SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1321-1)

high Nessus Plugin ID 193453

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1321-1 advisory.

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725).
- CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920).
- CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).
- CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
- CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938).
- CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
- CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).
- CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
- CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940).
- CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).
- CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921).
- CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514).
- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).
- CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885).
- CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839).
- CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055).
- CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
- CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840).
- CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553).
- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).
- CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
- CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990).
- CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-acpi (bsc#1220478).
- CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981).
- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
- CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982).
- CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
- CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
- CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986).
- CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983).
- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
- CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
- CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959).
- CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
- CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009).
- CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
- CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443).
- CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978).
- CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).
- CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482).
- CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
- CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635).
- CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
- CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
- CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955).
- CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function
__dma_async_device_channel_register() (bsc#1221276).
- CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
- CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).
- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
- CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).
- CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872).
- CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340).
- CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
- CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
- CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918).
- CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831).
- CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
- CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
- CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926).
- CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
- CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
- CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1220413

https://bugzilla.suse.com/1220439

https://bugzilla.suse.com/1220443

https://bugzilla.suse.com/1220445

https://bugzilla.suse.com/1220466

https://bugzilla.suse.com/1220898

https://bugzilla.suse.com/1220918

https://bugzilla.suse.com/1220920

https://bugzilla.suse.com/1220921

https://bugzilla.suse.com/1220926

https://bugzilla.suse.com/1220927

https://bugzilla.suse.com/1220929

https://bugzilla.suse.com/1220965

https://bugzilla.suse.com/1221040

https://bugzilla.suse.com/1221048

https://bugzilla.suse.com/1221055

https://bugzilla.suse.com/1221058

https://bugzilla.suse.com/1221077

https://bugzilla.suse.com/1221276

https://bugzilla.suse.com/1221551

https://bugzilla.suse.com/1221553

https://bugzilla.suse.com/1221725

https://bugzilla.suse.com/1222073

https://bugzilla.suse.com/1222619

https://lists.suse.com/pipermail/sle-updates/2024-April/035005.html

https://www.suse.com/security/cve/CVE-2021-46925

https://www.suse.com/security/cve/CVE-2021-46926

https://www.suse.com/security/cve/CVE-2021-46927

https://www.suse.com/security/cve/CVE-2021-46929

https://www.suse.com/security/cve/CVE-2021-46930

https://www.suse.com/security/cve/CVE-2021-46931

https://www.suse.com/security/cve/CVE-2021-46933

https://www.suse.com/security/cve/CVE-2021-46936

https://www.suse.com/security/cve/CVE-2021-47082

https://www.suse.com/security/cve/CVE-2021-47087

https://www.suse.com/security/cve/CVE-2021-47091

https://www.suse.com/security/cve/CVE-2021-47093

https://www.suse.com/security/cve/CVE-2021-47094

https://www.suse.com/security/cve/CVE-2023-52450

https://www.suse.com/security/cve/CVE-2023-52454

https://www.suse.com/security/cve/CVE-2023-52469

https://www.suse.com/security/cve/CVE-2023-52470

https://www.suse.com/security/cve/CVE-2023-52474

https://www.suse.com/security/cve/CVE-2023-52477

https://www.suse.com/security/cve/CVE-2023-52492

https://www.suse.com/security/cve/CVE-2023-52497

https://www.suse.com/security/cve/CVE-2023-52501

https://www.suse.com/security/cve/CVE-2023-52502

https://www.suse.com/security/cve/CVE-2023-52504

https://www.suse.com/security/cve/CVE-2023-52507

https://www.suse.com/security/cve/CVE-2023-52508

https://www.suse.com/security/cve/CVE-2023-52519

https://www.suse.com/security/cve/CVE-2023-52520

https://www.suse.com/security/cve/CVE-2023-52523

https://www.suse.com/security/cve/CVE-2023-52524

https://www.suse.com/security/cve/CVE-2023-52525

https://www.suse.com/security/cve/CVE-2023-52528

https://www.suse.com/security/cve/CVE-2023-52529

https://www.suse.com/security/cve/CVE-2023-52564

https://www.suse.com/security/cve/CVE-2023-52566

https://www.suse.com/security/cve/CVE-2023-52567

https://www.suse.com/security/cve/CVE-2023-52569

https://www.suse.com/security/cve/CVE-2023-52574

https://www.suse.com/security/cve/CVE-2023-6356

https://www.suse.com/security/cve/CVE-2024-26600

https://bugzilla.suse.com/1200599

https://bugzilla.suse.com/1209635

https://bugzilla.suse.com/1212514

https://bugzilla.suse.com/1213456

https://bugzilla.suse.com/1217987

https://bugzilla.suse.com/1217988

https://bugzilla.suse.com/1217989

https://bugzilla.suse.com/1220237

https://bugzilla.suse.com/1220251

https://bugzilla.suse.com/1220320

https://bugzilla.suse.com/1220340

https://bugzilla.suse.com/1220366

https://bugzilla.suse.com/1220411

https://bugzilla.suse.com/1220478

https://bugzilla.suse.com/1220482

https://bugzilla.suse.com/1220484

https://bugzilla.suse.com/1220486

https://bugzilla.suse.com/1220487

https://bugzilla.suse.com/1220790

https://bugzilla.suse.com/1220831

https://bugzilla.suse.com/1220833

https://bugzilla.suse.com/1220836

https://bugzilla.suse.com/1220839

https://bugzilla.suse.com/1220840

https://bugzilla.suse.com/1220843

https://bugzilla.suse.com/1220870

https://bugzilla.suse.com/1220871

https://bugzilla.suse.com/1220872

https://bugzilla.suse.com/1220878

https://bugzilla.suse.com/1220879

https://bugzilla.suse.com/1220885

https://bugzilla.suse.com/1220932

https://bugzilla.suse.com/1220938

https://bugzilla.suse.com/1220940

https://bugzilla.suse.com/1220954

https://bugzilla.suse.com/1220955

https://bugzilla.suse.com/1220959

https://bugzilla.suse.com/1220960

https://bugzilla.suse.com/1220961

https://bugzilla.suse.com/1220969

https://bugzilla.suse.com/1220978

https://bugzilla.suse.com/1220979

https://bugzilla.suse.com/1220981

https://bugzilla.suse.com/1220982

https://bugzilla.suse.com/1220983

https://bugzilla.suse.com/1220985

https://bugzilla.suse.com/1220986

https://bugzilla.suse.com/1220987

https://bugzilla.suse.com/1220989

https://bugzilla.suse.com/1220990

https://bugzilla.suse.com/1221009

https://bugzilla.suse.com/1221012

https://bugzilla.suse.com/1221015

https://bugzilla.suse.com/1221022

https://bugzilla.suse.com/1221039

https://www.suse.com/security/cve/CVE-2021-47095

https://www.suse.com/security/cve/CVE-2021-47096

https://www.suse.com/security/cve/CVE-2021-47097

https://www.suse.com/security/cve/CVE-2021-47098

https://www.suse.com/security/cve/CVE-2021-47099

https://www.suse.com/security/cve/CVE-2021-47100

https://www.suse.com/security/cve/CVE-2021-47101

https://www.suse.com/security/cve/CVE-2021-47102

https://www.suse.com/security/cve/CVE-2021-47104

https://www.suse.com/security/cve/CVE-2021-47105

https://www.suse.com/security/cve/CVE-2021-47107

https://www.suse.com/security/cve/CVE-2021-47108

https://www.suse.com/security/cve/CVE-2022-20154

https://www.suse.com/security/cve/CVE-2022-4744

https://www.suse.com/security/cve/CVE-2022-48626

https://www.suse.com/security/cve/CVE-2022-48629

https://www.suse.com/security/cve/CVE-2022-48630

https://www.suse.com/security/cve/CVE-2023-28746

https://www.suse.com/security/cve/CVE-2023-35827

https://www.suse.com/security/cve/CVE-2023-52447

https://www.suse.com/security/cve/CVE-2023-52509

https://www.suse.com/security/cve/CVE-2023-52510

https://www.suse.com/security/cve/CVE-2023-52511

https://www.suse.com/security/cve/CVE-2023-52513

https://www.suse.com/security/cve/CVE-2023-52515

https://www.suse.com/security/cve/CVE-2023-52517

https://www.suse.com/security/cve/CVE-2023-52532

https://www.suse.com/security/cve/CVE-2023-52575

https://www.suse.com/security/cve/CVE-2023-52576

https://www.suse.com/security/cve/CVE-2023-52582

https://www.suse.com/security/cve/CVE-2023-52583

https://www.suse.com/security/cve/CVE-2023-52597

https://www.suse.com/security/cve/CVE-2023-52605

https://www.suse.com/security/cve/CVE-2023-52621

https://www.suse.com/security/cve/CVE-2023-6535

https://www.suse.com/security/cve/CVE-2023-6536

https://www.suse.com/security/cve/CVE-2024-25742

Plugin Details

Severity: High

ID: 193453

File Name: suse_SU-2024-1321-1.nasl

Version: 1.3

Type: local

Agent: unix

Published: 4/18/2024

Updated: 12/13/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 4.4

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2022-20154

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2023-52515

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-64kb, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150400_24_116-default, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/17/2024

Vulnerability Publication Date: 6/15/2022

Reference Information

CVE: CVE-2021-46925, CVE-2021-46926, CVE-2021-46927, CVE-2021-46929, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46936, CVE-2021-47082, CVE-2021-47087, CVE-2021-47091, CVE-2021-47093, CVE-2021-47094, CVE-2021-47095, CVE-2021-47096, CVE-2021-47097, CVE-2021-47098, CVE-2021-47099, CVE-2021-47100, CVE-2021-47101, CVE-2021-47102, CVE-2021-47104, CVE-2021-47105, CVE-2021-47107, CVE-2021-47108, CVE-2022-20154, CVE-2022-4744, CVE-2022-48626, CVE-2022-48629, CVE-2022-48630, CVE-2023-28746, CVE-2023-35827, CVE-2023-52447, CVE-2023-52450, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52477, CVE-2023-52492, CVE-2023-52497, CVE-2023-52501, CVE-2023-52502, CVE-2023-52504, CVE-2023-52507, CVE-2023-52508, CVE-2023-52509, CVE-2023-52510, CVE-2023-52511, CVE-2023-52513, CVE-2023-52515, CVE-2023-52517, CVE-2023-52519, CVE-2023-52520, CVE-2023-52523, CVE-2023-52524, CVE-2023-52525, CVE-2023-52528, CVE-2023-52529, CVE-2023-52532, CVE-2023-52564, CVE-2023-52566, CVE-2023-52567, CVE-2023-52569, CVE-2023-52574, CVE-2023-52575, CVE-2023-52576, CVE-2023-52582, CVE-2023-52583, CVE-2023-52597, CVE-2023-52605, CVE-2023-52621, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2024-25742, CVE-2024-26600

SuSE: SUSE-SU-2024:1321-1