Detections
Analytics
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2020:2879-1)
high Nessus Plugin ID 143671
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.The following security bugs were fixed :
CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechanisms (bsc#1176990).
CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235).
CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc#1176721).
CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#1176725).
CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722).
CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423).
CVE-2020-2521: Fixed getxattr kernel panic and memory overflow (bsc#1176381).
CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482).
CVE-2020-14385: Fixed a failure of the file system metadata validator in XFS which could have caused an inode with a valid, user-creatable extended attribute to be flagged as corrupt (bsc#1176137).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Workstation Extension 15-SP2 :
zypper in -t patch SUSE-SLE-Product-WE-15-SP2-2020-2879=1
SUSE Linux Enterprise Module for Live Patching 15-SP2 :
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2020-2879=1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 :
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2020-2879=1
SUSE Linux Enterprise Module for Development Tools 15-SP2 :
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP2-2020-2879=1
SUSE Linux Enterprise Module for Basesystem 15-SP2 :
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-2879=1
SUSE Linux Enterprise High Availability 15-SP2 :
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2020-2879=1
See Also
https://bugzilla.suse.com/show_bug.cgi?id=1055186
https://bugzilla.suse.com/show_bug.cgi?id=1058115
https://bugzilla.suse.com/show_bug.cgi?id=1065600
https://bugzilla.suse.com/show_bug.cgi?id=1065729
https://bugzilla.suse.com/show_bug.cgi?id=1094244
https://bugzilla.suse.com/show_bug.cgi?id=1136666
https://bugzilla.suse.com/show_bug.cgi?id=1152148
https://bugzilla.suse.com/show_bug.cgi?id=1152472
https://bugzilla.suse.com/show_bug.cgi?id=1152489
https://bugzilla.suse.com/show_bug.cgi?id=1153274
https://bugzilla.suse.com/show_bug.cgi?id=1154353
https://bugzilla.suse.com/show_bug.cgi?id=1155518
https://bugzilla.suse.com/show_bug.cgi?id=1155798
https://bugzilla.suse.com/show_bug.cgi?id=1156395
https://bugzilla.suse.com/show_bug.cgi?id=1167527
https://bugzilla.suse.com/show_bug.cgi?id=1176361
https://bugzilla.suse.com/show_bug.cgi?id=1176362
https://bugzilla.suse.com/show_bug.cgi?id=1176363
https://bugzilla.suse.com/show_bug.cgi?id=1176364
https://bugzilla.suse.com/show_bug.cgi?id=1176365
https://bugzilla.suse.com/show_bug.cgi?id=1176366
https://bugzilla.suse.com/show_bug.cgi?id=1176367
https://bugzilla.suse.com/show_bug.cgi?id=1176381
https://bugzilla.suse.com/show_bug.cgi?id=1176423
https://bugzilla.suse.com/show_bug.cgi?id=1176449
https://bugzilla.suse.com/show_bug.cgi?id=1176482
https://bugzilla.suse.com/show_bug.cgi?id=1176486
https://bugzilla.suse.com/show_bug.cgi?id=1176507
https://bugzilla.suse.com/show_bug.cgi?id=1176536
https://bugzilla.suse.com/show_bug.cgi?id=1176537
https://bugzilla.suse.com/show_bug.cgi?id=1176538
https://bugzilla.suse.com/show_bug.cgi?id=1176539
https://bugzilla.suse.com/show_bug.cgi?id=1176540
https://bugzilla.suse.com/show_bug.cgi?id=1176541
https://bugzilla.suse.com/show_bug.cgi?id=1176542
https://bugzilla.suse.com/show_bug.cgi?id=1176544
https://bugzilla.suse.com/show_bug.cgi?id=1176545
https://bugzilla.suse.com/show_bug.cgi?id=1176546
https://bugzilla.suse.com/show_bug.cgi?id=1176548
https://bugzilla.suse.com/show_bug.cgi?id=1176558
https://bugzilla.suse.com/show_bug.cgi?id=1176559
https://bugzilla.suse.com/show_bug.cgi?id=1176587
https://bugzilla.suse.com/show_bug.cgi?id=1176588
https://bugzilla.suse.com/show_bug.cgi?id=1176659
https://bugzilla.suse.com/show_bug.cgi?id=1170232
https://bugzilla.suse.com/show_bug.cgi?id=1170774
https://bugzilla.suse.com/show_bug.cgi?id=1171000
https://bugzilla.suse.com/show_bug.cgi?id=1171068
https://bugzilla.suse.com/show_bug.cgi?id=1171073
https://bugzilla.suse.com/show_bug.cgi?id=1171558
https://bugzilla.suse.com/show_bug.cgi?id=1171688
https://bugzilla.suse.com/show_bug.cgi?id=1171742
https://bugzilla.suse.com/show_bug.cgi?id=1172419
https://bugzilla.suse.com/show_bug.cgi?id=1172757
https://bugzilla.suse.com/show_bug.cgi?id=1172873
https://bugzilla.suse.com/show_bug.cgi?id=1173017
https://bugzilla.suse.com/show_bug.cgi?id=1173060
https://bugzilla.suse.com/show_bug.cgi?id=1173115
https://bugzilla.suse.com/show_bug.cgi?id=1173267
https://bugzilla.suse.com/show_bug.cgi?id=1173746
https://bugzilla.suse.com/show_bug.cgi?id=1174029
https://bugzilla.suse.com/show_bug.cgi?id=1174110
https://bugzilla.suse.com/show_bug.cgi?id=1174111
https://bugzilla.suse.com/show_bug.cgi?id=1174358
https://bugzilla.suse.com/show_bug.cgi?id=1174484
https://bugzilla.suse.com/show_bug.cgi?id=1174486
https://bugzilla.suse.com/show_bug.cgi?id=1174899
https://bugzilla.suse.com/show_bug.cgi?id=1175263
https://bugzilla.suse.com/show_bug.cgi?id=1175667
https://bugzilla.suse.com/show_bug.cgi?id=1175718
https://bugzilla.suse.com/show_bug.cgi?id=1175749
https://bugzilla.suse.com/show_bug.cgi?id=1175787
https://bugzilla.suse.com/show_bug.cgi?id=1175882
https://bugzilla.suse.com/show_bug.cgi?id=1175952
https://bugzilla.suse.com/show_bug.cgi?id=1175996
https://bugzilla.suse.com/show_bug.cgi?id=1175997
https://bugzilla.suse.com/show_bug.cgi?id=1175998
https://bugzilla.suse.com/show_bug.cgi?id=1175999
https://bugzilla.suse.com/show_bug.cgi?id=1176000
https://bugzilla.suse.com/show_bug.cgi?id=1176001
https://bugzilla.suse.com/show_bug.cgi?id=1176019
https://bugzilla.suse.com/show_bug.cgi?id=1176022
https://bugzilla.suse.com/show_bug.cgi?id=1176038
https://bugzilla.suse.com/show_bug.cgi?id=1176063
https://bugzilla.suse.com/show_bug.cgi?id=1176137
https://bugzilla.suse.com/show_bug.cgi?id=1176235
https://bugzilla.suse.com/show_bug.cgi?id=1176236
https://bugzilla.suse.com/show_bug.cgi?id=1176237
https://bugzilla.suse.com/show_bug.cgi?id=1176242
https://bugzilla.suse.com/show_bug.cgi?id=1176278
https://bugzilla.suse.com/show_bug.cgi?id=1176357
https://bugzilla.suse.com/show_bug.cgi?id=1176358
https://bugzilla.suse.com/show_bug.cgi?id=1176359
https://bugzilla.suse.com/show_bug.cgi?id=1176360
https://bugzilla.suse.com/show_bug.cgi?id=1177030
https://www.suse.com/security/cve/CVE-2020-0404/
https://www.suse.com/security/cve/CVE-2020-0427/
https://www.suse.com/security/cve/CVE-2020-0431/
https://www.suse.com/security/cve/CVE-2020-0432/
https://www.suse.com/security/cve/CVE-2020-14385/
https://www.suse.com/security/cve/CVE-2020-14390/
https://bugzilla.suse.com/show_bug.cgi?id=1176698
https://bugzilla.suse.com/show_bug.cgi?id=1176699
https://bugzilla.suse.com/show_bug.cgi?id=1176700
https://bugzilla.suse.com/show_bug.cgi?id=1176721
https://bugzilla.suse.com/show_bug.cgi?id=1176722
https://bugzilla.suse.com/show_bug.cgi?id=1176725
https://bugzilla.suse.com/show_bug.cgi?id=1176732
https://bugzilla.suse.com/show_bug.cgi?id=1176763
https://bugzilla.suse.com/show_bug.cgi?id=1176775
https://bugzilla.suse.com/show_bug.cgi?id=1176788
https://bugzilla.suse.com/show_bug.cgi?id=1176789
https://bugzilla.suse.com/show_bug.cgi?id=1176833
https://bugzilla.suse.com/show_bug.cgi?id=1176869
https://bugzilla.suse.com/show_bug.cgi?id=1176877
https://bugzilla.suse.com/show_bug.cgi?id=1176925
https://bugzilla.suse.com/show_bug.cgi?id=1176962
https://bugzilla.suse.com/show_bug.cgi?id=1176980
https://bugzilla.suse.com/show_bug.cgi?id=1176990
https://bugzilla.suse.com/show_bug.cgi?id=1177021
https://www.suse.com/security/cve/CVE-2020-2521/
https://www.suse.com/security/cve/CVE-2020-25284/
Plugin Details
Severity: High
ID: 143671
File Name: suse_SU-2020-2879-1.nasl
Version: 1.5
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/9/2020
Updated: 5/11/2022
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 4.6
Temporal Score: 3.4
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2020-14390
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS Score Source: CVE-2020-0432
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource, p-cpe:/a:novell:suse_linux:kernel-preempt, p-cpe:/a:novell:suse_linux:kernel-preempt-debuginfo, p-cpe:/a:novell:suse_linux:kernel-preempt-debugsource, p-cpe:/a:novell:suse_linux:kernel-preempt-devel, p-cpe:/a:novell:suse_linux:kernel-preempt-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 10/8/2020
Vulnerability Publication Date: 9/13/2020
Reference Information
CVE: CVE-2020-0404, CVE-2020-0427, CVE-2020-0431, CVE-2020-0432, CVE-2020-14385, CVE-2020-14390, CVE-2020-2521, CVE-2020-25284, CVE-2020-26088