SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1490-1)

high Nessus Plugin ID 194976

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1490-1 advisory.

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
- CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-acpi (bsc#1220478).
- CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443).
- CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482).
- CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
- CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486).
- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
- CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
- CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
- CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
- CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959).
- CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978).
- CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
- CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
- CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981).
- CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982).
- CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983).
- CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955).
- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
- CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009).
- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
- CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
- CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
- CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986).
- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).
- CVE-2021-47182: Fixed buffer length handling in scsi_mode_sense() in scsi core (bsc#1222662).
- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).
- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).
- CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635).
- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).
- CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
- CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514).
- CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221).
- CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
- CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237).
- CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337).
- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).
- CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).
- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).
- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).
- CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887).
- CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797).
- CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
- CVE-2023-52488: Fixed data corruption due to error on incrementing register address in regmap functions for FIFO in serial sc16is7xx (bsc#1221162).
- CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function
__dma_async_device_channel_register() (bsc#1221276).
- CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274).
- CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273).
- CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
- CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
- CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885).
- CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831).
- CVE-2023-52503: Fixed use-after-free in amdtee_close_session due to race condition with amdtee_open_session in tee amdtee (bsc#1220915).
- CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553).
- CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
- CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015).
- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).
- CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
- CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
- CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
- CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055).
- CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056).
- CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920).
- CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921).
- CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926).
- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840).
- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).
- CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
- CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
- CVE-2023-52561: Fixed denial of service due to missing reserved attribute on cont splash memory region in arm64 dts qcom sdm845-db845c (bsc#1220935).
- CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937).
- CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938).
- CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940).
- CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839).
- CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918).
- CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
- CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872).
- CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
- CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045).
- CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
- CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).
- CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062).
- CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071).
- CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068).
- CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070).
- CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066).
- CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067).
- CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
- CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069).
- CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).
- CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375).
- CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616).
- CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
- CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613).
- CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618).
- CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
- CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
- CVE-2023-52627: Fixed null pointer dereference due to lack of callback functions in iio adc ad7091r (bsc#1222051)
- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
- CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274).
- CVE-2023-52636: Fixed denial of service due to wrongly init the cursor when preparing sparse read in msgr2 in libceph (bsc#1222247).
- CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291).
- CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
- CVE-2024-0841: Fixed null pointer dereference in hugetlbfs_fill_super() (bsc#1219264).
- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-23850: Fixed denial of service due to assertion failure due to subvolume readed before root item insertion in btrfs_get_root_ref in btrfs (bsc#1219126).
- CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).
- CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725).
- CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365).
- CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340).
- CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
- CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298).
- CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090).
- CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056).
- CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070).
- CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337).
- CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
- CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317).
- CVE-2024-26660: Fixed buffer overflow in dcn301_stream_encoder_create in drm amd display (bsc#1222266)
- CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355).
- CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331).
- CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356).
- CVE-2024-26680: Fixed denial of service due to DMA mapping for PTP hwts ring in net atlantic (bsc#1222427).
- CVE-2024-26681: Fixed denial of service in nsim_dev_trap_report_work() in netdevsim (bsc#1222431).
- CVE-2024-26684: Fixed handling of DPP safety error for DMA channels in net stmmac xgmac (bsc#1222445).
- CVE-2024-26685: Fixed denial of service in end_buffer_async_write() in nilfs2 (bsc#1222437).
- CVE-2024-26689: Fixed use-after-free in encode_cap_msg() in ceph (bsc#1222503).
- CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373).
- CVE-2024-26696: Fixed denial of service in nilfs_lookup_dirty_data_buffers() in nilfs2 (bsc#1222549).
- CVE-2024-26697: Fixed data corruption in dsync block recovery for small block sizes in nilfs2 (bsc#1222550).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360).
- CVE-2024-26718: Fixed memory corruption in tasklet_unlock via disabling tasklets in dm-crypt and dm- verify (bsc#1222416).
- CVE-2024-26722: Fixed denial of service in rt5645_jack_detect_work() due to mutex left locked forever in ASoC rt5645 (bsc#1222520).
- CVE-2024-26727: Fixed denial of service due to assertion failure during subvolume creation (bsc#1222536).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26736: Fixed buffer overflow in afs_update_volume_status() in afs (bsc#1222586).
- CVE-2024-26737: Fixed use-after-free due to race between bpf_timer_cancel_and_free and bpf_timer_cancel in bpf (bsc#1222557).
- CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677)
- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449)
- CVE-2024-26745: Fixed null pointer dereference due to IOMMU table not initialized for kdump over SR-IOV (bsc#1220492, bsc#1222678).
- CVE-2024-26747: Fixed null pointer issue when put module's reference in usb roles (bsc#1222609).
- CVE-2024-26749: Fixed use-after-free at cdns3_gadget_ep_disable() in usb cdns3 (bsc#1222680).
- CVE-2024-26751: Fixed denial of service due to gpiod_lookup_table search loop not ending correctly (bsc#1222724)
- CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).
- CVE-2024-26760: Fixed null pointer dereference on error case in bio_put() in scsi target pscsi (bsc#1222596)
- CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).
- CVE-2024-26766: Fixed off-by-one error in sdma.h tx->num_descs in ib/hfi1 (bsc#1222726)
- CVE-2024-26769: Fixed deadlock on delete association path in nvmet-fc (bsc#1222727).
- CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)
- CVE-2024-26776: Fixed null pointer dereference due to null value returned by interrupt handler in spi hisi-sfc-v3xx (bsc#1222764)
- CVE-2024-26779: Fixed denial of service due to race condition on enabling fast-xmit in wifi mac80211 (bsc#1222772).
- CVE-2024-26787: Fixed DMA API overlapping mappings in mmc mmci stm32 (bsc#1222781)
- CVE-2024-26790: Fixed denial of service on 16 bytes unaligned read in dmaengine fsl-qdma (bsc#1222784)
- CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).
- CVE-2024-26798: Fixed denial of service due to wrongly restore fond data upon failure in fbcon (bsc#1222798).
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-26807: Fixed memory corruption due to wrong pointer reference in spi cadence-qspi (bsc#1222801)
- CVE-2024-26848: Fixed denial of service due to endless loop in directory parsing in afs (bsc#1223030).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1177529

https://bugzilla.suse.com/1192145

https://bugzilla.suse.com/1194869

https://bugzilla.suse.com/1200465

https://bugzilla.suse.com/1205316

https://bugzilla.suse.com/1207948

https://bugzilla.suse.com/1209635

https://bugzilla.suse.com/1209657

https://bugzilla.suse.com/1212514

https://bugzilla.suse.com/1213456

https://bugzilla.suse.com/1214852

https://bugzilla.suse.com/1215221

https://bugzilla.suse.com/1215322

https://bugzilla.suse.com/1217339

https://bugzilla.suse.com/1217829

https://bugzilla.suse.com/1217959

https://bugzilla.suse.com/1217987

https://bugzilla.suse.com/1217988

https://bugzilla.suse.com/1217989

https://bugzilla.suse.com/1218321

https://bugzilla.suse.com/1218336

https://bugzilla.suse.com/1218479

https://bugzilla.suse.com/1218643

https://bugzilla.suse.com/1218777

https://bugzilla.suse.com/1219126

https://bugzilla.suse.com/1219169

https://bugzilla.suse.com/1219170

https://bugzilla.suse.com/1219264

https://bugzilla.suse.com/1219834

https://bugzilla.suse.com/1220114

https://bugzilla.suse.com/1220176

https://bugzilla.suse.com/1220237

https://bugzilla.suse.com/1220251

https://bugzilla.suse.com/1220320

https://bugzilla.suse.com/1220337

https://bugzilla.suse.com/1220340

https://bugzilla.suse.com/1220365

https://bugzilla.suse.com/1220366

https://bugzilla.suse.com/1220398

https://bugzilla.suse.com/1220411

https://bugzilla.suse.com/1220413

https://bugzilla.suse.com/1220986

https://bugzilla.suse.com/1220987

https://bugzilla.suse.com/1220989

https://bugzilla.suse.com/1220990

https://bugzilla.suse.com/1221009

https://bugzilla.suse.com/1221012

https://bugzilla.suse.com/1221015

https://bugzilla.suse.com/1221022

https://bugzilla.suse.com/1221039

https://bugzilla.suse.com/1221040

https://bugzilla.suse.com/1221044

https://bugzilla.suse.com/1221045

https://bugzilla.suse.com/1221046

https://bugzilla.suse.com/1221048

https://bugzilla.suse.com/1221055

https://bugzilla.suse.com/1221056

https://bugzilla.suse.com/1221058

https://bugzilla.suse.com/1221060

https://bugzilla.suse.com/1221061

https://bugzilla.suse.com/1221062

https://bugzilla.suse.com/1221066

https://bugzilla.suse.com/1221067

https://bugzilla.suse.com/1221068

https://bugzilla.suse.com/1221069

https://bugzilla.suse.com/1221070

https://bugzilla.suse.com/1221071

https://bugzilla.suse.com/1221077

https://bugzilla.suse.com/1221082

https://bugzilla.suse.com/1221090

https://bugzilla.suse.com/1221097

https://bugzilla.suse.com/1221156

https://bugzilla.suse.com/1221162

https://bugzilla.suse.com/1221252

https://bugzilla.suse.com/1221273

https://bugzilla.suse.com/1221274

https://bugzilla.suse.com/1221276

https://bugzilla.suse.com/1221277

https://bugzilla.suse.com/1221291

https://bugzilla.suse.com/1221293

https://bugzilla.suse.com/1221298

https://bugzilla.suse.com/1221337

https://bugzilla.suse.com/1221338

https://bugzilla.suse.com/1221375

https://bugzilla.suse.com/1221379

https://bugzilla.suse.com/1221551

https://bugzilla.suse.com/1221553

https://bugzilla.suse.com/1221613

https://bugzilla.suse.com/1221614

https://bugzilla.suse.com/1221616

https://bugzilla.suse.com/1221618

https://bugzilla.suse.com/1221631

https://bugzilla.suse.com/1221633

https://bugzilla.suse.com/1221713

https://www.suse.com/security/cve/CVE-2021-47101

https://www.suse.com/security/cve/CVE-2021-47102

https://www.suse.com/security/cve/CVE-2021-47104

https://www.suse.com/security/cve/CVE-2021-47105

https://www.suse.com/security/cve/CVE-2021-47107

https://www.suse.com/security/cve/CVE-2021-47108

https://www.suse.com/security/cve/CVE-2021-47181

https://www.suse.com/security/cve/CVE-2021-47182

https://www.suse.com/security/cve/CVE-2021-47183

https://www.suse.com/security/cve/CVE-2021-47185

https://www.suse.com/security/cve/CVE-2021-47189

https://www.suse.com/security/cve/CVE-2022-4744

https://www.suse.com/security/cve/CVE-2022-48626

https://www.suse.com/security/cve/CVE-2022-48629

https://www.suse.com/security/cve/CVE-2022-48630

https://www.suse.com/security/cve/CVE-2023-0160

https://www.suse.com/security/cve/CVE-2023-28746

https://www.suse.com/security/cve/CVE-2023-35827

https://www.suse.com/security/cve/CVE-2023-4881

https://www.suse.com/security/cve/CVE-2023-52447

https://www.suse.com/security/cve/CVE-2023-52450

https://www.suse.com/security/cve/CVE-2023-52453

https://www.suse.com/security/cve/CVE-2023-52454

https://www.suse.com/security/cve/CVE-2023-52469

https://www.suse.com/security/cve/CVE-2023-52470

https://www.suse.com/security/cve/CVE-2023-52474

https://www.suse.com/security/cve/CVE-2023-52476

https://www.suse.com/security/cve/CVE-2023-52477

https://bugzilla.suse.com/1220439

https://bugzilla.suse.com/1220443

https://bugzilla.suse.com/1220445

https://bugzilla.suse.com/1220466

https://bugzilla.suse.com/1220478

https://bugzilla.suse.com/1220482

https://bugzilla.suse.com/1220484

https://bugzilla.suse.com/1220486

https://bugzilla.suse.com/1220487

https://bugzilla.suse.com/1220492

https://bugzilla.suse.com/1220703

https://bugzilla.suse.com/1220775

https://bugzilla.suse.com/1220790

https://bugzilla.suse.com/1220797

https://bugzilla.suse.com/1220831

https://bugzilla.suse.com/1220833

https://bugzilla.suse.com/1220836

https://bugzilla.suse.com/1220839

https://bugzilla.suse.com/1220840

https://bugzilla.suse.com/1220843

https://bugzilla.suse.com/1220870

https://bugzilla.suse.com/1220871

https://bugzilla.suse.com/1220872

https://bugzilla.suse.com/1220878

https://bugzilla.suse.com/1220879

https://bugzilla.suse.com/1220883

https://bugzilla.suse.com/1220885

https://bugzilla.suse.com/1220887

https://bugzilla.suse.com/1220898

https://bugzilla.suse.com/1220901

https://bugzilla.suse.com/1220915

https://bugzilla.suse.com/1220918

https://bugzilla.suse.com/1220920

https://bugzilla.suse.com/1220921

https://bugzilla.suse.com/1220926

https://bugzilla.suse.com/1220927

https://bugzilla.suse.com/1220929

https://bugzilla.suse.com/1220932

https://bugzilla.suse.com/1220935

https://bugzilla.suse.com/1220937

https://bugzilla.suse.com/1220938

https://bugzilla.suse.com/1220940

https://bugzilla.suse.com/1220954

https://bugzilla.suse.com/1220955

https://bugzilla.suse.com/1220959

https://bugzilla.suse.com/1220960

https://bugzilla.suse.com/1220961

https://bugzilla.suse.com/1220965

https://bugzilla.suse.com/1220969

https://bugzilla.suse.com/1220978

https://bugzilla.suse.com/1220979

https://bugzilla.suse.com/1220981

https://bugzilla.suse.com/1220982

https://bugzilla.suse.com/1220983

https://bugzilla.suse.com/1220985

https://bugzilla.suse.com/1221725

https://bugzilla.suse.com/1221777

https://bugzilla.suse.com/1221791

https://bugzilla.suse.com/1221814

https://bugzilla.suse.com/1221816

https://bugzilla.suse.com/1221830

https://bugzilla.suse.com/1221951

https://bugzilla.suse.com/1222011

https://bugzilla.suse.com/1222033

https://bugzilla.suse.com/1222051

https://bugzilla.suse.com/1222056

https://bugzilla.suse.com/1222060

https://bugzilla.suse.com/1222070

https://bugzilla.suse.com/1222073

https://bugzilla.suse.com/1222117

https://bugzilla.suse.com/1222247

https://bugzilla.suse.com/1222266

https://bugzilla.suse.com/1222274

https://bugzilla.suse.com/1222291

https://bugzilla.suse.com/1222300

https://bugzilla.suse.com/1222304

https://bugzilla.suse.com/1222317

https://bugzilla.suse.com/1222331

https://bugzilla.suse.com/1222355

https://bugzilla.suse.com/1222356

https://bugzilla.suse.com/1222360

https://bugzilla.suse.com/1222366

https://bugzilla.suse.com/1222373

https://bugzilla.suse.com/1222416

https://bugzilla.suse.com/1222422

https://bugzilla.suse.com/1222427

https://bugzilla.suse.com/1222428

https://bugzilla.suse.com/1222431

https://bugzilla.suse.com/1222437

https://bugzilla.suse.com/1222445

https://bugzilla.suse.com/1222449

https://bugzilla.suse.com/1222503

https://bugzilla.suse.com/1222520

https://bugzilla.suse.com/1222536

https://bugzilla.suse.com/1222549

https://bugzilla.suse.com/1222550

https://bugzilla.suse.com/1222557

https://bugzilla.suse.com/1222585

https://bugzilla.suse.com/1222586

https://bugzilla.suse.com/1222596

https://bugzilla.suse.com/1222609

https://bugzilla.suse.com/1222610

https://bugzilla.suse.com/1222619

https://bugzilla.suse.com/1222630

https://bugzilla.suse.com/1222632

https://bugzilla.suse.com/1222660

https://bugzilla.suse.com/1222662

https://bugzilla.suse.com/1222664

https://bugzilla.suse.com/1222669

https://bugzilla.suse.com/1222677

https://bugzilla.suse.com/1222678

https://bugzilla.suse.com/1222680

https://bugzilla.suse.com/1222706

https://bugzilla.suse.com/1222720

https://bugzilla.suse.com/1222724

https://bugzilla.suse.com/1222726

https://bugzilla.suse.com/1222727

https://bugzilla.suse.com/1222764

https://bugzilla.suse.com/1222772

https://bugzilla.suse.com/1222781

https://bugzilla.suse.com/1222784

https://bugzilla.suse.com/1222798

https://bugzilla.suse.com/1222801

https://bugzilla.suse.com/1222952

https://bugzilla.suse.com/1223030

https://bugzilla.suse.com/1223067

https://bugzilla.suse.com/1223068

https://lists.suse.com/pipermail/sle-updates/2024-May/035140.html

https://www.suse.com/security/cve/CVE-2021-46925

https://www.suse.com/security/cve/CVE-2021-46926

https://www.suse.com/security/cve/CVE-2021-46927

https://www.suse.com/security/cve/CVE-2021-46929

https://www.suse.com/security/cve/CVE-2021-46930

https://www.suse.com/security/cve/CVE-2021-46931

https://www.suse.com/security/cve/CVE-2021-46933

https://www.suse.com/security/cve/CVE-2021-46936

https://www.suse.com/security/cve/CVE-2021-47082

https://www.suse.com/security/cve/CVE-2021-47087

https://www.suse.com/security/cve/CVE-2021-47091

https://www.suse.com/security/cve/CVE-2021-47093

https://www.suse.com/security/cve/CVE-2021-47094

https://www.suse.com/security/cve/CVE-2021-47095

https://www.suse.com/security/cve/CVE-2021-47096

https://www.suse.com/security/cve/CVE-2021-47097

https://www.suse.com/security/cve/CVE-2021-47098

https://www.suse.com/security/cve/CVE-2023-52608

https://www.suse.com/security/cve/CVE-2023-52612

https://www.suse.com/security/cve/CVE-2023-52615

https://www.suse.com/security/cve/CVE-2023-52617

https://www.suse.com/security/cve/CVE-2023-52619

https://www.suse.com/security/cve/CVE-2023-52621

https://www.suse.com/security/cve/CVE-2023-52623

https://www.suse.com/security/cve/CVE-2023-52627

https://www.suse.com/security/cve/CVE-2023-52628

https://www.suse.com/security/cve/CVE-2023-52632

https://www.suse.com/security/cve/CVE-2023-52636

https://www.suse.com/security/cve/CVE-2023-52637

https://www.suse.com/security/cve/CVE-2023-52639

https://www.suse.com/security/cve/CVE-2023-6356

https://www.suse.com/security/cve/CVE-2023-6535

https://www.suse.com/security/cve/CVE-2023-6536

https://www.suse.com/security/cve/CVE-2023-7042

https://www.suse.com/security/cve/CVE-2023-7192

https://www.suse.com/security/cve/CVE-2024-0841

https://www.suse.com/security/cve/CVE-2024-2201

https://www.suse.com/security/cve/CVE-2024-22099

https://www.suse.com/security/cve/CVE-2024-23307

https://www.suse.com/security/cve/CVE-2024-23850

https://www.suse.com/security/cve/CVE-2024-25739

https://www.suse.com/security/cve/CVE-2024-25742

https://www.suse.com/security/cve/CVE-2024-26599

https://www.suse.com/security/cve/CVE-2024-26600

https://www.suse.com/security/cve/CVE-2024-26602

https://www.suse.com/security/cve/CVE-2024-26612

https://www.suse.com/security/cve/CVE-2024-26614

https://www.suse.com/security/cve/CVE-2024-26620

https://www.suse.com/security/cve/CVE-2024-26627

https://www.suse.com/security/cve/CVE-2024-26629

https://www.suse.com/security/cve/CVE-2024-26642

https://www.suse.com/security/cve/CVE-2024-26645

https://www.suse.com/security/cve/CVE-2024-26646

https://www.suse.com/security/cve/CVE-2024-26651

https://www.suse.com/security/cve/CVE-2024-26654

https://www.suse.com/security/cve/CVE-2024-26659

https://www.suse.com/security/cve/CVE-2024-26660

https://www.suse.com/security/cve/CVE-2024-26664

https://www.suse.com/security/cve/CVE-2024-26667

https://www.suse.com/security/cve/CVE-2024-26670

https://www.suse.com/security/cve/CVE-2024-26680

https://www.suse.com/security/cve/CVE-2024-26681

https://www.suse.com/security/cve/CVE-2024-26684

https://www.suse.com/security/cve/CVE-2024-26685

https://www.suse.com/security/cve/CVE-2024-26689

https://www.suse.com/security/cve/CVE-2024-26695

https://www.suse.com/security/cve/CVE-2024-26696

https://www.suse.com/security/cve/CVE-2024-26697

https://www.suse.com/security/cve/CVE-2024-26704

https://www.suse.com/security/cve/CVE-2024-26717

https://www.suse.com/security/cve/CVE-2024-26718

https://www.suse.com/security/cve/CVE-2024-26722

https://www.suse.com/security/cve/CVE-2024-26727

https://www.suse.com/security/cve/CVE-2024-26733

https://www.suse.com/security/cve/CVE-2024-26736

https://www.suse.com/security/cve/CVE-2021-47099

https://www.suse.com/security/cve/CVE-2021-47100

https://www.suse.com/security/cve/CVE-2023-52481

https://www.suse.com/security/cve/CVE-2023-52484

https://www.suse.com/security/cve/CVE-2023-52486

https://www.suse.com/security/cve/CVE-2023-52488

https://www.suse.com/security/cve/CVE-2023-52492

https://www.suse.com/security/cve/CVE-2023-52493

https://www.suse.com/security/cve/CVE-2023-52494

https://www.suse.com/security/cve/CVE-2023-52497

https://www.suse.com/security/cve/CVE-2023-52500

https://www.suse.com/security/cve/CVE-2023-52501

https://www.suse.com/security/cve/CVE-2023-52502

https://www.suse.com/security/cve/CVE-2023-52503

https://www.suse.com/security/cve/CVE-2023-52504

https://www.suse.com/security/cve/CVE-2023-52507

https://www.suse.com/security/cve/CVE-2023-52508

https://www.suse.com/security/cve/CVE-2023-52509

https://www.suse.com/security/cve/CVE-2023-52510

https://www.suse.com/security/cve/CVE-2023-52511

https://www.suse.com/security/cve/CVE-2023-52513

https://www.suse.com/security/cve/CVE-2023-52515

https://www.suse.com/security/cve/CVE-2023-52517

https://www.suse.com/security/cve/CVE-2023-52518

https://www.suse.com/security/cve/CVE-2023-52519

https://www.suse.com/security/cve/CVE-2023-52520

https://www.suse.com/security/cve/CVE-2023-52523

https://www.suse.com/security/cve/CVE-2023-52524

https://www.suse.com/security/cve/CVE-2023-52525

https://www.suse.com/security/cve/CVE-2023-52528

https://www.suse.com/security/cve/CVE-2023-52529

https://www.suse.com/security/cve/CVE-2023-52532

https://www.suse.com/security/cve/CVE-2023-52561

https://www.suse.com/security/cve/CVE-2023-52563

https://www.suse.com/security/cve/CVE-2023-52564

https://www.suse.com/security/cve/CVE-2023-52566

https://www.suse.com/security/cve/CVE-2023-52567

https://www.suse.com/security/cve/CVE-2023-52569

https://www.suse.com/security/cve/CVE-2023-52574

https://www.suse.com/security/cve/CVE-2023-52575

https://www.suse.com/security/cve/CVE-2023-52576

https://www.suse.com/security/cve/CVE-2023-52582

https://www.suse.com/security/cve/CVE-2023-52583

https://www.suse.com/security/cve/CVE-2023-52587

https://www.suse.com/security/cve/CVE-2023-52591

https://www.suse.com/security/cve/CVE-2023-52594

https://www.suse.com/security/cve/CVE-2023-52595

https://www.suse.com/security/cve/CVE-2023-52597

https://www.suse.com/security/cve/CVE-2023-52598

https://www.suse.com/security/cve/CVE-2023-52599

https://www.suse.com/security/cve/CVE-2023-52600

https://www.suse.com/security/cve/CVE-2023-52601

https://www.suse.com/security/cve/CVE-2023-52602

https://www.suse.com/security/cve/CVE-2023-52603

https://www.suse.com/security/cve/CVE-2023-52604

https://www.suse.com/security/cve/CVE-2023-52605

https://www.suse.com/security/cve/CVE-2023-52606

https://www.suse.com/security/cve/CVE-2023-52607

https://www.suse.com/security/cve/CVE-2024-26737

https://www.suse.com/security/cve/CVE-2024-26743

https://www.suse.com/security/cve/CVE-2024-26744

https://www.suse.com/security/cve/CVE-2024-26745

https://www.suse.com/security/cve/CVE-2024-26747

https://www.suse.com/security/cve/CVE-2024-26749

https://www.suse.com/security/cve/CVE-2024-26751

https://www.suse.com/security/cve/CVE-2024-26754

https://www.suse.com/security/cve/CVE-2024-26760

https://www.suse.com/security/cve/CVE-2024-26763

https://www.suse.com/security/cve/CVE-2024-26766

https://www.suse.com/security/cve/CVE-2024-26769

https://www.suse.com/security/cve/CVE-2024-26771

https://www.suse.com/security/cve/CVE-2024-26776

https://www.suse.com/security/cve/CVE-2024-26779

https://www.suse.com/security/cve/CVE-2024-26787

https://www.suse.com/security/cve/CVE-2024-26790

https://www.suse.com/security/cve/CVE-2024-26793

https://www.suse.com/security/cve/CVE-2024-26798

https://www.suse.com/security/cve/CVE-2024-26805

https://www.suse.com/security/cve/CVE-2024-26807

https://www.suse.com/security/cve/CVE-2024-26848

Plugin Details

Severity: High

ID: 194976

File Name: suse_SU-2024-1490-1.nasl

Version: 1.2

Type: local

Agent: unix

Published: 5/4/2024

Updated: 8/28/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-26599

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-source-azure, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-devel-azure, p-cpe:/a:novell:suse_linux:kernel-azure, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/3/2024

Vulnerability Publication Date: 1/26/2022

Reference Information

CVE: CVE-2021-46925, CVE-2021-46926, CVE-2021-46927, CVE-2021-46929, CVE-2021-46930, CVE-2021-46931, CVE-2021-46933, CVE-2021-46936, CVE-2021-47082, CVE-2021-47087, CVE-2021-47091, CVE-2021-47093, CVE-2021-47094, CVE-2021-47095, CVE-2021-47096, CVE-2021-47097, CVE-2021-47098, CVE-2021-47099, CVE-2021-47100, CVE-2021-47101, CVE-2021-47102, CVE-2021-47104, CVE-2021-47105, CVE-2021-47107, CVE-2021-47108, CVE-2021-47181, CVE-2021-47182, CVE-2021-47183, CVE-2021-47185, CVE-2021-47189, CVE-2022-4744, CVE-2022-48626, CVE-2022-48629, CVE-2022-48630, CVE-2023-0160, CVE-2023-28746, CVE-2023-35827, CVE-2023-4881, CVE-2023-52447, CVE-2023-52450, CVE-2023-52453, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52481, CVE-2023-52484, CVE-2023-52486, CVE-2023-52488, CVE-2023-52492, CVE-2023-52493, CVE-2023-52494, CVE-2023-52497, CVE-2023-52500, CVE-2023-52501, CVE-2023-52502, CVE-2023-52503, CVE-2023-52504, CVE-2023-52507, CVE-2023-52508, CVE-2023-52509, CVE-2023-52510, CVE-2023-52511, CVE-2023-52513, CVE-2023-52515, CVE-2023-52517, CVE-2023-52518, CVE-2023-52519, CVE-2023-52520, CVE-2023-52523, CVE-2023-52524, CVE-2023-52525, CVE-2023-52528, CVE-2023-52529, CVE-2023-52532, CVE-2023-52561, CVE-2023-52563, CVE-2023-52564, CVE-2023-52566, CVE-2023-52567, CVE-2023-52569, CVE-2023-52574, CVE-2023-52575, CVE-2023-52576, CVE-2023-52582, CVE-2023-52583, CVE-2023-52587, CVE-2023-52591, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598, CVE-2023-52599, CVE-2023-52600, CVE-2023-52601, CVE-2023-52602, CVE-2023-52603, CVE-2023-52604, CVE-2023-52605, CVE-2023-52606, CVE-2023-52607, CVE-2023-52608, CVE-2023-52612, CVE-2023-52615, CVE-2023-52617, CVE-2023-52619, CVE-2023-52621, CVE-2023-52623, CVE-2023-52627, CVE-2023-52628, CVE-2023-52632, CVE-2023-52636, CVE-2023-52637, CVE-2023-52639, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-0841, CVE-2024-2201, CVE-2024-22099, CVE-2024-23307, CVE-2024-23850, CVE-2024-25739, CVE-2024-25742, CVE-2024-26599, CVE-2024-26600, CVE-2024-26602, CVE-2024-26612, CVE-2024-26614, CVE-2024-26620, CVE-2024-26627, CVE-2024-26629, CVE-2024-26642, CVE-2024-26645, CVE-2024-26646, CVE-2024-26651, CVE-2024-26654, CVE-2024-26659, CVE-2024-26660, CVE-2024-26664, CVE-2024-26667, CVE-2024-26670, CVE-2024-26680, CVE-2024-26681, CVE-2024-26684, CVE-2024-26685, CVE-2024-26689, CVE-2024-26695, CVE-2024-26696, CVE-2024-26697, CVE-2024-26704, CVE-2024-26717, CVE-2024-26718, CVE-2024-26722, CVE-2024-26727, CVE-2024-26733, CVE-2024-26736, CVE-2024-26737, CVE-2024-26743, CVE-2024-26744, CVE-2024-26745, CVE-2024-26747, CVE-2024-26749, CVE-2024-26751, CVE-2024-26754, CVE-2024-26760, CVE-2024-26763, CVE-2024-26766, CVE-2024-26769, CVE-2024-26771, CVE-2024-26776, CVE-2024-26779, CVE-2024-26787, CVE-2024-26790, CVE-2024-26793, CVE-2024-26798, CVE-2024-26805, CVE-2024-26807, CVE-2024-26848

SuSE: SUSE-SU-2024:1490-1