Detections
Analytics
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:0688-1)
high Nessus Plugin ID 134624
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The SUSE Linux Enterprise 15-SP1 kernel-RT was updated to 4.12.14 to receive various security and bugfixes.The following security bugs were fixed :
CVE-2020-8992: Fixed an issue in ext4_protect_reserved_inode in fs/ext4/block_validity.c that allowed attackers to cause a soft lockup via a crafted journal size (bsc#1164069).
CVE-2020-8648: Fixed a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928).
CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Module for Realtime 15-SP1:zypper in -t patch SUSE-SLE-Module-RT-15-SP1-2020-688=1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-688=1
See Also
https://bugzilla.suse.com/show_bug.cgi?id=1050549
https://bugzilla.suse.com/show_bug.cgi?id=1051510
https://bugzilla.suse.com/show_bug.cgi?id=1061840
https://bugzilla.suse.com/show_bug.cgi?id=1065600
https://bugzilla.suse.com/show_bug.cgi?id=1065729
https://bugzilla.suse.com/show_bug.cgi?id=1071995
https://bugzilla.suse.com/show_bug.cgi?id=1088810
https://bugzilla.suse.com/show_bug.cgi?id=1105392
https://bugzilla.suse.com/show_bug.cgi?id=1111666
https://bugzilla.suse.com/show_bug.cgi?id=1112178
https://bugzilla.suse.com/show_bug.cgi?id=1112504
https://bugzilla.suse.com/show_bug.cgi?id=1114279
https://bugzilla.suse.com/show_bug.cgi?id=1118338
https://bugzilla.suse.com/show_bug.cgi?id=1133021
https://bugzilla.suse.com/show_bug.cgi?id=1133147
https://bugzilla.suse.com/show_bug.cgi?id=1140025
https://bugzilla.suse.com/show_bug.cgi?id=1142685
https://bugzilla.suse.com/show_bug.cgi?id=1144162
https://bugzilla.suse.com/show_bug.cgi?id=1157424
https://bugzilla.suse.com/show_bug.cgi?id=1157480
https://bugzilla.suse.com/show_bug.cgi?id=1157966
https://bugzilla.suse.com/show_bug.cgi?id=1158013
https://bugzilla.suse.com/show_bug.cgi?id=1159271
https://bugzilla.suse.com/show_bug.cgi?id=1160218
https://bugzilla.suse.com/show_bug.cgi?id=1160979
https://bugzilla.suse.com/show_bug.cgi?id=1161360
https://bugzilla.suse.com/show_bug.cgi?id=1161702
https://bugzilla.suse.com/show_bug.cgi?id=1161907
https://bugzilla.suse.com/show_bug.cgi?id=1162557
https://bugzilla.suse.com/show_bug.cgi?id=1162617
https://bugzilla.suse.com/show_bug.cgi?id=1162618
https://bugzilla.suse.com/show_bug.cgi?id=1162619
https://bugzilla.suse.com/show_bug.cgi?id=1162623
https://bugzilla.suse.com/show_bug.cgi?id=1162928
https://bugzilla.suse.com/show_bug.cgi?id=1162943
https://bugzilla.suse.com/show_bug.cgi?id=1163206
https://bugzilla.suse.com/show_bug.cgi?id=1163383
https://bugzilla.suse.com/show_bug.cgi?id=1163384
https://bugzilla.suse.com/show_bug.cgi?id=1163762
https://bugzilla.suse.com/show_bug.cgi?id=1163774
https://bugzilla.suse.com/show_bug.cgi?id=1163836
https://bugzilla.suse.com/show_bug.cgi?id=1163840
https://bugzilla.suse.com/show_bug.cgi?id=1163841
https://bugzilla.suse.com/show_bug.cgi?id=1163842
https://bugzilla.suse.com/show_bug.cgi?id=1163843
https://bugzilla.suse.com/show_bug.cgi?id=1163844
https://bugzilla.suse.com/show_bug.cgi?id=1163845
https://bugzilla.suse.com/show_bug.cgi?id=1163846
https://bugzilla.suse.com/show_bug.cgi?id=1163849
https://bugzilla.suse.com/show_bug.cgi?id=1163850
https://bugzilla.suse.com/show_bug.cgi?id=1163851
https://bugzilla.suse.com/show_bug.cgi?id=1163852
https://bugzilla.suse.com/show_bug.cgi?id=1163853
https://bugzilla.suse.com/show_bug.cgi?id=1163855
https://bugzilla.suse.com/show_bug.cgi?id=1163856
https://bugzilla.suse.com/show_bug.cgi?id=1163857
https://bugzilla.suse.com/show_bug.cgi?id=1163858
https://bugzilla.suse.com/show_bug.cgi?id=1163859
https://bugzilla.suse.com/show_bug.cgi?id=1163860
https://bugzilla.suse.com/show_bug.cgi?id=1163861
https://bugzilla.suse.com/show_bug.cgi?id=1163862
https://bugzilla.suse.com/show_bug.cgi?id=1163863
https://bugzilla.suse.com/show_bug.cgi?id=1163867
https://bugzilla.suse.com/show_bug.cgi?id=1163869
https://bugzilla.suse.com/show_bug.cgi?id=1163880
https://bugzilla.suse.com/show_bug.cgi?id=1163971
https://bugzilla.suse.com/show_bug.cgi?id=1164051
https://bugzilla.suse.com/show_bug.cgi?id=1164069
https://bugzilla.suse.com/show_bug.cgi?id=1164098
https://bugzilla.suse.com/show_bug.cgi?id=1164115
https://bugzilla.suse.com/show_bug.cgi?id=1164314
https://bugzilla.suse.com/show_bug.cgi?id=1164315
https://bugzilla.suse.com/show_bug.cgi?id=1164388
https://bugzilla.suse.com/show_bug.cgi?id=1164471
https://bugzilla.suse.com/show_bug.cgi?id=1164598
https://bugzilla.suse.com/show_bug.cgi?id=1164632
https://bugzilla.suse.com/show_bug.cgi?id=1164705
https://bugzilla.suse.com/show_bug.cgi?id=1164712
https://bugzilla.suse.com/show_bug.cgi?id=1164727
https://bugzilla.suse.com/show_bug.cgi?id=1164728
https://bugzilla.suse.com/show_bug.cgi?id=1164729
https://bugzilla.suse.com/show_bug.cgi?id=1164730
https://bugzilla.suse.com/show_bug.cgi?id=1164731
https://bugzilla.suse.com/show_bug.cgi?id=1164732
https://bugzilla.suse.com/show_bug.cgi?id=1164733
https://bugzilla.suse.com/show_bug.cgi?id=1164734
https://bugzilla.suse.com/show_bug.cgi?id=1164735
https://www.suse.com/security/cve/CVE-2020-2732/
https://www.suse.com/security/cve/CVE-2020-8648/
Plugin Details
Severity: High
ID: 134624
File Name: suse_SU-2020-0688-1.nasl
Version: 1.4
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/16/2020
Updated: 3/21/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
CVSS v2
Risk Factor: Low
Base Score: 3.6
Temporal Score: 2.8
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:P
CVSS Score Source: CVE-2020-8648
CVSS v3
Risk Factor: High
Base Score: 7.1
Temporal Score: 6.4
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug, p-cpe:/a:novell:suse_linux:kernel-rt-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt-livepatch-devel, p-cpe:/a:novell:suse_linux:kernel-rt_debug-debuginfo, p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug, p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt_debug-debuginfo, p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug-debuginfo, p-cpe:/a:novell:suse_linux:dlm-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt-extra, p-cpe:/a:novell:suse_linux:kernel-rt_debug-base-debuginfo, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra, p-cpe:/a:novell:suse_linux:dlm-kmp-rt_debug, p-cpe:/a:novell:suse_linux:kernel-rt_debug, p-cpe:/a:novell:suse_linux:kernel-rt, p-cpe:/a:novell:suse_linux:kernel-rt-debugsource, p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel-debuginfo, p-cpe:/a:novell:suse_linux:dlm-kmp-rt, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt-extra-debuginfo, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt-base, p-cpe:/a:novell:suse_linux:kernel-rt_debug-extra-debuginfo, p-cpe:/a:novell:suse_linux:kselftests-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-syms-rt, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt, p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt_debug-debugsource, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt_debug, p-cpe:/a:novell:suse_linux:reiserfs-kmp-rt, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-rt_debug-livepatch-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt_debug, p-cpe:/a:novell:suse_linux:kselftests-kmp-rt_debug-debuginfo, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel, p-cpe:/a:novell:suse_linux:kselftests-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt_debug-base, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug, p-cpe:/a:novell:suse_linux:kernel-rt-debuginfo, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt_debug-debuginfo
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/13/2020
Vulnerability Publication Date: 2/6/2020