A vulnerability in Linux kernel 5.8 and higher allows local users to gain root access. You can ream more and check if your Linux devices have the correct Linux kernel version in the Dirty Pipe blog post.
The error is related to checking the cleaned-up version number. After selecting each version component, it is converted to a number field, you probably have a Linux version like 5.a5.10. Because of the letter, it can't convert it to a number.
I adjusted the query on the report page to do some validation that the data it tries to convert is a number. The updated report is also below.
Select Top 1000000 tblAssets.AssetID, tblAssets.AssetName, tblAssets.Domain, tblAssets.Username, tblAssets.Userdomain, Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon, tblAssets.IPAddress, tsysIPLocations.IPLocation, tblAssetCustom.Manufacturer, tblAssetCustom.Model, tblLinuxSystem.osrelease, tblLinuxSystem.kernelrelease, S1.KernelVersion As [Kernel Version Cleaned], Case When Len(tblLinuxSystem.kernelrelease) - Len(Replace(tblLinuxSystem.kernelrelease, '.', '')) < 2 Then '' When IsNumeric(ParseName(S1.KernelVersion, 3)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 2)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 1)) = 1 And Cast(ParseName(S1.KernelVersion, 3) As bigint) = 5 And Cast(ParseName(S1.KernelVersion, 2) As bigint) = 10 And Cast(ParseName(S1.KernelVersion, 1) As bigint) >= 102 Then 'Safe' When IsNumeric(ParseName(S1.KernelVersion, 3)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 2)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 1)) = 1 And Cast(ParseName(S1.KernelVersion, 3) As bigint) = 5 And Cast(ParseName(S1.KernelVersion, 2) As bigint) = 15 And Cast(ParseName(S1.KernelVersion, 1) As bigint) >= 25 Then 'Safe' When IsNumeric(ParseName(S1.KernelVersion, 3)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 2)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 1)) = 1 And Cast(ParseName(S1.KernelVersion, 3) As bigint) = 5 And Cast(ParseName(S1.KernelVersion, 2) As bigint) = 16 And Cast(ParseName(S1.KernelVersion, 1) As bigint) >= 11 Then 'Safe' Else 'Vulnerable' End As [Safe/Vulnerable], Case When tblErrors.ErrorText Is Not Null Or tblErrors.ErrorText != '' Then 'Scanning Error: ' + tsysasseterrortypes.ErrorMsg Else '' End As ScanningErrors, tblAssets.Lastseen, tblAssets.Lasttried, Case When Len(tblLinuxSystem.kernelrelease) - Len(Replace(tblLinuxSystem.kernelrelease, '.', '')) < 2 Then '' When IsNumeric(ParseName(S1.KernelVersion, 3)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 2)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 1)) = 1 And Cast(ParseName(S1.KernelVersion, 3) As bigint) = 5 And Cast(ParseName(S1.KernelVersion, 2) As bigint) = 10 And Cast(ParseName(S1.KernelVersion, 1) As bigint) >= 102 Then '#d4f4be' When IsNumeric(ParseName(S1.KernelVersion, 3)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 2)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 1)) = 1 And Cast(ParseName(S1.KernelVersion, 3) As bigint) = 5 And Cast(ParseName(S1.KernelVersion, 2) As bigint) = 15 And Cast(ParseName(S1.KernelVersion, 1) As bigint) >= 25 Then '#d4f4be' When IsNumeric(ParseName(S1.KernelVersion, 3)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 2)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 1)) = 1 And Cast(ParseName(S1.KernelVersion, 3) As bigint) = 5 And Cast(ParseName(S1.KernelVersion, 2) As bigint) = 16 And Cast(ParseName(S1.KernelVersion, 1) As bigint) >= 11 Then '#d4f4be' Else '#ffadad' End As backgroundcolor From tblAssets Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype Inner Join tsysIPLocations On tsysIPLocations.LocationID = tblAssets.LocationID Inner Join tblLinuxSystem On tblLinuxSystem.AssetID = tblAssets.AssetID Left Join (Select tblLinuxSystem.AssetID, Case When tblLinuxSystem.kernelrelease Like '%-%' Then Left(tblLinuxSystem.kernelrelease, CharIndex('-', tblLinuxSystem.kernelrelease) - 1) End As KernelVersion From tblLinuxSystem) As S1 On S1.AssetID = tblAssets.AssetID Inner Join tblState On tblState.State = tblAssetCustom.State Left Join tsysOS On tsysOS.OScode = tblAssets.OScode Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID, Max(tblErrors.Teller) As ErrorID From tblErrors Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID = ScanningError.ID Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype = tblErrors.ErrorType Where tblState.Statename = 'Active' Order By tblAssets.Domain, tblAssets.AssetName
Esben, Could we get the 5.4.0-104 kernel version recognized, and update the report to also properly report on which Kernel versions are not impacted by this. I.E. Xenial/16.04 v4.4.0
https://ubuntu.com/security/CVE-2022-0847
Canonical urges all Ubuntu users to update their installations to the new Linux kernel versions available in the stable repositories (linux-image 5.13.0.35.44 for Ubuntu 21.10 and Ubuntu 20.04.4 LTS, linux-image 5.4.0.104.108 for Ubuntu 20.04 LTS, as well as linux-image-hwe 5.4.0.104.118~18.04.89 for Ubuntu 18.04.6 LTS).
Canonical released today Ubuntu 20.04.4 as the fourth point release for its long-term supported Ubuntu 20.04 LTS (Focal Fossa) operating system series.
Released on April 23rd, 2020, the Ubuntu 20.04 LTS (Focal Fossa) operating system series is a long-term supported one that will receive software and security updates for a least five years, until April 2025, on the desktop.
Canonical also provides the community with up-to-date installation media every six months incorporating newer Linux kernel and Mesa graphics stacks. The Ubuntu 20.04.4 point release is here with Linux kernel 5.13 and Mesa 21.2.6 graphics stacks from Ubuntu 21.10 (Impish Indri).
However, the Linux 5.13 HWE (Hardware Enablement) kernel included in the Ubuntu 20.04.4 point release is intended only for new installations. Therefore, users running Ubuntu 20.04 LTS with the stock kernel (e.g. Linux 5.4), won’t receive the newer kernel when performing an upgrade. They will have to manually install it if they want to use the newer kernel from Ubuntu 21.10.
for future reference, you can add other versions manually by adding the following to the query and adjust the highlighted:
In the first [Safe/Vulnerable] case statement
When IsNumeric(ParseName(S1.KernelVersion, 3)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 2)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 1)) = 1 And Cast(ParseName(S1.KernelVersion, 3) As bigint) = 5 And Cast(ParseName(S1.KernelVersion, 2) As bigint) = 4 And Cast(ParseName(S1.KernelVersion, 1) As bigint) >= 0 Then 'Safe'
In the backgroundcolor case statement:
When IsNumeric(ParseName(S1.KernelVersion, 3)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 2)) = 1 And IsNumeric(ParseName(S1.KernelVersion, 1)) = 1 And Cast(ParseName(S1.KernelVersion, 3) As bigint) = 5 And Cast(ParseName(S1.KernelVersion, 2) As bigint) = 4 And Cast(ParseName(S1.KernelVersion, 1) As bigint) >= 0 Then '#d4f4be'
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.