SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:2520-1)

high Nessus Plugin ID 163378

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2520-1 advisory.

- Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage. (CVE-2021-26341)

- Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. (CVE-2021-33061)

- An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information. (CVE-2021-4204)

- In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a move_data_page NULL pointer dereference. (CVE-2021-44879)

- The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a pointer leak. (CVE-2021-45402)

- A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures.
Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. This flaws affects kernel versions < v5.16-rc6 (CVE-2022-0264)

- A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)

- A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)

- A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem. (CVE-2022-1012)

- A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)

- A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel's filesystem sub- component. This flaw allows a local attacker with a user privilege to cause a denial of service.
(CVE-2022-1184)

- A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.
(CVE-2022-1198)

- A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.
(CVE-2022-1205)

- An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read unauthorized random data from memory. (CVE-2022-1462)

- An out-of-bounds read flaw was found in the Linux kernel's io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds. (CVE-2022-1508)

- A memory leak flaw was found in the Linux kernel in acrn_dev_ioctl in the drivers/virt/acrn/hsm.c function in how the ACRN Device Model emulates virtual NICs in VM. This flaw allows a local privileged attacker to leak unauthorized kernel information, causing a denial of service. (CVE-2022-1651)

- Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. (CVE-2022-1652)

- A NULL pointer dereference flaw was found in rxrpc_preparse_s in net/rxrpc/server_key.c in the Linux kernel. This flaw allows a local attacker to crash the system or leak internal kernel information.
(CVE-2022-1671)

- A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1679)

- A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc. (CVE-2022-1729)

- A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.
(CVE-2022-1734)

- With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.
(CVE-2022-1789)

- A NULL pointer dereference flaw was found in the Linux kernel's KVM module, which can lead to a denial of service in the x86_emulate_insn in arch/x86/kvm/emulate.c. This flaw occurs while executing an illegal instruction in guest in the Intel CPU. (CVE-2022-1852)

- A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information. (CVE-2022-1974)

- A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-1998)

- In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel (CVE-2022-20132)

- In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel (CVE-2022-20154)

- Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2022-21123)

- Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2022-21125)

- Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2022-21127)

- Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2022-21166)

- Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access. (CVE-2022-21180)

- KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown.
An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. (CVE-2022-21499)

- There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges. (CVE-2022-2318)

- kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. (CVE-2022-23222)

- Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend (CVE-2022-26365, CVE-2022-33740).
Additionally the granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend (CVE-2022-33741, CVE-2022-33742). (CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742)

- st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)

- In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. (CVE-2022-29582)

- Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-29900)

- Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-29901)

- The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. (CVE-2022-30594)

- network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed. (CVE-2022-33743)

- drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.
(CVE-2022-33981)

- An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c. (CVE-2022-34918)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1055117

https://bugzilla.suse.com/1061840

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1071995

https://bugzilla.suse.com/1089644

https://bugzilla.suse.com/1103269

https://bugzilla.suse.com/1118212

https://bugzilla.suse.com/1121726

https://bugzilla.suse.com/1137728

https://bugzilla.suse.com/1156395

https://bugzilla.suse.com/1157038

https://bugzilla.suse.com/1157923

https://bugzilla.suse.com/1175667

https://bugzilla.suse.com/1179439

https://bugzilla.suse.com/1179639

https://bugzilla.suse.com/1180814

https://bugzilla.suse.com/1183682

https://bugzilla.suse.com/1183872

https://bugzilla.suse.com/1184318

https://bugzilla.suse.com/1184924

https://bugzilla.suse.com/1187716

https://bugzilla.suse.com/1188885

https://bugzilla.suse.com/1189998

https://bugzilla.suse.com/1190137

https://bugzilla.suse.com/1190208

https://bugzilla.suse.com/1190336

https://bugzilla.suse.com/1190497

https://bugzilla.suse.com/1190768

https://bugzilla.suse.com/1190786

https://bugzilla.suse.com/1190812

https://bugzilla.suse.com/1191271

https://bugzilla.suse.com/1191663

https://bugzilla.suse.com/1192483

https://bugzilla.suse.com/1193064

https://bugzilla.suse.com/1193277

https://bugzilla.suse.com/1193289

https://bugzilla.suse.com/1193431

https://bugzilla.suse.com/1193556

https://bugzilla.suse.com/1193629

https://bugzilla.suse.com/1193640

https://bugzilla.suse.com/1193787

https://bugzilla.suse.com/1193823

https://bugzilla.suse.com/1193852

https://bugzilla.suse.com/1194086

https://bugzilla.suse.com/1194111

https://bugzilla.suse.com/1194191

https://bugzilla.suse.com/1194409

https://bugzilla.suse.com/1194501

https://bugzilla.suse.com/1194523

https://bugzilla.suse.com/1194526

https://bugzilla.suse.com/1194583

https://bugzilla.suse.com/1194585

https://bugzilla.suse.com/1194586

https://bugzilla.suse.com/1194625

https://bugzilla.suse.com/1194765

https://bugzilla.suse.com/1194826

https://bugzilla.suse.com/1194869

https://bugzilla.suse.com/1195099

https://bugzilla.suse.com/1195287

https://bugzilla.suse.com/1195478

https://bugzilla.suse.com/1195482

https://bugzilla.suse.com/1195504

https://bugzilla.suse.com/1195651

https://bugzilla.suse.com/1195668

https://bugzilla.suse.com/1195669

https://bugzilla.suse.com/1195775

https://bugzilla.suse.com/1195823

https://bugzilla.suse.com/1195826

https://bugzilla.suse.com/1195913

https://bugzilla.suse.com/1195915

https://bugzilla.suse.com/1195926

https://bugzilla.suse.com/1195944

https://bugzilla.suse.com/1195957

https://bugzilla.suse.com/1195987

https://bugzilla.suse.com/1196079

https://bugzilla.suse.com/1196114

https://bugzilla.suse.com/1196130

https://bugzilla.suse.com/1196213

https://bugzilla.suse.com/1196306

https://bugzilla.suse.com/1196367

https://bugzilla.suse.com/1198402

https://bugzilla.suse.com/1198410

https://bugzilla.suse.com/1198412

https://bugzilla.suse.com/1198413

https://bugzilla.suse.com/1198438

https://bugzilla.suse.com/1198484

https://bugzilla.suse.com/1198577

https://bugzilla.suse.com/1198585

https://bugzilla.suse.com/1198660

https://bugzilla.suse.com/1198802

https://bugzilla.suse.com/1198803

https://bugzilla.suse.com/1196400

https://bugzilla.suse.com/1196426

https://bugzilla.suse.com/1196478

https://bugzilla.suse.com/1196514

https://bugzilla.suse.com/1196570

https://bugzilla.suse.com/1196723

https://bugzilla.suse.com/1196779

https://bugzilla.suse.com/1196830

https://bugzilla.suse.com/1196836

https://bugzilla.suse.com/1196866

https://bugzilla.suse.com/1196868

https://bugzilla.suse.com/1196869

https://bugzilla.suse.com/1196901

https://bugzilla.suse.com/1196930

https://bugzilla.suse.com/1196942

https://bugzilla.suse.com/1196960

https://bugzilla.suse.com/1197016

https://bugzilla.suse.com/1197157

https://bugzilla.suse.com/1197227

https://bugzilla.suse.com/1197243

https://bugzilla.suse.com/1197292

https://bugzilla.suse.com/1197302

https://bugzilla.suse.com/1197303

https://bugzilla.suse.com/1197304

https://bugzilla.suse.com/1197362

https://bugzilla.suse.com/1197386

https://bugzilla.suse.com/1197501

https://bugzilla.suse.com/1197601

https://bugzilla.suse.com/1197661

https://bugzilla.suse.com/1197675

https://bugzilla.suse.com/1197761

https://bugzilla.suse.com/1197817

https://bugzilla.suse.com/1197819

https://bugzilla.suse.com/1197820

https://bugzilla.suse.com/1197888

https://bugzilla.suse.com/1197889

https://bugzilla.suse.com/1197894

https://bugzilla.suse.com/1197915

https://bugzilla.suse.com/1197917

https://bugzilla.suse.com/1197918

https://bugzilla.suse.com/1197920

https://bugzilla.suse.com/1197921

https://bugzilla.suse.com/1197922

https://bugzilla.suse.com/1197926

https://bugzilla.suse.com/1198009

https://bugzilla.suse.com/1198010

https://bugzilla.suse.com/1198012

https://bugzilla.suse.com/1198013

https://bugzilla.suse.com/1198014

https://bugzilla.suse.com/1198015

https://bugzilla.suse.com/1198016

https://bugzilla.suse.com/1198017

https://bugzilla.suse.com/1198018

https://bugzilla.suse.com/1198019

https://bugzilla.suse.com/1198020

https://bugzilla.suse.com/1198021

https://bugzilla.suse.com/1198022

https://bugzilla.suse.com/1198023

https://bugzilla.suse.com/1198024

https://bugzilla.suse.com/1198027

https://bugzilla.suse.com/1198030

https://bugzilla.suse.com/1198034

https://bugzilla.suse.com/1198058

https://bugzilla.suse.com/1198217

https://bugzilla.suse.com/1198379

https://bugzilla.suse.com/1198806

https://bugzilla.suse.com/1198811

https://bugzilla.suse.com/1198826

https://bugzilla.suse.com/1198829

https://bugzilla.suse.com/1198835

https://bugzilla.suse.com/1198968

https://bugzilla.suse.com/1198971

https://bugzilla.suse.com/1199011

https://bugzilla.suse.com/1199024

https://bugzilla.suse.com/1199035

https://bugzilla.suse.com/1199046

https://bugzilla.suse.com/1199052

https://bugzilla.suse.com/1199063

https://bugzilla.suse.com/1199163

https://bugzilla.suse.com/1199173

https://bugzilla.suse.com/1199260

https://bugzilla.suse.com/1199314

https://bugzilla.suse.com/1199390

https://bugzilla.suse.com/1199426

https://bugzilla.suse.com/1199433

https://bugzilla.suse.com/1199439

https://bugzilla.suse.com/1199482

https://bugzilla.suse.com/1199487

https://bugzilla.suse.com/1199505

https://bugzilla.suse.com/1199507

https://bugzilla.suse.com/1199605

https://bugzilla.suse.com/1199611

https://bugzilla.suse.com/1199626

https://bugzilla.suse.com/1199631

https://bugzilla.suse.com/1199650

https://bugzilla.suse.com/1199657

https://bugzilla.suse.com/1199674

https://bugzilla.suse.com/1199736

https://bugzilla.suse.com/1199793

https://bugzilla.suse.com/1199839

https://bugzilla.suse.com/1199875

https://bugzilla.suse.com/1199909

https://bugzilla.suse.com/1200015

https://bugzilla.suse.com/1200019

https://bugzilla.suse.com/1200045

https://bugzilla.suse.com/1200046

https://bugzilla.suse.com/1200144

https://bugzilla.suse.com/1200205

https://bugzilla.suse.com/1200211

https://bugzilla.suse.com/1200259

https://bugzilla.suse.com/1200263

https://bugzilla.suse.com/1200284

https://bugzilla.suse.com/1200315

https://bugzilla.suse.com/1200343

https://bugzilla.suse.com/1200420

https://bugzilla.suse.com/1200442

https://bugzilla.suse.com/1200475

https://bugzilla.suse.com/1200502

https://bugzilla.suse.com/1200567

https://bugzilla.suse.com/1200569

https://bugzilla.suse.com/1200571

https://bugzilla.suse.com/1200599

https://bugzilla.suse.com/1200600

https://bugzilla.suse.com/1200608

https://bugzilla.suse.com/1200611

https://bugzilla.suse.com/1200619

https://bugzilla.suse.com/1200692

https://bugzilla.suse.com/1200762

https://bugzilla.suse.com/1200763

https://bugzilla.suse.com/1200806

https://bugzilla.suse.com/1200807

https://bugzilla.suse.com/1200808

https://bugzilla.suse.com/1200809

https://bugzilla.suse.com/1200810

https://bugzilla.suse.com/1200812

https://bugzilla.suse.com/1200813

https://bugzilla.suse.com/1200815

https://bugzilla.suse.com/1200816

https://bugzilla.suse.com/1200820

https://bugzilla.suse.com/1200821

https://bugzilla.suse.com/1200822

https://bugzilla.suse.com/1200824

https://bugzilla.suse.com/1200825

https://bugzilla.suse.com/1200827

https://bugzilla.suse.com/1200828

https://bugzilla.suse.com/1200829

https://bugzilla.suse.com/1200830

https://bugzilla.suse.com/1200845

https://bugzilla.suse.com/1200882

https://bugzilla.suse.com/1200925

https://bugzilla.suse.com/1201050

https://bugzilla.suse.com/1201080

https://bugzilla.suse.com/1201160

https://bugzilla.suse.com/1201171

https://bugzilla.suse.com/1201177

https://bugzilla.suse.com/1201193

https://bugzilla.suse.com/1201196

https://bugzilla.suse.com/1201218

https://bugzilla.suse.com/1201222

https://bugzilla.suse.com/1201228

https://bugzilla.suse.com/1201251

https://bugzilla.suse.com/1201381

https://bugzilla.suse.com/1201471

https://bugzilla.suse.com/1201524

https://www.suse.com/security/cve/CVE-2021-26341

https://www.suse.com/security/cve/CVE-2021-33061

https://www.suse.com/security/cve/CVE-2021-4204

https://www.suse.com/security/cve/CVE-2021-44879

https://www.suse.com/security/cve/CVE-2021-45402

https://www.suse.com/security/cve/CVE-2022-0264

https://www.suse.com/security/cve/CVE-2022-0494

https://www.suse.com/security/cve/CVE-2022-0617

https://www.suse.com/security/cve/CVE-2022-1012

https://www.suse.com/security/cve/CVE-2022-1016

https://www.suse.com/security/cve/CVE-2022-1184

https://www.suse.com/security/cve/CVE-2022-1198

https://www.suse.com/security/cve/CVE-2022-1205

https://www.suse.com/security/cve/CVE-2022-1462

https://www.suse.com/security/cve/CVE-2022-1508

https://www.suse.com/security/cve/CVE-2022-1651

https://www.suse.com/security/cve/CVE-2022-1652

https://www.suse.com/security/cve/CVE-2022-1671

https://www.suse.com/security/cve/CVE-2022-1679

https://www.suse.com/security/cve/CVE-2022-1729

https://www.suse.com/security/cve/CVE-2022-1734

https://www.suse.com/security/cve/CVE-2022-1789

https://www.suse.com/security/cve/CVE-2022-1852

https://www.suse.com/security/cve/CVE-2022-1972

https://www.suse.com/security/cve/CVE-2022-1974

https://www.suse.com/security/cve/CVE-2022-1998

https://www.suse.com/security/cve/CVE-2022-20132

https://www.suse.com/security/cve/CVE-2022-20154

https://www.suse.com/security/cve/CVE-2022-21123

https://www.suse.com/security/cve/CVE-2022-21125

https://www.suse.com/security/cve/CVE-2022-21127

https://www.suse.com/security/cve/CVE-2022-21166

https://www.suse.com/security/cve/CVE-2022-21180

https://www.suse.com/security/cve/CVE-2022-21499

https://www.suse.com/security/cve/CVE-2022-2318

https://www.suse.com/security/cve/CVE-2022-23222

https://www.suse.com/security/cve/CVE-2022-26365

https://www.suse.com/security/cve/CVE-2022-26490

https://www.suse.com/security/cve/CVE-2022-29582

https://www.suse.com/security/cve/CVE-2022-29900

https://www.suse.com/security/cve/CVE-2022-29901

https://www.suse.com/security/cve/CVE-2022-30594

https://www.suse.com/security/cve/CVE-2022-33740

https://www.suse.com/security/cve/CVE-2022-33741

https://www.suse.com/security/cve/CVE-2022-33742

https://www.suse.com/security/cve/CVE-2022-33743

https://www.suse.com/security/cve/CVE-2022-33981

https://www.suse.com/security/cve/CVE-2022-34918

http://www.nessus.org/u?33bdad9e

https://bugzilla.suse.com/1198400

Plugin Details

Severity: High

ID: 163378

File Name: suse_SU-2022-2520-1.nasl

Version: 1.16

Type: local

Agent: unix

Published: 7/22/2022

Updated: 1/16/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-34918

CVSS v3

Risk Factor: High

Base Score: 8.2

Temporal Score: 7.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2022-1012

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150400_24_11-default, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-extra, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-64kb

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/21/2022

Vulnerability Publication Date: 1/14/2022

Exploitable With

Core Impact

Metasploit (Netfilter nft_set_elem_init Heap Overflow Privilege Escalation)

Reference Information

CVE: CVE-2021-26341, CVE-2021-33061, CVE-2021-4204, CVE-2021-44879, CVE-2021-45402, CVE-2022-0264, CVE-2022-0494, CVE-2022-0617, CVE-2022-1012, CVE-2022-1016, CVE-2022-1184, CVE-2022-1198, CVE-2022-1205, CVE-2022-1462, CVE-2022-1508, CVE-2022-1651, CVE-2022-1652, CVE-2022-1671, CVE-2022-1679, CVE-2022-1729, CVE-2022-1734, CVE-2022-1789, CVE-2022-1852, CVE-2022-1972, CVE-2022-1974, CVE-2022-1998, CVE-2022-20132, CVE-2022-20154, CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166, CVE-2022-21180, CVE-2022-21499, CVE-2022-2318, CVE-2022-23222, CVE-2022-26365, CVE-2022-26490, CVE-2022-29582, CVE-2022-29900, CVE-2022-29901, CVE-2022-30594, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742, CVE-2022-33743, CVE-2022-33981, CVE-2022-34918

SuSE: SUSE-SU-2022:2520-1