SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:0149-1)

high Nessus Plugin ID 170675

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0149-1 advisory.

- An issue was discovered in the Linux kernel through 5.16-rc6. lkdtm_ARRAY_BOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc() and will cause the null pointer dereference. (CVE-2022-3104)

- An issue was discovered in the Linux kernel through 5.16-rc6. uapi_finalize in drivers/infiniband/core/uverbs_uapi.c lacks check of kmalloc_array(). (CVE-2022-3105)

- An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc(). (CVE-2022-3106)

- An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference. (CVE-2022-3107)

- An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup(). (CVE-2022-3108)

- An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger(). (CVE-2022-3111)

- An issue was discovered in the Linux kernel through 5.16-rc6. amvdec_set_canvases in drivers/staging/media/meson/vdec/vdec_helpers.c lacks check of the return value of kzalloc() and will cause the null pointer dereference. (CVE-2022-3112)

- An issue was discovered in the Linux kernel through 5.16-rc6. mtk_vcodec_fw_vpu_init in drivers/media/platform/mtk-vcodec/mtk_vcodec_fw_vpu.c lacks check of the return value of devm_kzalloc() and will cause the null pointer dereference. (CVE-2022-3113)

- An issue was discovered in the Linux kernel through 5.16-rc6. imx_register_uart_clocks in drivers/clk/imx/clk.c lacks check of the return value of kcalloc() and will cause the null pointer dereference. (CVE-2022-3114)

- An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference. (CVE-2022-3115)

- A flaw was found in the KVM's AMD nested virtualization (SVM). A malicious L1 guest could purposely fail to intercept the shutdown of a cooperative nested guest (L2), possibly leading to a page fault and kernel panic in the host (L0). (CVE-2022-3344)

- A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087. (CVE-2022-3564)

- A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel.
This flaw allows an attacker to conduct a remote denial (CVE-2022-4379)

- A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system. (CVE-2022-4662)

- An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet.
(CVE-2022-47520)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1187428

https://bugzilla.suse.com/1188605

https://bugzilla.suse.com/1190969

https://bugzilla.suse.com/1191259

https://bugzilla.suse.com/1193629

https://bugzilla.suse.com/1199294

https://bugzilla.suse.com/1201068

https://bugzilla.suse.com/1203219

https://bugzilla.suse.com/1203740

https://bugzilla.suse.com/1203829

https://bugzilla.suse.com/1204614

https://bugzilla.suse.com/1204652

https://bugzilla.suse.com/1204760

https://bugzilla.suse.com/1204911

https://bugzilla.suse.com/1204989

https://bugzilla.suse.com/1205257

https://bugzilla.suse.com/1205263

https://bugzilla.suse.com/1205485

https://bugzilla.suse.com/1205496

https://bugzilla.suse.com/1205601

https://bugzilla.suse.com/1205695

https://bugzilla.suse.com/1206073

https://bugzilla.suse.com/1206098

https://bugzilla.suse.com/1206101

https://bugzilla.suse.com/1206188

https://bugzilla.suse.com/1206209

https://bugzilla.suse.com/1206273

https://bugzilla.suse.com/1206344

https://bugzilla.suse.com/1206389

https://bugzilla.suse.com/1206390

https://bugzilla.suse.com/1206391

https://bugzilla.suse.com/1206393

https://bugzilla.suse.com/1206394

https://bugzilla.suse.com/1206395

https://bugzilla.suse.com/1206396

https://bugzilla.suse.com/1206397

https://bugzilla.suse.com/1206398

https://bugzilla.suse.com/1206399

https://bugzilla.suse.com/1206456

https://bugzilla.suse.com/1206468

https://bugzilla.suse.com/1206515

https://bugzilla.suse.com/1206536

https://bugzilla.suse.com/1206554

https://bugzilla.suse.com/1206602

https://bugzilla.suse.com/1206619

https://bugzilla.suse.com/1206664

https://bugzilla.suse.com/1206703

https://bugzilla.suse.com/1206794

https://bugzilla.suse.com/1206896

https://bugzilla.suse.com/1206912

https://bugzilla.suse.com/1207016

https://www.suse.com/security/cve/CVE-2022-3104

https://www.suse.com/security/cve/CVE-2022-3105

https://www.suse.com/security/cve/CVE-2022-3106

https://www.suse.com/security/cve/CVE-2022-3107

https://www.suse.com/security/cve/CVE-2022-3108

https://www.suse.com/security/cve/CVE-2022-3111

https://www.suse.com/security/cve/CVE-2022-3112

https://www.suse.com/security/cve/CVE-2022-3113

https://www.suse.com/security/cve/CVE-2022-3114

https://www.suse.com/security/cve/CVE-2022-3115

https://www.suse.com/security/cve/CVE-2022-3344

https://www.suse.com/security/cve/CVE-2022-3564

https://www.suse.com/security/cve/CVE-2022-4379

https://www.suse.com/security/cve/CVE-2022-4662

https://www.suse.com/security/cve/CVE-2022-47520

http://www.nessus.org/u?48ba13e2

Plugin Details

Severity: High

ID: 170675

File Name: suse_SU-2023-0149-1.nasl

Version: 1.4

Type: local

Agent: unix

Published: 1/26/2023

Updated: 7/13/2023

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.1

Vector: CVSS2#AV:A/AC:H/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-3564

CVSS v3

Risk Factor: High

Base Score: 7.1

Temporal Score: 6.4

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2022-47520

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-64kb, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/26/2023

Vulnerability Publication Date: 10/17/2022

Reference Information

CVE: CVE-2022-3104, CVE-2022-3105, CVE-2022-3106, CVE-2022-3107, CVE-2022-3108, CVE-2022-3111, CVE-2022-3112, CVE-2022-3113, CVE-2022-3114, CVE-2022-3115, CVE-2022-3344, CVE-2022-3564, CVE-2022-4379, CVE-2022-4662, CVE-2022-47520

SuSE: SUSE-SU-2023:0149-1