Detections
Analytics
SUSE SLES12 Security Update : kernel (SUSE-SU-2021:2321-1)
high Nessus Plugin ID 151649
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2321-1 advisory.- An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. (CVE-2019-25045)
- The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. (CVE-2020-24588)
- Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time. (CVE-2020-26558)
- An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of- bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf. (CVE-2020-36386)
- Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. (CVE-2021-0129)
- In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel (CVE-2021-0512)
- In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476 (CVE-2021-0605)
- In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db. (CVE-2021-33624)
- net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (CVE-2021-34693)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1103990
https://bugzilla.suse.com/1103991
https://bugzilla.suse.com/1104353
https://bugzilla.suse.com/1113994
https://bugzilla.suse.com/1114648
https://bugzilla.suse.com/1129770
https://bugzilla.suse.com/1135481
https://bugzilla.suse.com/1136345
https://bugzilla.suse.com/1174978
https://bugzilla.suse.com/1179610
https://bugzilla.suse.com/1182470
https://bugzilla.suse.com/1185486
https://bugzilla.suse.com/1185677
https://bugzilla.suse.com/1185701
https://bugzilla.suse.com/1185861
https://bugzilla.suse.com/1185863
https://bugzilla.suse.com/1186206
https://bugzilla.suse.com/1186264
https://bugzilla.suse.com/1186463
https://bugzilla.suse.com/1186515
https://bugzilla.suse.com/1186516
https://bugzilla.suse.com/1186517
https://bugzilla.suse.com/1186518
https://bugzilla.suse.com/1186519
https://bugzilla.suse.com/1186520
https://bugzilla.suse.com/1186521
https://bugzilla.suse.com/1186522
https://bugzilla.suse.com/1186523
https://bugzilla.suse.com/1186524
https://bugzilla.suse.com/1186525
https://bugzilla.suse.com/1186526
https://bugzilla.suse.com/1186527
https://bugzilla.suse.com/1186528
https://bugzilla.suse.com/1186529
https://bugzilla.suse.com/1186530
https://bugzilla.suse.com/1186531
https://bugzilla.suse.com/1186532
https://bugzilla.suse.com/1186533
https://bugzilla.suse.com/1186534
https://bugzilla.suse.com/1186535
https://bugzilla.suse.com/1186537
https://bugzilla.suse.com/1186538
https://bugzilla.suse.com/1186539
https://bugzilla.suse.com/1186540
https://bugzilla.suse.com/1186541
https://bugzilla.suse.com/1186542
https://bugzilla.suse.com/1186543
https://bugzilla.suse.com/1186545
https://bugzilla.suse.com/1186546
https://bugzilla.suse.com/1186547
https://bugzilla.suse.com/1186548
https://bugzilla.suse.com/1186549
https://bugzilla.suse.com/1186550
https://bugzilla.suse.com/1186551
https://bugzilla.suse.com/1186552
https://bugzilla.suse.com/1186554
https://bugzilla.suse.com/1186555
https://bugzilla.suse.com/1186556
https://bugzilla.suse.com/1186627
https://bugzilla.suse.com/1186635
https://bugzilla.suse.com/1186638
https://bugzilla.suse.com/1186698
https://bugzilla.suse.com/1186699
https://bugzilla.suse.com/1186700
https://bugzilla.suse.com/1186701
https://bugzilla.suse.com/1187038
https://bugzilla.suse.com/1187049
https://bugzilla.suse.com/1187402
https://bugzilla.suse.com/1187404
https://bugzilla.suse.com/1187407
https://bugzilla.suse.com/1187408
https://bugzilla.suse.com/1187409
https://bugzilla.suse.com/1187411
https://bugzilla.suse.com/1187412
https://bugzilla.suse.com/1187452
https://bugzilla.suse.com/1187453
https://bugzilla.suse.com/1187455
https://bugzilla.suse.com/1187554
https://bugzilla.suse.com/1187595
https://bugzilla.suse.com/1187601
https://bugzilla.suse.com/1187630
https://bugzilla.suse.com/1187631
https://bugzilla.suse.com/1187833
https://bugzilla.suse.com/1187867
https://bugzilla.suse.com/1187972
https://www.suse.com/security/cve/CVE-2019-25045
https://www.suse.com/security/cve/CVE-2020-24588
https://www.suse.com/security/cve/CVE-2020-26558
https://www.suse.com/security/cve/CVE-2020-36386
https://www.suse.com/security/cve/CVE-2021-0129
https://www.suse.com/security/cve/CVE-2021-0512
https://www.suse.com/security/cve/CVE-2021-0605
https://www.suse.com/security/cve/CVE-2021-33624
Plugin Details
Severity: High
ID: 151649
File Name: suse_SU-2021-2321-1.nasl
Version: 1.6
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 7/15/2021
Updated: 7/13/2023
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 5.6
Temporal Score: 4.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C
CVSS Score Source: CVE-2020-36386
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
CVSS Score Source: CVE-2021-0512
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:kernel-azure-base, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-devel-azure, p-cpe:/a:novell:suse_linux:kernel-source-azure, p-cpe:/a:novell:suse_linux:kernel-syms-azure, cpe:/o:novell:suse_linux:12
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 7/14/2021
Vulnerability Publication Date: 5/11/2021
Reference Information
CVE: CVE-2019-25045, CVE-2020-24588, CVE-2020-26558, CVE-2020-36386, CVE-2021-0129, CVE-2021-0512, CVE-2021-0605, CVE-2021-33624, CVE-2021-34693
SuSE: SUSE-SU-2021:2321-1