Test ID:	1.3.6.1.4.1.25623.1.0.705095
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-5095-1)
Summary:	The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-5095-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'linux' package(s) announced via the DSA-5095-1 advisory. Vulnerability Insight: Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-36310 A flaw was discovered in the KVM implementation for AMD processors, which could lead to an infinite loop. A malicious VM guest could exploit this to cause a denial of service. CVE-2022-0001 (INTEL-SA-00598) Researchers at VUSec discovered that the Branch History Buffer in Intel processors can be exploited to create information side channels with speculative execution. This issue is similar to Spectre variant 2, but requires additional mitigations on some processors. This can be exploited to obtain sensitive information from a different security context, such as from user-space to the kernel, or from a KVM guest to the kernel. CVE-2022-0002 (INTEL-SA-00598) This is a similar issue to CVE-2022-0001, but covers exploitation within a security context, such as from JIT-compiled code in a sandbox to hosting code in the same process. This is partly mitigated by disabling eBPF for unprivileged users with the sysctl: kernel.unprivileged_bpf_disabled=2. This is already the default in Debian 11 bullseye. CVE-2022-0487 A use-after-free was discovered in the MOXART SD/MMC Host Controller support driver. This flaw does not impact the Debian binary packages as CONFIG_MMC_MOXART is not set. CVE-2022-0492 Yiqi Sun and Kevin Wang reported that the cgroup-v1 subsystem does not properly restrict access to the release-agent feature. A local user can take advantage of this flaw for privilege escalation and bypass of namespace isolation. CVE-2022-0617 butt3rflyh4ck discovered a NULL pointer dereference in the UDF filesystem. A local user that can mount a specially crafted UDF image can use this flaw to crash the system. CVE-2022-25636 Nick Gregory reported a heap out-of-bounds write flaw in the netfilter subsystem. A user with the CAP_NET_ADMIN capability could use this for denial of service or possibly for privilege escalation. For the stable distribution (bullseye), these problems have been fixed in version 5.10.103-1. This update additionally includes many more bug fixes from stable updates 5.10.93-5.10.103 inclusive. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: [link moved to references] Affected Software/OS: 'linux' package(s) on Debian 11. Solution: Please install the updated package(s). CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-36310 Debian Security Information: DSA-5095 (Google Search) https://www.debian.org/security/2022/dsa-5095 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e72436bc3a5206f95bb384e741154166ddb3202e Common Vulnerability Exposure (CVE) ID: CVE-2022-0001 CERT/CC vulnerability note: VU#155143 https://www.kb.cert.org/vuls/id/155143 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html https://www.oracle.com/security-alerts/cpujul2022.html http://www.openwall.com/lists/oss-security/2022/03/18/2 Common Vulnerability Exposure (CVE) ID: CVE-2022-0002 Common Vulnerability Exposure (CVE) ID: CVE-2022-0487 Debian Security Information: DSA-5096 (Google Search) https://www.debian.org/security/2022/dsa-5096 https://bugzilla.redhat.com/show_bug.cgi?id=2044561 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39 https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2022-0492 http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html https://bugzilla.redhat.com/show_bug.cgi?id=2051505 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af Common Vulnerability Exposure (CVE) ID: CVE-2022-0617 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fc3b7c2981bbd1047916ade327beccb90994eee https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea8569194b43f0f01f0a84c689388542c7254a1f https://lore.kernel.org/lkml/20220114172329.ygzry5rlz64ua2nr@quack3.lan/T/ http://www.openwall.com/lists/oss-security/2022/04/13/2 Common Vulnerability Exposure (CVE) ID: CVE-2022-25636 https://security.netapp.com/advisory/ntap-20220325-0002/ https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=b1a5983f56e371046dcf164f90bfaf704d2b89f6 https://github.com/Bonfee/CVE-2022-25636 https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/ https://www.openwall.com/lists/oss-security/2022/02/21/2 http://www.openwall.com/lists/oss-security/2022/02/22/1
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.