Detections
Analytics
SUSE SLES15 Security Update : kernel (SUSE-SU-2021:0108-1)
critical Nessus Plugin ID 144959
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.The following security bugs were fixed :
CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180559).
CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls (bsc#1179960).
CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180031).
CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086).
CVE-2020-0444: Fixed a bad kfree due to a logic error in audit_data_to_entry (bnc#1180027).
CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029).
CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179745).
CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bnc#1179745).
CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction Services (RTAS) interface, affecting guests running on top of PowerVM or KVM hypervisors (bnc#1179107).
CVE-2020-29373: Fixed an unsafe handling of the root directory during path lookups in fs/io_uring.c (bnc#1179434).
CVE-2020-11668: Fixed the mishandling of invalid descriptors in the Xirlink camera USB driver (bnc#1168952).
CVE-2020-27830: Fixed a NULL pointer dereference in speakup (bsc#1179656).
CVE-2020-29370: Fixed a race condition in kmem_cache_alloc_bulk (bnc#1179435).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Module for Realtime 15-SP2 :
zypper in -t patch SUSE-SLE-Module-RT-15-SP2-2021-108=1
See Also
https://bugzilla.suse.com/show_bug.cgi?id=1040855
https://bugzilla.suse.com/show_bug.cgi?id=1044120
https://bugzilla.suse.com/show_bug.cgi?id=1044767
https://bugzilla.suse.com/show_bug.cgi?id=1055117
https://bugzilla.suse.com/show_bug.cgi?id=1065729
https://bugzilla.suse.com/show_bug.cgi?id=1094840
https://bugzilla.suse.com/show_bug.cgi?id=1109695
https://bugzilla.suse.com/show_bug.cgi?id=1115431
https://bugzilla.suse.com/show_bug.cgi?id=1138374
https://bugzilla.suse.com/show_bug.cgi?id=1149032
https://bugzilla.suse.com/show_bug.cgi?id=1152457
https://bugzilla.suse.com/show_bug.cgi?id=1152472
https://bugzilla.suse.com/show_bug.cgi?id=1152489
https://bugzilla.suse.com/show_bug.cgi?id=1155518
https://bugzilla.suse.com/show_bug.cgi?id=1156315
https://bugzilla.suse.com/show_bug.cgi?id=1156395
https://bugzilla.suse.com/show_bug.cgi?id=1163727
https://bugzilla.suse.com/show_bug.cgi?id=1165933
https://bugzilla.suse.com/show_bug.cgi?id=1167657
https://bugzilla.suse.com/show_bug.cgi?id=1168952
https://bugzilla.suse.com/show_bug.cgi?id=1171000
https://bugzilla.suse.com/show_bug.cgi?id=1171078
https://bugzilla.suse.com/show_bug.cgi?id=1171688
https://bugzilla.suse.com/show_bug.cgi?id=1172145
https://bugzilla.suse.com/show_bug.cgi?id=1172733
https://bugzilla.suse.com/show_bug.cgi?id=1174486
https://bugzilla.suse.com/show_bug.cgi?id=1175079
https://bugzilla.suse.com/show_bug.cgi?id=1175480
https://bugzilla.suse.com/show_bug.cgi?id=1176396
https://bugzilla.suse.com/show_bug.cgi?id=1176942
https://bugzilla.suse.com/show_bug.cgi?id=1177326
https://bugzilla.suse.com/show_bug.cgi?id=1177500
https://bugzilla.suse.com/show_bug.cgi?id=1177666
https://bugzilla.suse.com/show_bug.cgi?id=1177679
https://bugzilla.suse.com/show_bug.cgi?id=1177733
https://bugzilla.suse.com/show_bug.cgi?id=1178049
https://bugzilla.suse.com/show_bug.cgi?id=1178203
https://bugzilla.suse.com/show_bug.cgi?id=1178270
https://bugzilla.suse.com/show_bug.cgi?id=1178612
https://bugzilla.suse.com/show_bug.cgi?id=1178660
https://bugzilla.suse.com/show_bug.cgi?id=1178780
https://bugzilla.suse.com/show_bug.cgi?id=1179107
https://bugzilla.suse.com/show_bug.cgi?id=1179204
https://bugzilla.suse.com/show_bug.cgi?id=1179419
https://bugzilla.suse.com/show_bug.cgi?id=1179434
https://bugzilla.suse.com/show_bug.cgi?id=1179435
https://bugzilla.suse.com/show_bug.cgi?id=1179519
https://bugzilla.suse.com/show_bug.cgi?id=1179575
https://bugzilla.suse.com/show_bug.cgi?id=1179604
https://bugzilla.suse.com/show_bug.cgi?id=1179652
https://bugzilla.suse.com/show_bug.cgi?id=1179656
https://bugzilla.suse.com/show_bug.cgi?id=1179670
https://bugzilla.suse.com/show_bug.cgi?id=1179671
https://bugzilla.suse.com/show_bug.cgi?id=1179672
https://bugzilla.suse.com/show_bug.cgi?id=1179673
https://bugzilla.suse.com/show_bug.cgi?id=1179675
https://bugzilla.suse.com/show_bug.cgi?id=1179676
https://bugzilla.suse.com/show_bug.cgi?id=1179677
https://bugzilla.suse.com/show_bug.cgi?id=1179678
https://bugzilla.suse.com/show_bug.cgi?id=1179679
https://bugzilla.suse.com/show_bug.cgi?id=1179680
https://bugzilla.suse.com/show_bug.cgi?id=1179681
https://bugzilla.suse.com/show_bug.cgi?id=1179682
https://bugzilla.suse.com/show_bug.cgi?id=1179683
https://bugzilla.suse.com/show_bug.cgi?id=1179684
https://bugzilla.suse.com/show_bug.cgi?id=1179685
https://bugzilla.suse.com/show_bug.cgi?id=1179687
https://bugzilla.suse.com/show_bug.cgi?id=1179688
https://bugzilla.suse.com/show_bug.cgi?id=1179689
https://bugzilla.suse.com/show_bug.cgi?id=1179690
https://bugzilla.suse.com/show_bug.cgi?id=1179703
https://bugzilla.suse.com/show_bug.cgi?id=1179704
https://bugzilla.suse.com/show_bug.cgi?id=1179707
https://bugzilla.suse.com/show_bug.cgi?id=1179709
https://bugzilla.suse.com/show_bug.cgi?id=1179710
https://bugzilla.suse.com/show_bug.cgi?id=1179711
https://bugzilla.suse.com/show_bug.cgi?id=1179712
https://bugzilla.suse.com/show_bug.cgi?id=1179713
https://bugzilla.suse.com/show_bug.cgi?id=1179714
https://bugzilla.suse.com/show_bug.cgi?id=1179715
https://bugzilla.suse.com/show_bug.cgi?id=1179716
https://bugzilla.suse.com/show_bug.cgi?id=1179745
https://bugzilla.suse.com/show_bug.cgi?id=1179763
https://bugzilla.suse.com/show_bug.cgi?id=1179888
https://bugzilla.suse.com/show_bug.cgi?id=1179892
https://bugzilla.suse.com/show_bug.cgi?id=1179896
https://bugzilla.suse.com/show_bug.cgi?id=1179960
https://bugzilla.suse.com/show_bug.cgi?id=1179963
https://bugzilla.suse.com/show_bug.cgi?id=1180027
https://bugzilla.suse.com/show_bug.cgi?id=1180029
https://bugzilla.suse.com/show_bug.cgi?id=1180031
https://bugzilla.suse.com/show_bug.cgi?id=1180052
https://bugzilla.suse.com/show_bug.cgi?id=1180056
https://bugzilla.suse.com/show_bug.cgi?id=1180086
https://bugzilla.suse.com/show_bug.cgi?id=1180117
https://bugzilla.suse.com/show_bug.cgi?id=1180258
https://bugzilla.suse.com/show_bug.cgi?id=1180261
https://bugzilla.suse.com/show_bug.cgi?id=1180349
https://bugzilla.suse.com/show_bug.cgi?id=1180506
https://bugzilla.suse.com/show_bug.cgi?id=1180541
https://bugzilla.suse.com/show_bug.cgi?id=1180559
https://bugzilla.suse.com/show_bug.cgi?id=1180566
https://www.suse.com/security/cve/CVE-2020-0444/
https://www.suse.com/security/cve/CVE-2020-0465/
https://www.suse.com/security/cve/CVE-2020-0466/
https://www.suse.com/security/cve/CVE-2020-11668/
https://www.suse.com/security/cve/CVE-2020-27068/
https://www.suse.com/security/cve/CVE-2020-27777/
https://www.suse.com/security/cve/CVE-2020-27825/
https://www.suse.com/security/cve/CVE-2020-27830/
https://www.suse.com/security/cve/CVE-2020-29370/
https://www.suse.com/security/cve/CVE-2020-29373/
https://www.suse.com/security/cve/CVE-2020-29660/
https://www.suse.com/security/cve/CVE-2020-29661/
Plugin Details
Severity: Critical
ID: 144959
File Name: suse_SU-2021-0108-1.nasl
Version: 1.5
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 1/14/2021
Updated: 2/9/2023
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2020-27068
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-rt-devel, p-cpe:/a:novell:suse_linux:kernel-rt_debug-debuginfo, p-cpe:/a:novell:suse_linux:dlm-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel-debuginfo, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt, p-cpe:/a:novell:suse_linux:dlm-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt-debugsource, p-cpe:/a:novell:suse_linux:kernel-syms-rt, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt_debug-debugsource, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel, p-cpe:/a:novell:suse_linux:kernel-rt-debuginfo
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/13/2021
Vulnerability Publication Date: 4/9/2020
Reference Information
CVE: CVE-2020-0444, CVE-2020-0465, CVE-2020-0466, CVE-2020-11668, CVE-2020-27068, CVE-2020-27777, CVE-2020-27825, CVE-2020-27830, CVE-2020-29370, CVE-2020-29373, CVE-2020-29660, CVE-2020-29661, CVE-2020-36158