SUSE SLES15 Security Update : kernel (SUSE-SU-2024:0900-1)

high Nessus Plugin ID 192141

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0900-1 advisory.

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
- CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930).
- CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736).
- CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433).
- CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254).
- CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255).
- CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797).
- CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
- CVE-2023-52340: Fixed ICMPv6 Packet Too Big packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295).
- CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915).
- CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195).
- CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825).
- CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
- CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257).
- CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350).
- CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364).
- CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250).
- CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
- CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457).
- CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
- CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326).
- CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335).
- CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
- CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140).
- CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240).
- CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
- CVE-2024-26593: Fixed block process call transactions (bsc#1220009).
- CVE-2024-26586: Fixed stack corruption (bsc#1220243).
- CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344).
- CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
- CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253).
- CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835).
- CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216).
- CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127).
- CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827).
- CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1211515

https://bugzilla.suse.com/1213456

https://bugzilla.suse.com/1214064

https://bugzilla.suse.com/1218195

https://bugzilla.suse.com/1218216

https://bugzilla.suse.com/1218562

https://bugzilla.suse.com/1218915

https://bugzilla.suse.com/1219073

https://bugzilla.suse.com/1219126

https://bugzilla.suse.com/1219127

https://bugzilla.suse.com/1219146

https://bugzilla.suse.com/1219295

https://bugzilla.suse.com/1219633

https://bugzilla.suse.com/1219653

https://bugzilla.suse.com/1219827

https://bugzilla.suse.com/1219835

https://bugzilla.suse.com/1220009

https://bugzilla.suse.com/1220140

https://bugzilla.suse.com/1220187

https://bugzilla.suse.com/1220238

https://bugzilla.suse.com/1220240

https://bugzilla.suse.com/1220241

https://bugzilla.suse.com/1220243

https://bugzilla.suse.com/1220250

https://bugzilla.suse.com/1220251

https://bugzilla.suse.com/1220253

https://bugzilla.suse.com/1220254

https://bugzilla.suse.com/1220255

https://bugzilla.suse.com/1220257

https://bugzilla.suse.com/1220326

https://bugzilla.suse.com/1220328

https://bugzilla.suse.com/1220330

https://bugzilla.suse.com/1220335

https://bugzilla.suse.com/1220344

https://bugzilla.suse.com/1220350

https://bugzilla.suse.com/1220364

https://bugzilla.suse.com/1220398

https://bugzilla.suse.com/1220409

https://bugzilla.suse.com/1220433

https://bugzilla.suse.com/1220444

https://bugzilla.suse.com/1220457

https://bugzilla.suse.com/1220459

https://bugzilla.suse.com/1220469

https://bugzilla.suse.com/1220649

https://bugzilla.suse.com/1220735

https://bugzilla.suse.com/1220736

https://bugzilla.suse.com/1220796

https://bugzilla.suse.com/1220797

https://bugzilla.suse.com/1220825

https://bugzilla.suse.com/1220845

https://bugzilla.suse.com/1220917

https://bugzilla.suse.com/1220930

https://bugzilla.suse.com/1220931

https://bugzilla.suse.com/1220933

http://www.nessus.org/u?9aa3104f

https://www.suse.com/security/cve/CVE-2019-25162

https://www.suse.com/security/cve/CVE-2021-46923

https://www.suse.com/security/cve/CVE-2021-46924

https://www.suse.com/security/cve/CVE-2021-46932

https://www.suse.com/security/cve/CVE-2021-46934

https://www.suse.com/security/cve/CVE-2021-47083

https://www.suse.com/security/cve/CVE-2022-48627

https://www.suse.com/security/cve/CVE-2023-28746

https://www.suse.com/security/cve/CVE-2023-5197

https://www.suse.com/security/cve/CVE-2023-52340

https://www.suse.com/security/cve/CVE-2023-52429

https://www.suse.com/security/cve/CVE-2023-52439

https://www.suse.com/security/cve/CVE-2023-52443

https://www.suse.com/security/cve/CVE-2023-52445

https://www.suse.com/security/cve/CVE-2023-52447

https://www.suse.com/security/cve/CVE-2023-52448

https://www.suse.com/security/cve/CVE-2023-52449

https://www.suse.com/security/cve/CVE-2023-52451

https://www.suse.com/security/cve/CVE-2023-52452

https://www.suse.com/security/cve/CVE-2023-52456

https://www.suse.com/security/cve/CVE-2023-52457

https://www.suse.com/security/cve/CVE-2023-52463

https://www.suse.com/security/cve/CVE-2023-52464

https://www.suse.com/security/cve/CVE-2023-52467

https://www.suse.com/security/cve/CVE-2023-52475

https://www.suse.com/security/cve/CVE-2023-52478

https://www.suse.com/security/cve/CVE-2023-52482

https://www.suse.com/security/cve/CVE-2023-52484

https://www.suse.com/security/cve/CVE-2023-52530

https://www.suse.com/security/cve/CVE-2023-52531

https://www.suse.com/security/cve/CVE-2023-52559

https://www.suse.com/security/cve/CVE-2023-6270

https://www.suse.com/security/cve/CVE-2023-6817

https://www.suse.com/security/cve/CVE-2024-0607

https://www.suse.com/security/cve/CVE-2024-1151

https://www.suse.com/security/cve/CVE-2024-23849

https://www.suse.com/security/cve/CVE-2024-23850

https://www.suse.com/security/cve/CVE-2024-23851

https://www.suse.com/security/cve/CVE-2024-26585

https://www.suse.com/security/cve/CVE-2024-26586

https://www.suse.com/security/cve/CVE-2024-26589

https://www.suse.com/security/cve/CVE-2024-26591

https://www.suse.com/security/cve/CVE-2024-26593

https://www.suse.com/security/cve/CVE-2024-26595

https://www.suse.com/security/cve/CVE-2024-26598

https://www.suse.com/security/cve/CVE-2024-26602

https://www.suse.com/security/cve/CVE-2024-26603

https://www.suse.com/security/cve/CVE-2024-26607

https://www.suse.com/security/cve/CVE-2024-26622

Plugin Details

Severity: High

ID: 192141

File Name: suse_SU-2024-0900-1.nasl

Version: 1.5

Type: local

Agent: unix

Published: 3/15/2024

Updated: 8/28/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-26598

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150400_24_111-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-64kb, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/14/2024

Vulnerability Publication Date: 9/27/2023

Reference Information

CVE: CVE-2019-25162, CVE-2021-46923, CVE-2021-46924, CVE-2021-46932, CVE-2021-46934, CVE-2021-47083, CVE-2022-48627, CVE-2023-28746, CVE-2023-5197, CVE-2023-52340, CVE-2023-52429, CVE-2023-52439, CVE-2023-52443, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451, CVE-2023-52452, CVE-2023-52456, CVE-2023-52457, CVE-2023-52463, CVE-2023-52464, CVE-2023-52467, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52484, CVE-2023-52530, CVE-2023-52531, CVE-2023-52559, CVE-2023-6270, CVE-2023-6817, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23850, CVE-2024-23851, CVE-2024-26585, CVE-2024-26586, CVE-2024-26589, CVE-2024-26591, CVE-2024-26593, CVE-2024-26595, CVE-2024-26598, CVE-2024-26602, CVE-2024-26603, CVE-2024-26607, CVE-2024-26622

SuSE: SUSE-SU-2024:0900-1