Detections
Analytics
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:0925-1)
high Nessus Plugin ID 192499
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0925-1 advisory.The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed (bsc#1220863)
- CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied (bsc#1220860)
- CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
- CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
- CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
- CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735).
- CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2021-47077: Fixed a NULL pointer dereference when in shost_data (bsc#1220861).
- CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work (bsc#1212514).
- CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
- CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930).
- CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931).
- CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get and nfc_llcp_sock_get_sn (bsc#1220831).
- CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
- CVE-2023-52340: Fixed ICMPv6 Packet Too Big packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295).
- CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval (bsc#1218915).
- CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control (bsc#1220825).
- CVE-2021-46921: Fixed ordering in queued_write_lock_slowpath (bsc#1220468).
- CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444)
- CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250).
- CVE-2021-46953: Fixed a corruption in interrupt mappings on watchdow probe failure (bsc#1220599).
- CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
- CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649)
- CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796)
- CVE-2019-25162: Fixed a potential use after free (bsc#1220409).
- CVE-2020-36784: Fixed reference leak when pm_runtime_get_sync fails (bsc#1220570).
- CVE-2021-47054: Fixed a bug to put child node before return (bsc#1220767).
- CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459)
- CVE-2021-46915: Fixed a bug to avoid possible divide error in nft_limit_init (bsc#1220436).
- CVE-2021-46906: Fixed an info leak in hid_submit_ctrl (bsc#1220421).
- CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
- CVE-2020-36777: Fixed a memory leak in dvb_media_device_free (bsc#1220526).
- CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240).
- CVE-2023-46343: Fixed a NULL pointer dereference in send_acknowledge (CVE-2023-46343).
- CVE-2021-46992: Fixed a bug to avoid overflows in nft_hash_buckets (bsc#1220638).
- CVE-2021-47013: Fixed a use after free in emac_mac_tx_buf_send (bsc#1220641).
- CVE-2021-46991: Fixed a use-after-free in i40e_client_subtask (bsc#1220575).
- CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344).
- CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835).
- CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
- CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127).
- CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340).
The following non-security bugs were fixed:
- ASN.1: Fix check for strdup() success (git-fixes).
- audit: fix possible soft lockup in __audit_inode_child() (git-fixes).
- Bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- Bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git-fixes).
- bnx2x: Fix PF-VF communication over multi-cos queues (git-fixes).
- e1000: fix memory leaks (git-fixes).
- gve: Fix skb truesize underestimation (git-fixes).
- igb: clean up in all error paths when enabling SR-IOV (git-fixes).
- igb: Fix constant media auto sense switching when no cable is connected (git-fixes).
- ipv6: Fix handling of LLA with VRF and sockets bound to VRF (git-fixes).
- ipv6: fix typos in __ip6_finish_output() (git-fixes).
- ixgbe: protect TX timestamping from API misuse (git-fixes).
- kcm: Call strp_stop before strp_done in kcm_attach (git-fixes).
- kcm: fix strp_init() order and cleanup (git-fixes).
- KVM: s390: vsie: fix race during shadow creation (git-fixes bsc#1220613).
- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
- KVM: x86: add support for CPUID leaf 0x80000021 (git-fixes).
- KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (git-fixes).
- KVM: x86: synthesize CPUID leaf 0x80000021h if useful (git-fixes).
- KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes).
- locking/barriers: Introduce smp_cond_load_relaxed() and atomic_cond_read_relaxed() (bsc#1220468 bsc#1050549).
- md: bypass block throttle for superblock update (git-fixes).
- media: coda: constify platform_device_id (git-fixes).
- media: coda: explicitly request exclusive reset control (git-fixes).
- media: coda: reduce iram size to leave space for suspend to ram (git-fixes).
- media: coda: reuse coda_s_fmt_vid_cap to propagate format in coda_s_fmt_vid_out (git-fixes).
- media: coda: set min_buffers_needed (git-fixes).
- media: coda: wake up capture queue on encoder stop after output streamoff (git-fixes).
- media: dvb-usb: Add memory free on error path in dw2102_probe() (git-fixes).
- media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address (git-fixes).
- media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() (git-fixes).
- media: dw2102: Fix memleak on sequence of probes (git-fixes).
- media: dw2102: Fix use after free (git-fixes).
- media: dw2102: make dvb_usb_device_description structures const (git-fixes).
- media: m920x: do not use stack on USB reads (git-fixes).
- media: rc: do not remove first bit if leader pulse is present (git-fixes).
- media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote (git-fixes).
- media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() (git-fixes).
- media: uvcvideo: Set capability in s_param (git-fixes).
- net: bonding: debug: avoid printing debug logs when bond is not notifying peers (git-fixes).
- net: fec: add missed clk_disable_unprepare in remove (git-fixes).
- net: fec: Better handle pm_runtime_get() failing in .remove() (git-fixes).
- net: fec: fix clock count mis-match (git-fixes).
- net: fec: fix use-after-free in fec_drv_remove (git-fixes).
- net: hisilicon: Fix dma_map_single failed on arm64 (git-fixes).
- net: hisilicon: fix hip04-xmit never return TX_BUSY (git-fixes).
- net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() (git-fixes).
- net: hisilicon: make hip04_tx_reclaim non-reentrant (git-fixes).
- net: hns3: add compatible handling for MAC VLAN switch parameter configuration (git-fixes).
- net: hns3: not allow SSU loopback while execute ethtool -t dev (git-fixes).
- net: lpc-enet: fix printk format strings (git-fixes).
- net: nfc: llcp: Add lock when modifying device list (git-fixes).
- net: phy: dp83867: enable robust auto-mdix (git-fixes).
- net: phy: initialise phydev speed and duplex sanely (git-fixes).
- net: sfp: add mutex to prevent concurrent state checks (git-fixes).
- net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in IRQ context (git-fixes).
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
- net/mlx5e: ethtool, Avoid setting speed to 56GBASE when autoneg off (git-fixes).
- net/sched: tcindex: search key must be 16 bits (git-fixes).
- nfsd: Do not refuse to serve out of cache (bsc#1220957).
- PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device (git-fixes).
- Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d' (git-fixes).
- Revert 'wcn36xx: Disable bmps when encryption is disabled' (git-fixes).
- s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220607).
- stmmac: fix potential division by 0 (git-fixes).
- tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450).
- usb: host: fotg210: fix the actual_length of an iso packet (git-fixes).
- usb: host: fotg210: fix the endpoint's transactional opportunities calculation (git-fixes).
- usb: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT (bsc#1218527).
- usb: musb: dsps: Fix the probe error path (git-fixes).
- usb: musb: musb_dsps: request_irq() after initializing musb (git-fixes).
- usb: musb: tusb6010: check return value after calling platform_get_resource() (git-fixes).
- usb: typec: tcpci: clear the fault status bit (git-fixes).
- wcn36xx: Fix (QoS) null data frame bitrate/modulation (git-fixes).
- wcn36xx: Fix discarded frames due to wrong sequence number (git-fixes).
- wcn36xx: fix RX BD rate mapping for 5GHz legacy rates (git-fixes).
- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
- x86/bugs: Add asm helpers for executing VERW (bsc#1213456).
- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes). Also add mds_user_clear to kABI severity as it's used purely for mitigation so it's low risk.
- x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (git-fixes).
- x86/entry_32: Add VERW just before userspace transition (git-fixes).
- x86/entry_64: Add VERW just before userspace transition (git-fixes).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1050549
https://bugzilla.suse.com/1186484
https://bugzilla.suse.com/1200599
https://bugzilla.suse.com/1212514
https://bugzilla.suse.com/1213456
https://bugzilla.suse.com/1218450
https://bugzilla.suse.com/1218527
https://bugzilla.suse.com/1218915
https://bugzilla.suse.com/1219127
https://bugzilla.suse.com/1219146
https://bugzilla.suse.com/1219295
https://bugzilla.suse.com/1219653
https://bugzilla.suse.com/1219827
https://bugzilla.suse.com/1219835
https://bugzilla.suse.com/1220187
https://bugzilla.suse.com/1220238
https://bugzilla.suse.com/1220240
https://bugzilla.suse.com/1220241
https://bugzilla.suse.com/1220250
https://bugzilla.suse.com/1220330
https://bugzilla.suse.com/1220340
https://bugzilla.suse.com/1220344
https://bugzilla.suse.com/1220409
https://bugzilla.suse.com/1220421
https://bugzilla.suse.com/1220436
https://bugzilla.suse.com/1220444
https://bugzilla.suse.com/1220459
https://bugzilla.suse.com/1220468
https://bugzilla.suse.com/1220482
https://bugzilla.suse.com/1220526
https://bugzilla.suse.com/1220570
https://bugzilla.suse.com/1220575
https://bugzilla.suse.com/1220599
https://bugzilla.suse.com/1220607
https://bugzilla.suse.com/1220613
https://bugzilla.suse.com/1220638
https://bugzilla.suse.com/1220641
https://bugzilla.suse.com/1220649
https://bugzilla.suse.com/1220700
https://bugzilla.suse.com/1220735
https://bugzilla.suse.com/1220767
https://bugzilla.suse.com/1220796
https://bugzilla.suse.com/1220825
https://bugzilla.suse.com/1220831
https://bugzilla.suse.com/1220845
https://bugzilla.suse.com/1220860
https://bugzilla.suse.com/1220861
https://bugzilla.suse.com/1220863
https://bugzilla.suse.com/1220870
https://bugzilla.suse.com/1220930
https://bugzilla.suse.com/1220931
https://bugzilla.suse.com/1220932
https://bugzilla.suse.com/1220957
https://bugzilla.suse.com/1221039
https://bugzilla.suse.com/1221040
https://bugzilla.suse.com/1221287
http://www.nessus.org/u?8f52227e
https://www.suse.com/security/cve/CVE-2019-25162
https://www.suse.com/security/cve/CVE-2020-36777
https://www.suse.com/security/cve/CVE-2020-36784
https://www.suse.com/security/cve/CVE-2021-33200
https://www.suse.com/security/cve/CVE-2021-46906
https://www.suse.com/security/cve/CVE-2021-46915
https://www.suse.com/security/cve/CVE-2021-46921
https://www.suse.com/security/cve/CVE-2021-46924
https://www.suse.com/security/cve/CVE-2021-46929
https://www.suse.com/security/cve/CVE-2021-46932
https://www.suse.com/security/cve/CVE-2021-46953
https://www.suse.com/security/cve/CVE-2021-46974
https://www.suse.com/security/cve/CVE-2021-46991
https://www.suse.com/security/cve/CVE-2021-46992
https://www.suse.com/security/cve/CVE-2021-47013
https://www.suse.com/security/cve/CVE-2021-47054
https://www.suse.com/security/cve/CVE-2021-47076
https://www.suse.com/security/cve/CVE-2021-47077
https://www.suse.com/security/cve/CVE-2021-47078
https://www.suse.com/security/cve/CVE-2022-20154
https://www.suse.com/security/cve/CVE-2022-48627
https://www.suse.com/security/cve/CVE-2023-28746
https://www.suse.com/security/cve/CVE-2023-35827
https://www.suse.com/security/cve/CVE-2023-46343
https://www.suse.com/security/cve/CVE-2023-52340
https://www.suse.com/security/cve/CVE-2023-52429
https://www.suse.com/security/cve/CVE-2023-52443
https://www.suse.com/security/cve/CVE-2023-52445
https://www.suse.com/security/cve/CVE-2023-52449
https://www.suse.com/security/cve/CVE-2023-52451
https://www.suse.com/security/cve/CVE-2023-52464
https://www.suse.com/security/cve/CVE-2023-52475
https://www.suse.com/security/cve/CVE-2023-52478
https://www.suse.com/security/cve/CVE-2023-52482
https://www.suse.com/security/cve/CVE-2023-52502
https://www.suse.com/security/cve/CVE-2023-52530
https://www.suse.com/security/cve/CVE-2023-52531
https://www.suse.com/security/cve/CVE-2023-52532
https://www.suse.com/security/cve/CVE-2023-52574
https://www.suse.com/security/cve/CVE-2023-52597
https://www.suse.com/security/cve/CVE-2023-52605
https://www.suse.com/security/cve/CVE-2024-0607
https://www.suse.com/security/cve/CVE-2024-1151
https://www.suse.com/security/cve/CVE-2024-23849
https://www.suse.com/security/cve/CVE-2024-23851
https://www.suse.com/security/cve/CVE-2024-26585
https://www.suse.com/security/cve/CVE-2024-26595
Plugin Details
Severity: High
ID: 192499
File Name: suse_SU-2024-0925-1.nasl
Version: 1.2
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/23/2024
Updated: 7/10/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2021-33200
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS Score Source: CVE-2023-52464
Vulnerability Information
CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-kgraft, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_201-default
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 3/18/2024
Vulnerability Publication Date: 5/27/2021
Reference Information
CVE: CVE-2019-25162, CVE-2020-36777, CVE-2020-36784, CVE-2021-33200, CVE-2021-46906, CVE-2021-46915, CVE-2021-46921, CVE-2021-46924, CVE-2021-46929, CVE-2021-46932, CVE-2021-46953, CVE-2021-46974, CVE-2021-46991, CVE-2021-46992, CVE-2021-47013, CVE-2021-47054, CVE-2021-47076, CVE-2021-47077, CVE-2021-47078, CVE-2022-20154, CVE-2022-48627, CVE-2023-28746, CVE-2023-35827, CVE-2023-46343, CVE-2023-52340, CVE-2023-52429, CVE-2023-52443, CVE-2023-52445, CVE-2023-52449, CVE-2023-52451, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52502, CVE-2023-52530, CVE-2023-52531, CVE-2023-52532, CVE-2023-52574, CVE-2023-52597, CVE-2023-52605, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23851, CVE-2024-26585, CVE-2024-26595, CVE-2024-26600, CVE-2024-26622
SuSE: SUSE-SU-2024:0925-1