SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0739-1)

high Nessus Plugin ID 147454

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 12 SP5 kernel Azure was updated to receive various security and bugfixes.

The following security bugs was fixed :

CVE-2021-3348: Fixed a use-after-free read in nbd_queue_rq (bsc#1181504).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server 12-SP5 :

zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-739=1

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1065600

https://bugzilla.suse.com/show_bug.cgi?id=1065729

https://bugzilla.suse.com/show_bug.cgi?id=1078720

https://bugzilla.suse.com/show_bug.cgi?id=1081134

https://bugzilla.suse.com/show_bug.cgi?id=1084610

https://bugzilla.suse.com/show_bug.cgi?id=1114648

https://bugzilla.suse.com/show_bug.cgi?id=1163617

https://bugzilla.suse.com/show_bug.cgi?id=1163930

https://bugzilla.suse.com/show_bug.cgi?id=1169514

https://bugzilla.suse.com/show_bug.cgi?id=1170442

https://bugzilla.suse.com/show_bug.cgi?id=1176855

https://bugzilla.suse.com/show_bug.cgi?id=1177440

https://bugzilla.suse.com/show_bug.cgi?id=1178049

https://bugzilla.suse.com/show_bug.cgi?id=1179082

https://bugzilla.suse.com/show_bug.cgi?id=1179142

https://bugzilla.suse.com/show_bug.cgi?id=1179612

https://bugzilla.suse.com/show_bug.cgi?id=1179709

https://bugzilla.suse.com/show_bug.cgi?id=1180058

https://bugzilla.suse.com/show_bug.cgi?id=1181346

https://bugzilla.suse.com/show_bug.cgi?id=1181504

https://bugzilla.suse.com/show_bug.cgi?id=1181574

https://bugzilla.suse.com/show_bug.cgi?id=1181671

https://bugzilla.suse.com/show_bug.cgi?id=1181809

https://bugzilla.suse.com/show_bug.cgi?id=1181854

https://bugzilla.suse.com/show_bug.cgi?id=1181896

https://bugzilla.suse.com/show_bug.cgi?id=1181931

https://bugzilla.suse.com/show_bug.cgi?id=1181960

https://bugzilla.suse.com/show_bug.cgi?id=1181985

https://bugzilla.suse.com/show_bug.cgi?id=1181987

https://bugzilla.suse.com/show_bug.cgi?id=1181996

https://bugzilla.suse.com/show_bug.cgi?id=1181998

https://bugzilla.suse.com/show_bug.cgi?id=1182038

https://bugzilla.suse.com/show_bug.cgi?id=1182047

https://bugzilla.suse.com/show_bug.cgi?id=1182118

https://bugzilla.suse.com/show_bug.cgi?id=1182130

https://bugzilla.suse.com/show_bug.cgi?id=1182140

https://bugzilla.suse.com/show_bug.cgi?id=1182171

https://bugzilla.suse.com/show_bug.cgi?id=1182173

https://bugzilla.suse.com/show_bug.cgi?id=1182175

https://bugzilla.suse.com/show_bug.cgi?id=1182182

https://bugzilla.suse.com/show_bug.cgi?id=1182184

https://bugzilla.suse.com/show_bug.cgi?id=1182195

https://bugzilla.suse.com/show_bug.cgi?id=1182242

https://bugzilla.suse.com/show_bug.cgi?id=1182243

https://bugzilla.suse.com/show_bug.cgi?id=1182248

https://bugzilla.suse.com/show_bug.cgi?id=1182269

https://bugzilla.suse.com/show_bug.cgi?id=1182302

https://bugzilla.suse.com/show_bug.cgi?id=1182307

https://bugzilla.suse.com/show_bug.cgi?id=1182310

https://bugzilla.suse.com/show_bug.cgi?id=1182438

https://bugzilla.suse.com/show_bug.cgi?id=1182447

https://bugzilla.suse.com/show_bug.cgi?id=1182448

https://bugzilla.suse.com/show_bug.cgi?id=1182449

https://bugzilla.suse.com/show_bug.cgi?id=1182460

https://bugzilla.suse.com/show_bug.cgi?id=1182461

https://bugzilla.suse.com/show_bug.cgi?id=1182462

https://bugzilla.suse.com/show_bug.cgi?id=1182463

https://bugzilla.suse.com/show_bug.cgi?id=1182464

https://bugzilla.suse.com/show_bug.cgi?id=1182465

https://bugzilla.suse.com/show_bug.cgi?id=1182466

https://bugzilla.suse.com/show_bug.cgi?id=1182560

https://bugzilla.suse.com/show_bug.cgi?id=1182561

https://bugzilla.suse.com/show_bug.cgi?id=1182571

https://bugzilla.suse.com/show_bug.cgi?id=1182590

https://bugzilla.suse.com/show_bug.cgi?id=1182610

https://bugzilla.suse.com/show_bug.cgi?id=1182612

https://bugzilla.suse.com/show_bug.cgi?id=1182650

https://bugzilla.suse.com/show_bug.cgi?id=1182652

https://www.suse.com/security/cve/CVE-2021-3348/

http://www.nessus.org/u?c94f3760

Plugin Details

Severity: High

ID: 147454

File Name: suse_SU-2021-0739-1.nasl

Version: 1.3

Type: local

Agent: unix

Published: 3/10/2021

Updated: 1/11/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 4.4

Temporal Score: 3.3

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-3348

CVSS v3

Risk Factor: High

Base Score: 7

Temporal Score: 6.1

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-azure-debugsource, p-cpe:/a:novell:suse_linux:kernel-azure-base, p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-azure

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/9/2021

Vulnerability Publication Date: 2/1/2021

Reference Information

CVE: CVE-2021-3348