency-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-cloud-tools-virtual-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-crashdump', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-generic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-generic-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-generic-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-generic-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-generic-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-4.4.0-1104-kvm', 'pkgver': '4.4.0-1104.113'},
{'osver': '16.04', 'pkgname': 'linux-headers-4.4.0-1139-aws', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-headers-4.4.0-223', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-headers-4.4.0-223-generic', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-headers-4.4.0-223-lowlatency', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-headers-aws', 'pkgver': '4.4.0.1139.144'},
{'osver': '16.04', 'pkgname': 'linux-headers-generic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-generic-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-generic-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-generic-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-generic-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-kvm', 'pkgver': '4.4.0.1104.102'},
{'osver': '16.04', 'pkgname': 'linux-headers-lowlatency', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-lowlatency-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-virtual', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-virtual-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-virtual-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-virtual-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-headers-virtual-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-hwe-generic-trusty', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-hwe-virtual-trusty', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-4.4.0-1104-kvm', 'pkgver': '4.4.0-1104.113'},
{'osver': '16.04', 'pkgname': 'linux-image-4.4.0-1139-aws', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-image-4.4.0-223-generic', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-image-4.4.0-223-lowlatency', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-image-aws', 'pkgver': '4.4.0.1139.144'},
{'osver': '16.04', 'pkgname': 'linux-image-extra-virtual', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-extra-virtual-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-generic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-generic-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-generic-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-generic-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-generic-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-hwe-generic-trusty', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-hwe-virtual-trusty', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-kvm', 'pkgver': '4.4.0.1104.102'},
{'osver': '16.04', 'pkgname': 'linux-image-lowlatency', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-lowlatency-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-lowlatency-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-lowlatency-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-lowlatency-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.4.0-223-generic', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-image-unsigned-4.4.0-223-lowlatency', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-image-virtual', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-virtual-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-virtual-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-virtual-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-image-virtual-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-kvm', 'pkgver': '4.4.0.1104.102'},
{'osver': '16.04', 'pkgname': 'linux-kvm-cloud-tools-4.4.0-1104', 'pkgver': '4.4.0-1104.113'},
{'osver': '16.04', 'pkgname': 'linux-kvm-headers-4.4.0-1104', 'pkgver': '4.4.0-1104.113'},
{'osver': '16.04', 'pkgname': 'linux-kvm-tools-4.4.0-1104', 'pkgver': '4.4.0-1104.113'},
{'osver': '16.04', 'pkgname': 'linux-libc-dev', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-lowlatency', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-lowlatency-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-lowlatency-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-lowlatency-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-lowlatency-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-modules-4.4.0-1104-kvm', 'pkgver': '4.4.0-1104.113'},
{'osver': '16.04', 'pkgname': 'linux-modules-4.4.0-1139-aws', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-modules-4.4.0-223-generic', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-modules-4.4.0-223-lowlatency', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-modules-extra-4.4.0-1139-aws', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-modules-extra-4.4.0-223-generic', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-modules-extra-aws', 'pkgver': '4.4.0.1139.144'},
{'osver': '16.04', 'pkgname': 'linux-signed-generic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-generic-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-generic-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-generic-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-generic-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-image-generic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-image-generic-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-image-generic-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-image-generic-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-image-generic-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-image-lowlatency', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-image-lowlatency-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-image-lowlatency-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-lowlatency', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-lowlatency-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-signed-lowlatency-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-source', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-source-4.4.0', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-tools-4.4.0-1104-kvm', 'pkgver': '4.4.0-1104.113'},
{'osver': '16.04', 'pkgname': 'linux-tools-4.4.0-1139-aws', 'pkgver': '4.4.0-1139.153'},
{'osver': '16.04', 'pkgname': 'linux-tools-4.4.0-223', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-tools-4.4.0-223-generic', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-tools-4.4.0-223-lowlatency', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-tools-aws', 'pkgver': '4.4.0.1139.144'},
{'osver': '16.04', 'pkgname': 'linux-tools-common', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-tools-generic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-generic-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-generic-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-generic-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-generic-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-host', 'pkgver': '4.4.0-223.256'},
{'osver': '16.04', 'pkgname': 'linux-tools-kvm', 'pkgver': '4.4.0.1104.102'},
{'osver': '16.04', 'pkgname': 'linux-tools-lowlatency', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-lowlatency-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-virtual', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-virtual-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-virtual-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-virtual-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-tools-virtual-lts-xenial', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-virtual', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-virtual-lts-utopic', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-virtual-lts-vivid', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-virtual-lts-wily', 'pkgver': '4.4.0.223.230'},
{'osver': '16.04', 'pkgname': 'linux-virtual-lts-xenial', 'pkgver': '4.4.0.223.230'}
];
var flag = 0;
foreach package_array ( pkgs ) {
var osver = NULL;
var pkgname = NULL;
var pkgver = NULL;
if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
if (osver && pkgname && pkgver) {
if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
var tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-aws / linux-aws-cloud-tools-4.4.0-1139 / etc');
}
The latest version of this script can be found in these locations depending on your platform:
- Linux / Unix:
/opt/nessus/lib/nessus/plugins/ubuntu_USN-5361-1.nasl - Windows:
C:\ProgramData\Tenable\Nessus\nessus\plugins\ubuntu_USN-5361-1.nasl - Mac OS X:
/Library/Nessus/run/lib/nessus/plugins/ubuntu_USN-5361-1.nasl
Go back to menu.
How to Run
Here is how to run the Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-5361-1) as a standalone plugin via the Nessus web user interface (https://localhost:8834/):
- Click to start a New Scan.
- Select Advanced Scan.
- Navigate to the Plugins tab.
- On the top right corner click to Disable All plugins.
- On the left side table select Ubuntu Local Security Checks plugin family.
- On the right side table select Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-5361-1) plugin ID 159387.
- Specify the target on the Settings tab and click to Save the scan.
- Run the scan.
Here are a few examples of how to run the plugin in the command line. Note that the examples below demonstrate the usage on the Linux / Unix platform.
Basic usage:
/opt/nessus/bin/nasl ubuntu_USN-5361-1.nasl -t <IP/HOST>Run the plugin with audit trail message on the console:
/opt/nessus/bin/nasl -a ubuntu_USN-5361-1.nasl -t <IP/HOST>Run the plugin with trace script execution written to the console (useful for debugging):
/opt/nessus/bin/nasl -T - ubuntu_USN-5361-1.nasl -t <IP/HOST>Run the plugin with using a state file for the target and updating it (useful for running multiple plugins on the target):
/opt/nessus/bin/nasl -K /tmp/state ubuntu_USN-5361-1.nasl -t <IP/HOST>Go back to menu.
References
USN | Ubuntu Security Notice: See also:
- https://www.tenable.com/plugins/nessus/159387
- https://ubuntu.com/security/notices/USN-5361-1
- https://vulners.com/nessus/UBUNTU_USN-5361-1.NASL
- 159041 - RHEL 8 : kpatch-patch-4_18_0-147_58_1 (RHSA-2022:0958)
- 159093 - EulerOS 2.0 SP5 : kernel (EulerOS-SA-2022-1328)
- 159143 - Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-5339-1)
- 159144 - Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5338-1)
- 159146 - SUSE SLES15 Security Update : kernel (Live Patch 14 for SLE 15 SP3) (SUSE-SU-2022:0615-1)
- 159149 - SUSE SLES15 Security Update : kernel (Live Patch 10 for SLE 15 SP3) (SUSE-SU-2022:0660-1)
- 159150 - SUSE SLES15 Security Update : kernel (Live Patch 13 for SLE 15 SP3) (SUSE-SU-2022:0619-1)
- 159262 - EulerOS 2.0 SP8 : kernel (EulerOS-SA-2022-1352)
- 159302 - CentOS 8 : kernel (CESA-2022:0825)
- 159310 - RHEL 7 : kpatch-patch (RHSA-2022:1103)
- 159314 - RHEL 7 : kernel (RHSA-2022:1107)
- 159319 - RHEL 7 : kernel (RHSA-2022:1106)
- 159342 - SUSE SLES15 Security Update : kernel (Live Patch 25 for SLE 15 SP2) (SUSE-SU-2022:0996-1)
- 159352 - SUSE SLES15 Security Update : kernel (Live Patch 15 for SLE 15 SP3) (SUSE-SU-2022:1034-1)
- 159353 - SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1038-1)
- 159357 - SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1037-1)
- 159366 - SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:1039-1)
- 159394 - openSUSE 15 Security Update : kernel (openSUSE-SU-2022:1037-1)
- 159395 - Ubuntu 20.04 LTS : Linux kernel (Intel IOTG) vulnerabilities (USN-5362-1)
- 159398 - RHEL 7 : kernel (RHSA-2022:1104)
- 159460 - openSUSE 15 Security Update : kernel (openSUSE-SU-2022:1039-1)
- 159595 - RHEL 7 : RHV-H security update (redhat-virtualization-host) 4.3.22 (Important) (RHSA-2022:1263)
- 159627 - EulerOS 2.0 SP8 : kernel (EulerOS-SA-2022-1366)
- 159691 - RHEL 7 : kernel (RHSA-2022:1324)
- 159729 - Ubuntu 20.04 LTS : Linux kernel (BlueField) vulnerabilities (USN-5377-1)
- 159731 - RHEL 7 : kpatch-patch (RHSA-2022:1373)
- 159748 - SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1197-1)
- 159815 - EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-1429)
- 159840 - EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2022-1376)
- 159861 - EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2022-1402)
- 159901 - RHEL 8 : kernel-rt (RHSA-2022:1413)
- 159908 - RHEL 6 : kernel (RHSA-2022:1417)
- 159913 - RHEL 8 : kpatch-patch (RHSA-2022:1418)
- 159931 - SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1257-1)
Version
This page has been produced using Nessus Professional 10.1.2 (#68) LINUX, Plugin set 202205072148.
Plugin file ubuntu_USN-5361-1.nasl version 1.3. For more plugins, visit the Nessus Plugin Library.
Go back to menu.
