SUSE SLES15 Security Update : kernel (SUSE-SU-2021:1211-1)

critical Nessus Plugin ID 148698

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 15 SP2 kernel RT was updated to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to be 0 leading to out of bounds read (bsc#1184170).

CVE-2021-3428: Fixed an integer overflow in ext4_es_cache_extent (bsc#1173485).

CVE-2021-29647: Fixed an issue in qrtr_recvmsg which could have allowed attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure (bsc#1184192 ).

CVE-2021-29265: Fixed an issue in usbip_sockfd_store which could have allowed attackers to cause a denial of service due to race conditions during an update of the local and shared status (bsc#1184167).

CVE-2021-29264: Fixed an issue in the Freescale Gianfar Ethernet driver which could have allowed attackers to cause a system crash due to a calculation of negative fragment size (bsc#1184168).

CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly (bsc#1184198).

CVE-2021-28971: Fixed an issue in intel_pmu_drain_pebs_nhm which could have caused a system crash because the PEBS status in a PEBS record was mishandled (bsc#1184196 ).

CVE-2021-28964: Fixed a race condition in get_old_root which could have allowed attackers to cause a denial of service (bsc#1184193).

CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc#1183646).

CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan (bsc#1183593 ).

CVE-2021-28375: Fixed an issue in fastrpc_internal_invoke which did not prevent user applications from sending kernel RPC messages (bsc#1183596).

CVE-2021-28038: Fixed an issue with the netback driver which was lacking necessary treatment of errors such as failed memory allocations (bsc#1183022).

CVE-2021-27365: Fixed an issue where an unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message (bsc#1182715).

CVE-2021-27364: Fixed an issue where an attacker could craft Netlink messages (bsc#1182717).

CVE-2021-27363: Fixed a kernel pointer leak which could have been used to determine the address of the iscsi_transport structure (bsc#1182716).

CVE-2020-35519: Fixed an out-of-bounds memory access was found in x25_bind (bsc#1183696).

CVE-2020-27815: Fixed an issue in JFS filesystem where could have allowed an attacker to execute code (bsc#1179454).

CVE-2020-27171: Fixed an off-by-one error affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory (bsc#1183775).

CVE-2020-27170: Fixed potential side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory (bsc#1183686).

CVE-2019-19769: Fixed a use-after-free in the perf_trace_lock_acquire function (bsc#1159280 ).

CVE-2019-18814: Fixed a use-after-free when aa_label_parse() fails in aa_audit_rule_init() (bsc#1156256).

CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed multiple bugs in NFC subsytem (bsc#1178181).

CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering destruction of a large SEV VM (bsc#1184511).

CVE-2021-29154: Fixed incorrect computation of branch displacements, allowing arbitrary code execution (bsc#1184391).

CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy (bsc#1184120).

CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).

CVE-2020-36310: Fixed infinite loop for certain nested page faults (bsc#1184512).

CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509 ).

CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop continually was finding the same bad inode (bsc#1184194).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Module for Realtime 15-SP2 :

zypper in -t patch SUSE-SLE-Module-RT-15-SP2-2021-1211=1

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1047233

https://bugzilla.suse.com/show_bug.cgi?id=1065729

https://bugzilla.suse.com/show_bug.cgi?id=1113295

https://bugzilla.suse.com/show_bug.cgi?id=1152472

https://bugzilla.suse.com/show_bug.cgi?id=1152489

https://bugzilla.suse.com/show_bug.cgi?id=1153274

https://bugzilla.suse.com/show_bug.cgi?id=1154353

https://bugzilla.suse.com/show_bug.cgi?id=1155518

https://bugzilla.suse.com/show_bug.cgi?id=1183252

https://bugzilla.suse.com/show_bug.cgi?id=1183277

https://bugzilla.suse.com/show_bug.cgi?id=1183278

https://bugzilla.suse.com/show_bug.cgi?id=1183279

https://bugzilla.suse.com/show_bug.cgi?id=1183280

https://bugzilla.suse.com/show_bug.cgi?id=1183281

https://bugzilla.suse.com/show_bug.cgi?id=1183282

https://bugzilla.suse.com/show_bug.cgi?id=1183283

https://bugzilla.suse.com/show_bug.cgi?id=1183284

https://bugzilla.suse.com/show_bug.cgi?id=1183285

https://bugzilla.suse.com/show_bug.cgi?id=1183286

https://bugzilla.suse.com/show_bug.cgi?id=1183287

https://bugzilla.suse.com/show_bug.cgi?id=1183288

https://bugzilla.suse.com/show_bug.cgi?id=1183366

https://bugzilla.suse.com/show_bug.cgi?id=1183369

https://bugzilla.suse.com/show_bug.cgi?id=1183386

https://bugzilla.suse.com/show_bug.cgi?id=1183405

https://bugzilla.suse.com/show_bug.cgi?id=1183412

https://bugzilla.suse.com/show_bug.cgi?id=1183416

https://bugzilla.suse.com/show_bug.cgi?id=1183427

https://bugzilla.suse.com/show_bug.cgi?id=1183428

https://bugzilla.suse.com/show_bug.cgi?id=1183445

https://bugzilla.suse.com/show_bug.cgi?id=1183447

https://bugzilla.suse.com/show_bug.cgi?id=1183501

https://bugzilla.suse.com/show_bug.cgi?id=1183509

https://bugzilla.suse.com/show_bug.cgi?id=1183530

https://bugzilla.suse.com/show_bug.cgi?id=1183534

https://bugzilla.suse.com/show_bug.cgi?id=1183540

https://bugzilla.suse.com/show_bug.cgi?id=1183593

https://bugzilla.suse.com/show_bug.cgi?id=1183596

https://bugzilla.suse.com/show_bug.cgi?id=1183598

https://bugzilla.suse.com/show_bug.cgi?id=1183637

https://bugzilla.suse.com/show_bug.cgi?id=1156256

https://bugzilla.suse.com/show_bug.cgi?id=1156395

https://bugzilla.suse.com/show_bug.cgi?id=1159280

https://bugzilla.suse.com/show_bug.cgi?id=1160634

https://bugzilla.suse.com/show_bug.cgi?id=1167773

https://bugzilla.suse.com/show_bug.cgi?id=1168777

https://bugzilla.suse.com/show_bug.cgi?id=1169514

https://bugzilla.suse.com/show_bug.cgi?id=1169709

https://bugzilla.suse.com/show_bug.cgi?id=1171295

https://bugzilla.suse.com/show_bug.cgi?id=1173485

https://bugzilla.suse.com/show_bug.cgi?id=1177326

https://bugzilla.suse.com/show_bug.cgi?id=1178163

https://bugzilla.suse.com/show_bug.cgi?id=1178181

https://bugzilla.suse.com/show_bug.cgi?id=1178330

https://bugzilla.suse.com/show_bug.cgi?id=1179454

https://bugzilla.suse.com/show_bug.cgi?id=1180197

https://bugzilla.suse.com/show_bug.cgi?id=1180980

https://bugzilla.suse.com/show_bug.cgi?id=1181383

https://bugzilla.suse.com/show_bug.cgi?id=1181507

https://bugzilla.suse.com/show_bug.cgi?id=1181674

https://bugzilla.suse.com/show_bug.cgi?id=1181862

https://bugzilla.suse.com/show_bug.cgi?id=1182011

https://bugzilla.suse.com/show_bug.cgi?id=1182077

https://bugzilla.suse.com/show_bug.cgi?id=1182485

https://bugzilla.suse.com/show_bug.cgi?id=1182552

https://bugzilla.suse.com/show_bug.cgi?id=1182574

https://bugzilla.suse.com/show_bug.cgi?id=1182591

https://bugzilla.suse.com/show_bug.cgi?id=1182595

https://bugzilla.suse.com/show_bug.cgi?id=1182712

https://bugzilla.suse.com/show_bug.cgi?id=1182713

https://bugzilla.suse.com/show_bug.cgi?id=1182715

https://bugzilla.suse.com/show_bug.cgi?id=1182716

https://bugzilla.suse.com/show_bug.cgi?id=1182717

https://bugzilla.suse.com/show_bug.cgi?id=1182770

https://bugzilla.suse.com/show_bug.cgi?id=1182989

https://bugzilla.suse.com/show_bug.cgi?id=1183015

https://bugzilla.suse.com/show_bug.cgi?id=1183018

https://bugzilla.suse.com/show_bug.cgi?id=1183022

https://bugzilla.suse.com/show_bug.cgi?id=1183646

https://bugzilla.suse.com/show_bug.cgi?id=1183662

https://bugzilla.suse.com/show_bug.cgi?id=1183686

https://bugzilla.suse.com/show_bug.cgi?id=1183692

https://bugzilla.suse.com/show_bug.cgi?id=1183696

https://bugzilla.suse.com/show_bug.cgi?id=1183750

https://bugzilla.suse.com/show_bug.cgi?id=1183757

https://bugzilla.suse.com/show_bug.cgi?id=1183775

https://bugzilla.suse.com/show_bug.cgi?id=1183843

https://bugzilla.suse.com/show_bug.cgi?id=1183859

https://bugzilla.suse.com/show_bug.cgi?id=1183871

https://bugzilla.suse.com/show_bug.cgi?id=1184074

https://bugzilla.suse.com/show_bug.cgi?id=1184120

https://bugzilla.suse.com/show_bug.cgi?id=1184167

https://bugzilla.suse.com/show_bug.cgi?id=1184168

https://bugzilla.suse.com/show_bug.cgi?id=1184170

https://bugzilla.suse.com/show_bug.cgi?id=1184176

https://bugzilla.suse.com/show_bug.cgi?id=1184192

https://bugzilla.suse.com/show_bug.cgi?id=1184193

https://bugzilla.suse.com/show_bug.cgi?id=1184194

https://bugzilla.suse.com/show_bug.cgi?id=1184196

https://bugzilla.suse.com/show_bug.cgi?id=1184198

https://bugzilla.suse.com/show_bug.cgi?id=1184211

https://bugzilla.suse.com/show_bug.cgi?id=1184217

https://bugzilla.suse.com/show_bug.cgi?id=1184218

https://bugzilla.suse.com/show_bug.cgi?id=1184219

https://bugzilla.suse.com/show_bug.cgi?id=1184220

https://bugzilla.suse.com/show_bug.cgi?id=1184224

https://bugzilla.suse.com/show_bug.cgi?id=1184388

https://bugzilla.suse.com/show_bug.cgi?id=1184391

https://bugzilla.suse.com/show_bug.cgi?id=1184393

https://bugzilla.suse.com/show_bug.cgi?id=1184509

https://bugzilla.suse.com/show_bug.cgi?id=1184511

https://bugzilla.suse.com/show_bug.cgi?id=1184512

https://bugzilla.suse.com/show_bug.cgi?id=1184514

https://bugzilla.suse.com/show_bug.cgi?id=1184583

https://bugzilla.suse.com/show_bug.cgi?id=1184647

https://www.suse.com/security/cve/CVE-2019-18814/

https://www.suse.com/security/cve/CVE-2019-19769/

https://www.suse.com/security/cve/CVE-2020-25670/

https://www.suse.com/security/cve/CVE-2020-25671/

https://www.suse.com/security/cve/CVE-2020-25672/

https://www.suse.com/security/cve/CVE-2020-25673/

https://www.suse.com/security/cve/CVE-2020-27170/

https://www.suse.com/security/cve/CVE-2020-27171/

https://www.suse.com/security/cve/CVE-2020-27815/

https://www.suse.com/security/cve/CVE-2020-35519/

https://www.suse.com/security/cve/CVE-2020-36310/

https://www.suse.com/security/cve/CVE-2020-36311/

https://www.suse.com/security/cve/CVE-2020-36312/

https://www.suse.com/security/cve/CVE-2021-27363/

https://www.suse.com/security/cve/CVE-2021-27364/

https://www.suse.com/security/cve/CVE-2021-27365/

https://www.suse.com/security/cve/CVE-2021-28038/

https://www.suse.com/security/cve/CVE-2021-28375/

https://www.suse.com/security/cve/CVE-2021-28660/

https://www.suse.com/security/cve/CVE-2021-28688/

https://www.suse.com/security/cve/CVE-2021-28950/

https://www.suse.com/security/cve/CVE-2021-28964/

https://www.suse.com/security/cve/CVE-2021-28971/

https://www.suse.com/security/cve/CVE-2021-28972/

https://www.suse.com/security/cve/CVE-2021-29154/

https://www.suse.com/security/cve/CVE-2021-29264/

https://www.suse.com/security/cve/CVE-2021-29265/

https://www.suse.com/security/cve/CVE-2021-29647/

https://www.suse.com/security/cve/CVE-2021-30002/

https://www.suse.com/security/cve/CVE-2021-3428/

https://www.suse.com/security/cve/CVE-2021-3444/

https://www.suse.com/security/cve/CVE-2021-3483/

http://www.nessus.org/u?3f6d73a2

https://bugzilla.suse.com/show_bug.cgi?id=1183023

https://bugzilla.suse.com/show_bug.cgi?id=1183048

Plugin Details

Severity: Critical

ID: 148698

File Name: suse_SU-2021-1211-1.nasl

Version: 1.5

Type: local

Agent: unix

Published: 4/16/2021

Updated: 1/4/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2021-28660

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2019-18814

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-rt-devel, p-cpe:/a:novell:suse_linux:kernel-rt_debug-debuginfo, p-cpe:/a:novell:suse_linux:dlm-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel-debuginfo, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt, p-cpe:/a:novell:suse_linux:dlm-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt-debugsource, p-cpe:/a:novell:suse_linux:kernel-syms-rt, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt_debug-debugsource, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt-debuginfo, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel, p-cpe:/a:novell:suse_linux:kernel-rt-debuginfo

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/15/2021

Vulnerability Publication Date: 11/7/2019

Reference Information

CVE: CVE-2019-18814, CVE-2019-19769, CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673, CVE-2020-27170, CVE-2020-27171, CVE-2020-27815, CVE-2020-35519, CVE-2020-36310, CVE-2020-36311, CVE-2020-36312, CVE-2021-27363, CVE-2021-27364, CVE-2021-27365, CVE-2021-28038, CVE-2021-28375, CVE-2021-28660, CVE-2021-28688, CVE-2021-28950, CVE-2021-28964, CVE-2021-28971, CVE-2021-28972, CVE-2021-29154, CVE-2021-29264, CVE-2021-29265, CVE-2021-29647, CVE-2021-30002, CVE-2021-3428, CVE-2021-3444, CVE-2021-3483