SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:0910-1)

high Nessus Plugin ID 192180

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0910-1 advisory.

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes.


The following security bugs were fixed:

- CVE-2019-25162: Fixed a potential use after free (bsc#1220409).
- CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457).
- CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459)
- CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444)
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216).
- CVE-2023-52340: Fixed ICMPv6 Packet Too Big packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295).
- CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827).
- CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140).
- CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240).
- CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
- CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
- CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253).
- CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
- CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250).
- CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257).
- CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364).
- CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350).
- CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
- CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
- CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649)
- CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796)
- CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195).
- CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915).
- CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835).
- CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127).
- CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
- CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146).
- CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927).
- CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
- CVE-2024-26586: Fixed stack corruption (bsc#1220243).
- CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255).
- CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254).
- CVE-2024-26593: Fixed block process call transactions (bsc#1220009).
- CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344).
- CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326).
- CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
- CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335).
- CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1194869

https://bugzilla.suse.com/1206453

https://bugzilla.suse.com/1209412

https://bugzilla.suse.com/1213456

https://bugzilla.suse.com/1216776

https://bugzilla.suse.com/1217927

https://bugzilla.suse.com/1218195

https://bugzilla.suse.com/1218216

https://bugzilla.suse.com/1218450

https://bugzilla.suse.com/1218527

https://bugzilla.suse.com/1218663

https://bugzilla.suse.com/1218915

https://bugzilla.suse.com/1219126

https://www.suse.com/security/cve/CVE-2024-0607

https://www.suse.com/security/cve/CVE-2024-1151

https://www.suse.com/security/cve/CVE-2024-23849

https://www.suse.com/security/cve/CVE-2024-23850

https://www.suse.com/security/cve/CVE-2024-23851

https://www.suse.com/security/cve/CVE-2024-25744

https://www.suse.com/security/cve/CVE-2024-26585

https://www.suse.com/security/cve/CVE-2024-26586

https://www.suse.com/security/cve/CVE-2024-26589

https://www.suse.com/security/cve/CVE-2024-26591

https://www.suse.com/security/cve/CVE-2024-26593

https://www.suse.com/security/cve/CVE-2024-26595

https://www.suse.com/security/cve/CVE-2024-26598

https://www.suse.com/security/cve/CVE-2024-26602

https://www.suse.com/security/cve/CVE-2024-26603

https://www.suse.com/security/cve/CVE-2024-26622

https://bugzilla.suse.com/1219127

https://bugzilla.suse.com/1219141

https://bugzilla.suse.com/1219146

https://bugzilla.suse.com/1219295

https://bugzilla.suse.com/1219443

https://bugzilla.suse.com/1219653

https://bugzilla.suse.com/1219827

https://bugzilla.suse.com/1219835

https://bugzilla.suse.com/1219839

https://bugzilla.suse.com/1219840

https://bugzilla.suse.com/1219934

https://bugzilla.suse.com/1220003

https://bugzilla.suse.com/1220009

https://bugzilla.suse.com/1220021

https://bugzilla.suse.com/1220030

https://bugzilla.suse.com/1220106

https://bugzilla.suse.com/1220140

https://bugzilla.suse.com/1220187

https://bugzilla.suse.com/1220238

https://bugzilla.suse.com/1220240

https://bugzilla.suse.com/1220241

https://bugzilla.suse.com/1220243

https://bugzilla.suse.com/1220250

https://bugzilla.suse.com/1220251

https://bugzilla.suse.com/1220253

https://bugzilla.suse.com/1220254

https://bugzilla.suse.com/1220255

https://bugzilla.suse.com/1220257

https://bugzilla.suse.com/1220267

https://bugzilla.suse.com/1220277

https://bugzilla.suse.com/1220317

https://bugzilla.suse.com/1220326

https://bugzilla.suse.com/1220328

https://bugzilla.suse.com/1220330

https://bugzilla.suse.com/1220335

https://bugzilla.suse.com/1220344

https://bugzilla.suse.com/1220348

https://bugzilla.suse.com/1220350

https://bugzilla.suse.com/1220364

https://bugzilla.suse.com/1220392

https://bugzilla.suse.com/1220393

https://bugzilla.suse.com/1220398

https://bugzilla.suse.com/1220409

https://bugzilla.suse.com/1220444

https://bugzilla.suse.com/1220457

https://bugzilla.suse.com/1220459

https://bugzilla.suse.com/1220649

https://bugzilla.suse.com/1220796

https://bugzilla.suse.com/1220825

http://www.nessus.org/u?0828c5e0

https://www.suse.com/security/cve/CVE-2019-25162

https://www.suse.com/security/cve/CVE-2021-46923

https://www.suse.com/security/cve/CVE-2021-46924

https://www.suse.com/security/cve/CVE-2021-46932

https://www.suse.com/security/cve/CVE-2023-28746

https://www.suse.com/security/cve/CVE-2023-5197

https://www.suse.com/security/cve/CVE-2023-52340

https://www.suse.com/security/cve/CVE-2023-52429

https://www.suse.com/security/cve/CVE-2023-52439

https://www.suse.com/security/cve/CVE-2023-52443

https://www.suse.com/security/cve/CVE-2023-52445

https://www.suse.com/security/cve/CVE-2023-52447

https://www.suse.com/security/cve/CVE-2023-52448

https://www.suse.com/security/cve/CVE-2023-52449

https://www.suse.com/security/cve/CVE-2023-52451

https://www.suse.com/security/cve/CVE-2023-52452

https://www.suse.com/security/cve/CVE-2023-52456

https://www.suse.com/security/cve/CVE-2023-52457

https://www.suse.com/security/cve/CVE-2023-52463

https://www.suse.com/security/cve/CVE-2023-52464

https://www.suse.com/security/cve/CVE-2023-52475

https://www.suse.com/security/cve/CVE-2023-52478

https://www.suse.com/security/cve/CVE-2023-6817

Plugin Details

Severity: High

ID: 192180

File Name: suse_SU-2024-0910-1.nasl

Version: 1.6

Type: local

Agent: unix

Published: 3/16/2024

Updated: 12/16/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-26622

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2024-25744

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150500_13_38-rt, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/15/2024

Vulnerability Publication Date: 9/27/2023

Reference Information

CVE: CVE-2019-25162, CVE-2021-46923, CVE-2021-46924, CVE-2021-46932, CVE-2023-28746, CVE-2023-5197, CVE-2023-52340, CVE-2023-52429, CVE-2023-52439, CVE-2023-52443, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451, CVE-2023-52452, CVE-2023-52456, CVE-2023-52457, CVE-2023-52463, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-6817, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23850, CVE-2024-23851, CVE-2024-25744, CVE-2024-26585, CVE-2024-26586, CVE-2024-26589, CVE-2024-26591, CVE-2024-26593, CVE-2024-26595, CVE-2024-26598, CVE-2024-26602, CVE-2024-26603, CVE-2024-26622

SuSE: SUSE-SU-2024:0910-1