 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.893102 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DLA-3102) |
| Summary: | The remote host is missing an update for the Debian 'linux-5.10' package(s) announced via the DLA-3102 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'linux-5.10' package(s) announced via the DLA-3102 advisory. Vulnerability Insight: Linux 5.10 has been packaged for Debian 10 as linux-5.10. This provides a supported upgrade path for systems that currently use kernel packages from the 'buster-backports' suite. There is no need to upgrade systems using Linux 4.19, as that kernel version will also continue to be supported in the LTS period. The 'apt full-upgrade' command will not automatically install the updated kernel packages. You should explicitly install one of the following metapackages first, as appropriate for your system: linux-image-5.10-686 linux-image-5.10-686-pae linux-image-5.10-amd64 linux-image-5.10-arm64 linux-image-5.10-armmp linux-image-5.10-armmp-lpae linux-image-5.10-cloud-amd64 linux-image-5.10-cloud-arm64 linux-image-5.10-rt-686-pae linux-image-5.10-rt-amd64 linux-image-5.10-rt-arm64 linux-image-5.10-rt-armmp For example, if the command 'uname -r' currently shows '5.10.0-0.deb10.16-amd64', you should install linux-image-5.10-amd64. This backport does not include the following binary packages: bpftool hyperv-daemons libcpupower-dev libcpupower1 linux-compiler-gcc-8-arm linux-compiler-gcc-8-x86 linux-cpupower linux-libc-dev usbip Older versions of most of those are built from the linux source package in Debian 10. Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2022-2585 A use-after-free flaw in the implementation of POSIX CPU timers may result in denial of service or in local privilege escalation. CVE-2022-2586 A use-after-free in the Netfilter subsystem may result in local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace. CVE-2022-2588 Zhenpeng Lin discovered a use-after-free flaw in the cls_route filter implementation which may result in local privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace. CVE-2022-26373 It was discovered that on certain processors with Intel's Enhanced Indirect Branch Restricted Speculation (eIBRS) capabilities there are exceptions to the documented properties in some situations, which may result in information disclosure. Intel's explanation of the issue can be found at [link moved to references] CVE-2022-29900 Johannes Wikner and Kaveh Razavi reported that for AMD/Hygon processors, mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. A list of affected AMD CPU types can be found at [link moved to references] CVE-2022-29901 Johannes Wikner and Kaveh Razavi reported that for Intel processors (Intel Core generation 6, 7 and 8), protections against speculative branch target injection attacks were insufficient in some circumstances, which may allow arbitrary speculative code execution under certain microarchitecture-dependent ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'linux-5.10' package(s) on Debian 10. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2022-2585 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2585 https://lore.kernel.org/lkml/20220809170751.164716-1-cascardo@canonical.com/T/#u https://ubuntu.com/security/notices/USN-5564-1 https://ubuntu.com/security/notices/USN-5565-1 https://ubuntu.com/security/notices/USN-5566-1 https://ubuntu.com/security/notices/USN-5567-1 https://www.openwall.com/lists/oss-security/2022/08/09/7 Common Vulnerability Exposure (CVE) ID: CVE-2022-2586 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2586 https://lore.kernel.org/netfilter-devel/20220809170148.164591-1-cascardo@canonical.com/T/#t https://ubuntu.com/security/notices/USN-5557-1 https://ubuntu.com/security/notices/USN-5560-1 https://ubuntu.com/security/notices/USN-5560-2 https://ubuntu.com/security/notices/USN-5562-1 https://ubuntu.com/security/notices/USN-5582-1 https://www.openwall.com/lists/oss-security/2022/08/09/5 https://www.zerodayinitiative.com/advisories/ZDI-22-1118/ Common Vulnerability Exposure (CVE) ID: CVE-2022-2588 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2588 https://github.com/Markakd/CVE-2022-2588 https://lore.kernel.org/netdev/20220809170518.164662-1-cascardo@canonical.com/T/#u https://ubuntu.com/security/notices/USN-5588-1 https://www.openwall.com/lists/oss-security/2022/08/09/6 https://www.zerodayinitiative.com/advisories/ZDI-22-1117/ Common Vulnerability Exposure (CVE) ID: CVE-2022-26373 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00706.html https://lists.debian.org/debian-lts-announce/2022/09/msg00011.html https://lists.debian.org/debian-lts-announce/2022/10/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2022-29900 Debian Security Information: DSA-5207 (Google Search) https://www.debian.org/security/2022/dsa-5207 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MYI3OMJ7RIZNL3C6GUWNANNPEUUID6FM/ https://security.gentoo.org/glsa/202402-07 https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability/ https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1037 Common Vulnerability Exposure (CVE) ID: CVE-2022-29901 https://comsec.ethz.ch/retbleed https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D4RW5FCIYFNCQOEFJEUIRW3DGYW7CWBG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M27MB3QFNIJV4EQQSXWARHP3OGX6CR6K/ https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html http://www.openwall.com/lists/oss-security/2022/07/12/4 http://www.openwall.com/lists/oss-security/2022/07/12/5 http://www.openwall.com/lists/oss-security/2022/07/12/2 http://www.openwall.com/lists/oss-security/2022/07/13/1 Common Vulnerability Exposure (CVE) ID: CVE-2022-36879 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=f85daf0e725358be78dfd208dea5fd665d8cb901 https://github.com/torvalds/linux/commit/f85daf0e725358be78dfd208dea5fd665d8cb901 Common Vulnerability Exposure (CVE) ID: CVE-2022-36946 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99a63d36cb3ed5ca3aa6fcb64cffbeaf3b0fb164 https://marc.info/?l=netfilter-devel&m=165883202007292&w=2 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |