語系:
https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-002.html
https://alas.aws.amazon.com/faqs.html
https://alas.aws.amazon.com/cve/html/CVE-2020-24586.html
https://alas.aws.amazon.com/cve/html/CVE-2020-24587.html
https://alas.aws.amazon.com/cve/html/CVE-2020-24588.html
https://alas.aws.amazon.com/cve/html/CVE-2020-26139.html
https://alas.aws.amazon.com/cve/html/CVE-2020-26141.html
https://alas.aws.amazon.com/cve/html/CVE-2020-26145.html
https://alas.aws.amazon.com/cve/html/CVE-2020-26147.html
https://alas.aws.amazon.com/cve/html/CVE-2020-26541.html
https://alas.aws.amazon.com/cve/html/CVE-2020-26558.html
https://alas.aws.amazon.com/cve/html/CVE-2020-36776.html
https://alas.aws.amazon.com/cve/html/CVE-2021-0129.html
https://alas.aws.amazon.com/cve/html/CVE-2021-3489.html
https://alas.aws.amazon.com/cve/html/CVE-2021-3490.html
https://alas.aws.amazon.com/cve/html/CVE-2021-3491.html
https://alas.aws.amazon.com/cve/html/CVE-2021-3506.html
https://alas.aws.amazon.com/cve/html/CVE-2021-3543.html
https://alas.aws.amazon.com/cve/html/CVE-2021-3564.html
https://alas.aws.amazon.com/cve/html/CVE-2021-3573.html
https://alas.aws.amazon.com/cve/html/CVE-2021-22543.html
https://alas.aws.amazon.com/cve/html/CVE-2021-28691.html
https://alas.aws.amazon.com/cve/html/CVE-2021-31440.html
https://alas.aws.amazon.com/cve/html/CVE-2021-32399.html
https://alas.aws.amazon.com/cve/html/CVE-2021-33034.html
https://alas.aws.amazon.com/cve/html/CVE-2021-33624.html
https://alas.aws.amazon.com/cve/html/CVE-2021-34693.html
https://alas.aws.amazon.com/cve/html/CVE-2021-38208.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46906.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46938.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46939.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46950.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46951.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46952.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46953.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46955.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46956.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46958.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46960.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46961.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46963.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46976.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46977.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46978.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46981.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46985.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46993.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46996.html
https://alas.aws.amazon.com/cve/html/CVE-2021-46997.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47000.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47001.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47006.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47009.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47010.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47011.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47013.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47015.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47035.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47110.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47131.html
https://alas.aws.amazon.com/cve/html/CVE-2021-47166.html
嚴重性: High
ID: 160459
檔案名稱: al2_ALASKERNEL-5_10-2022-002.nasl
版本: 1.14
類型: local
代理程式: unix
已發布: 2022/5/2
已更新: 2024/6/24
支援的感應器: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus
風險因素: Critical
分數: 9.5
風險因素: High
基本分數: 7.2
時間分數: 6.3
媒介: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS 評分資料來源: CVE-2021-3543
風險因素: High
基本分數: 8.8
時間分數: 8.4
媒介: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
時間媒介: CVSS:3.0/E:H/RL:O/RC:C
CVSS 評分資料來源: CVE-2021-3491
CPE: p-cpe:/a:amazon:linux:perf, p-cpe:/a:amazon:linux:bpftool, p-cpe:/a:amazon:linux:perf-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-debuginfo, p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64, p-cpe:/a:amazon:linux:kernel-tools, p-cpe:/a:amazon:linux:kernel-devel, p-cpe:/a:amazon:linux:python-perf-debuginfo, p-cpe:/a:amazon:linux:kernel, p-cpe:/a:amazon:linux:kernel-debuginfo, p-cpe:/a:amazon:linux:kernel-headers, cpe:/o:amazon:linux:2, p-cpe:/a:amazon:linux:bpftool-debuginfo, p-cpe:/a:amazon:linux:kernel-tools-devel, p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64, p-cpe:/a:amazon:linux:python-perf
必要的 KB 項目: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list
可被惡意程式利用: true
可輕鬆利用: Exploits are available
修補程式發佈日期: 2022/1/20
弱點發布日期: 2020/10/2
Core Impact
Metasploit (Linux eBPF ALU32 32-bit Invalid Bounds Tracking LPE)
CVE: CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26141, CVE-2020-26145, CVE-2020-26147, CVE-2020-26541, CVE-2020-26558, CVE-2020-36776, CVE-2021-0129, CVE-2021-22543, CVE-2021-28691, CVE-2021-31440, CVE-2021-32399, CVE-2021-33034, CVE-2021-33624, CVE-2021-34693, CVE-2021-3489, CVE-2021-3490, CVE-2021-3491, CVE-2021-3506, CVE-2021-3543, CVE-2021-3564, CVE-2021-3573, CVE-2021-38208, CVE-2021-46906, CVE-2021-46938, CVE-2021-46939, CVE-2021-46950, CVE-2021-46951, CVE-2021-46952, CVE-2021-46953, CVE-2021-46955, CVE-2021-46956, CVE-2021-46958, CVE-2021-46960, CVE-2021-46961, CVE-2021-46963, CVE-2021-46976, CVE-2021-46977, CVE-2021-46978, CVE-2021-46981, CVE-2021-46985, CVE-2021-46993, CVE-2021-46996, CVE-2021-46997, CVE-2021-47000, CVE-2021-47001, CVE-2021-47006, CVE-2021-47009, CVE-2021-47010, CVE-2021-47011, CVE-2021-47013, CVE-2021-47015, CVE-2021-47035, CVE-2021-47110, CVE-2021-47131, CVE-2021-47166, CVE-2021-47175, CVE-2021-47227
IAVA: 2021-A-0222-S, 2021-A-0223-S