SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1644-1)

high Nessus Plugin ID 197056

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1644-1 advisory.

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2024-27042: Fixed drm/amdgpu for potential out-of-bounds access in amdgpu_discovery_reg_base_init() (bsc#1223823).
- CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714).
- CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821).
- CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).
- CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
- CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644).
- CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645).
- CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646).
- CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
- CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660).
- CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-26939: Fixed drm/i915/vma UAF on destroy against retire race (bsc#1223679).
- CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525).
- CVE-2024-26915: Fixed drm/amdgpu reset IH OVERFLOW_CLEAR bit (bsc#1223207).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26898: Fixed aoe potential use-after-free problem in aoecmd_cfg_pkts (bsc#1223016).
- CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
- CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196).
- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
- CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).
- CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26876: Fixed drm/bridge/adv7511 crash on irq during probe (bsc#1223119).
- CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076).
- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
- CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052).
- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
- CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).
- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
- CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
- CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
- CVE-2024-26791: Fixed btrfs/dev-replace properly validate device names (bsc#1222793).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726).
- CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26700: Fixed drm/amd/display MST Null pointer dereference for RV (bsc#1222870).
- CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
- CVE-2024-26679: Fixed inet read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
- CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
- CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612).
- CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
- CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
- CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
- CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080).
- CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505).
- CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498).
- CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
- CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478).
- CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499).
- CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475).
- CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710).
- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)
- CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838).
- CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).
- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1141539

https://bugzilla.suse.com/1190576

https://bugzilla.suse.com/1192145

https://bugzilla.suse.com/1192837

https://bugzilla.suse.com/1193629

https://bugzilla.suse.com/1196869

https://bugzilla.suse.com/1200313

https://bugzilla.suse.com/1201308

https://bugzilla.suse.com/1201489

https://bugzilla.suse.com/1203906

https://bugzilla.suse.com/1203935

https://bugzilla.suse.com/1204614

https://bugzilla.suse.com/1207361

https://bugzilla.suse.com/1211592

https://bugzilla.suse.com/1213573

https://bugzilla.suse.com/1217339

https://bugzilla.suse.com/1217408

https://bugzilla.suse.com/1218562

https://bugzilla.suse.com/1218917

https://bugzilla.suse.com/1219104

https://bugzilla.suse.com/1219126

https://bugzilla.suse.com/1219141

https://bugzilla.suse.com/1219169

https://bugzilla.suse.com/1219170

https://bugzilla.suse.com/1219264

https://bugzilla.suse.com/1220342

https://bugzilla.suse.com/1220569

https://bugzilla.suse.com/1220761

https://bugzilla.suse.com/1221042

https://bugzilla.suse.com/1221044

https://bugzilla.suse.com/1221080

https://bugzilla.suse.com/1221084

https://bugzilla.suse.com/1221088

https://bugzilla.suse.com/1221299

https://bugzilla.suse.com/1221612

https://bugzilla.suse.com/1221617

https://bugzilla.suse.com/1221645

https://bugzilla.suse.com/1221825

https://bugzilla.suse.com/1222294

https://bugzilla.suse.com/1222307

https://bugzilla.suse.com/1222357

https://bugzilla.suse.com/1222368

https://bugzilla.suse.com/1222379

https://bugzilla.suse.com/1222385

https://bugzilla.suse.com/1222424

https://bugzilla.suse.com/1222430

https://bugzilla.suse.com/1222435

https://bugzilla.suse.com/1222482

https://bugzilla.suse.com/1222559

https://bugzilla.suse.com/1222585

https://bugzilla.suse.com/1222613

https://bugzilla.suse.com/1222615

https://bugzilla.suse.com/1222618

https://bugzilla.suse.com/1222624

https://bugzilla.suse.com/1222666

https://bugzilla.suse.com/1222669

https://bugzilla.suse.com/1222671

https://bugzilla.suse.com/1222703

https://bugzilla.suse.com/1222704

https://bugzilla.suse.com/1222709

https://bugzilla.suse.com/1222710

https://bugzilla.suse.com/1222721

https://bugzilla.suse.com/1222726

https://bugzilla.suse.com/1222773

https://bugzilla.suse.com/1222776

https://bugzilla.suse.com/1222785

https://bugzilla.suse.com/1222787

https://bugzilla.suse.com/1222790

https://bugzilla.suse.com/1222791

https://bugzilla.suse.com/1222792

https://bugzilla.suse.com/1222793

https://bugzilla.suse.com/1222796

https://bugzilla.suse.com/1222812

https://bugzilla.suse.com/1222824

https://bugzilla.suse.com/1222829

https://bugzilla.suse.com/1222832

https://bugzilla.suse.com/1222836

https://bugzilla.suse.com/1222838

https://bugzilla.suse.com/1222866

https://bugzilla.suse.com/1222867

https://bugzilla.suse.com/1222869

https://bugzilla.suse.com/1222870

https://bugzilla.suse.com/1222876

https://bugzilla.suse.com/1222878

https://bugzilla.suse.com/1222879

https://bugzilla.suse.com/1222881

https://bugzilla.suse.com/1222883

https://bugzilla.suse.com/1222888

https://bugzilla.suse.com/1222894

https://bugzilla.suse.com/1222901

https://bugzilla.suse.com/1223481

https://bugzilla.suse.com/1223482

https://bugzilla.suse.com/1223484

https://bugzilla.suse.com/1223487

https://bugzilla.suse.com/1223490

https://bugzilla.suse.com/1223496

https://bugzilla.suse.com/1223498

https://bugzilla.suse.com/1223499

https://bugzilla.suse.com/1223501

https://bugzilla.suse.com/1222968

https://bugzilla.suse.com/1222976

https://bugzilla.suse.com/1223012

https://bugzilla.suse.com/1223014

https://bugzilla.suse.com/1223016

https://bugzilla.suse.com/1223024

https://bugzilla.suse.com/1223033

https://bugzilla.suse.com/1223034

https://bugzilla.suse.com/1223035

https://bugzilla.suse.com/1223036

https://bugzilla.suse.com/1223037

https://bugzilla.suse.com/1223041

https://bugzilla.suse.com/1223042

https://bugzilla.suse.com/1223051

https://bugzilla.suse.com/1223052

https://bugzilla.suse.com/1223056

https://bugzilla.suse.com/1223057

https://bugzilla.suse.com/1223058

https://bugzilla.suse.com/1223060

https://bugzilla.suse.com/1223061

https://bugzilla.suse.com/1223065

https://bugzilla.suse.com/1223066

https://bugzilla.suse.com/1223076

https://bugzilla.suse.com/1223078

https://bugzilla.suse.com/1223111

https://bugzilla.suse.com/1223115

https://bugzilla.suse.com/1223118

https://bugzilla.suse.com/1223119

https://bugzilla.suse.com/1223140

https://bugzilla.suse.com/1223187

https://bugzilla.suse.com/1223189

https://bugzilla.suse.com/1223190

https://bugzilla.suse.com/1223191

https://bugzilla.suse.com/1223196

https://bugzilla.suse.com/1223197

https://bugzilla.suse.com/1223198

https://bugzilla.suse.com/1223207

https://bugzilla.suse.com/1223275

https://bugzilla.suse.com/1223323

https://bugzilla.suse.com/1223360

https://bugzilla.suse.com/1223369

https://bugzilla.suse.com/1223380

https://bugzilla.suse.com/1223432

https://bugzilla.suse.com/1223473

https://bugzilla.suse.com/1223474

https://bugzilla.suse.com/1223475

https://bugzilla.suse.com/1223477

https://bugzilla.suse.com/1223478

https://bugzilla.suse.com/1223479

https://www.suse.com/security/cve/CVE-2021-47209

https://www.suse.com/security/cve/CVE-2021-47210

https://www.suse.com/security/cve/CVE-2021-47211

https://www.suse.com/security/cve/CVE-2021-47212

https://www.suse.com/security/cve/CVE-2021-47214

https://www.suse.com/security/cve/CVE-2021-47215

https://www.suse.com/security/cve/CVE-2022-48644

https://www.suse.com/security/cve/CVE-2022-48646

https://www.suse.com/security/cve/CVE-2022-48647

https://www.suse.com/security/cve/CVE-2022-48648

https://www.suse.com/security/cve/CVE-2022-48650

https://www.suse.com/security/cve/CVE-2022-48651

https://www.suse.com/security/cve/CVE-2022-48652

https://www.suse.com/security/cve/CVE-2022-48653

https://www.suse.com/security/cve/CVE-2022-48654

https://www.suse.com/security/cve/CVE-2022-48655

https://www.suse.com/security/cve/CVE-2022-48656

https://www.suse.com/security/cve/CVE-2022-48657

https://www.suse.com/security/cve/CVE-2022-48658

https://www.suse.com/security/cve/CVE-2022-48659

https://www.suse.com/security/cve/CVE-2022-48660

https://www.suse.com/security/cve/CVE-2022-48662

https://www.suse.com/security/cve/CVE-2022-48663

https://www.suse.com/security/cve/CVE-2022-48667

https://www.suse.com/security/cve/CVE-2022-48668

https://www.suse.com/security/cve/CVE-2022-48671

https://www.suse.com/security/cve/CVE-2022-48672

https://www.suse.com/security/cve/CVE-2022-48673

https://www.suse.com/security/cve/CVE-2022-48675

https://www.suse.com/security/cve/CVE-2022-48686

https://www.suse.com/security/cve/CVE-2022-48687

https://www.suse.com/security/cve/CVE-2023-6270

https://www.suse.com/security/cve/CVE-2024-0639

https://www.suse.com/security/cve/CVE-2024-0841

https://www.suse.com/security/cve/CVE-2024-2201

https://www.suse.com/security/cve/CVE-2024-22099

https://www.suse.com/security/cve/CVE-2024-23307

https://www.suse.com/security/cve/CVE-2024-23848

https://www.suse.com/security/cve/CVE-2024-23850

https://www.suse.com/security/cve/CVE-2024-26601

https://www.suse.com/security/cve/CVE-2024-26610

https://www.suse.com/security/cve/CVE-2024-26853

https://www.suse.com/security/cve/CVE-2024-26855

https://www.suse.com/security/cve/CVE-2024-26856

https://www.suse.com/security/cve/CVE-2024-26857

https://www.suse.com/security/cve/CVE-2024-26861

https://www.suse.com/security/cve/CVE-2024-26862

https://www.suse.com/security/cve/CVE-2024-26866

https://www.suse.com/security/cve/CVE-2024-26872

https://www.suse.com/security/cve/CVE-2024-26875

https://www.suse.com/security/cve/CVE-2024-26876

https://www.suse.com/security/cve/CVE-2024-26877

https://www.suse.com/security/cve/CVE-2024-26878

https://www.suse.com/security/cve/CVE-2024-26879

https://www.suse.com/security/cve/CVE-2024-26881

https://www.suse.com/security/cve/CVE-2024-26882

https://www.suse.com/security/cve/CVE-2024-26883

https://www.suse.com/security/cve/CVE-2024-26884

https://www.suse.com/security/cve/CVE-2024-26885

https://www.suse.com/security/cve/CVE-2024-26891

https://www.suse.com/security/cve/CVE-2024-26893

https://www.suse.com/security/cve/CVE-2024-26895

https://www.suse.com/security/cve/CVE-2024-26896

https://www.suse.com/security/cve/CVE-2024-26897

https://www.suse.com/security/cve/CVE-2024-26898

https://www.suse.com/security/cve/CVE-2024-26901

https://www.suse.com/security/cve/CVE-2024-26903

https://www.suse.com/security/cve/CVE-2024-26915

https://bugzilla.suse.com/1223502

https://bugzilla.suse.com/1223503

https://bugzilla.suse.com/1223505

https://bugzilla.suse.com/1223509

https://bugzilla.suse.com/1223511

https://bugzilla.suse.com/1223512

https://bugzilla.suse.com/1223513

https://bugzilla.suse.com/1223516

https://bugzilla.suse.com/1223517

https://bugzilla.suse.com/1223518

https://bugzilla.suse.com/1223519

https://bugzilla.suse.com/1223520

https://bugzilla.suse.com/1223522

https://bugzilla.suse.com/1223523

https://bugzilla.suse.com/1223525

https://bugzilla.suse.com/1223536

https://bugzilla.suse.com/1223539

https://bugzilla.suse.com/1223574

https://bugzilla.suse.com/1223595

https://bugzilla.suse.com/1223598

https://bugzilla.suse.com/1223628

https://bugzilla.suse.com/1223634

https://bugzilla.suse.com/1223640

https://bugzilla.suse.com/1223643

https://bugzilla.suse.com/1223644

https://bugzilla.suse.com/1223645

https://bugzilla.suse.com/1223646

https://bugzilla.suse.com/1223648

https://bugzilla.suse.com/1223655

https://bugzilla.suse.com/1223657

https://bugzilla.suse.com/1223660

https://bugzilla.suse.com/1223661

https://bugzilla.suse.com/1223663

https://bugzilla.suse.com/1223664

https://bugzilla.suse.com/1223668

https://bugzilla.suse.com/1223670

https://bugzilla.suse.com/1223679

https://bugzilla.suse.com/1223686

https://bugzilla.suse.com/1223693

https://bugzilla.suse.com/1223705

https://bugzilla.suse.com/1223714

https://bugzilla.suse.com/1223735

https://bugzilla.suse.com/1223738

https://bugzilla.suse.com/1223745

https://bugzilla.suse.com/1223784

https://bugzilla.suse.com/1223785

https://bugzilla.suse.com/1223790

https://bugzilla.suse.com/1223816

https://bugzilla.suse.com/1223821

https://bugzilla.suse.com/1223822

https://bugzilla.suse.com/1223823

https://bugzilla.suse.com/1223824

https://bugzilla.suse.com/1223827

https://bugzilla.suse.com/1223834

https://bugzilla.suse.com/1223858

https://bugzilla.suse.com/1223875

https://bugzilla.suse.com/1223876

https://bugzilla.suse.com/1223877

https://bugzilla.suse.com/1223878

https://bugzilla.suse.com/1223879

https://bugzilla.suse.com/1223894

https://bugzilla.suse.com/1223921

https://bugzilla.suse.com/1223922

https://bugzilla.suse.com/1223923

https://bugzilla.suse.com/1223924

https://bugzilla.suse.com/1223929

https://bugzilla.suse.com/1223931

https://bugzilla.suse.com/1223932

https://bugzilla.suse.com/1223934

https://bugzilla.suse.com/1223941

https://bugzilla.suse.com/1223948

https://bugzilla.suse.com/1223949

https://bugzilla.suse.com/1223950

https://bugzilla.suse.com/1223951

https://bugzilla.suse.com/1223952

https://bugzilla.suse.com/1223953

https://bugzilla.suse.com/1223956

https://bugzilla.suse.com/1223957

https://bugzilla.suse.com/1223960

https://bugzilla.suse.com/1223962

https://bugzilla.suse.com/1223963

https://bugzilla.suse.com/1223964

https://bugzilla.suse.com/1223996

https://lists.suse.com/pipermail/sle-updates/2024-May/035263.html

https://www.suse.com/security/cve/CVE-2021-47047

https://www.suse.com/security/cve/CVE-2021-47184

https://www.suse.com/security/cve/CVE-2021-47185

https://www.suse.com/security/cve/CVE-2021-47187

https://www.suse.com/security/cve/CVE-2021-47188

https://www.suse.com/security/cve/CVE-2021-47191

https://www.suse.com/security/cve/CVE-2021-47192

https://www.suse.com/security/cve/CVE-2021-47193

https://www.suse.com/security/cve/CVE-2021-47194

https://www.suse.com/security/cve/CVE-2021-47195

https://www.suse.com/security/cve/CVE-2021-47196

https://www.suse.com/security/cve/CVE-2021-47197

https://www.suse.com/security/cve/CVE-2021-47198

https://www.suse.com/security/cve/CVE-2021-47199

https://www.suse.com/security/cve/CVE-2021-47200

https://www.suse.com/security/cve/CVE-2021-47201

https://www.suse.com/security/cve/CVE-2021-47202

https://www.suse.com/security/cve/CVE-2021-47203

https://www.suse.com/security/cve/CVE-2021-47204

https://www.suse.com/security/cve/CVE-2021-47205

https://www.suse.com/security/cve/CVE-2021-47206

https://www.suse.com/security/cve/CVE-2021-47207

https://www.suse.com/security/cve/CVE-2021-47216

https://www.suse.com/security/cve/CVE-2021-47217

https://www.suse.com/security/cve/CVE-2021-47218

https://www.suse.com/security/cve/CVE-2021-47219

https://www.suse.com/security/cve/CVE-2022-48631

https://www.suse.com/security/cve/CVE-2022-48632

https://www.suse.com/security/cve/CVE-2022-48634

https://www.suse.com/security/cve/CVE-2022-48636

https://www.suse.com/security/cve/CVE-2022-48637

https://www.suse.com/security/cve/CVE-2022-48638

https://www.suse.com/security/cve/CVE-2022-48639

https://www.suse.com/security/cve/CVE-2022-48640

https://www.suse.com/security/cve/CVE-2022-48642

https://www.suse.com/security/cve/CVE-2022-48688

https://www.suse.com/security/cve/CVE-2022-48690

https://www.suse.com/security/cve/CVE-2022-48692

https://www.suse.com/security/cve/CVE-2022-48693

https://www.suse.com/security/cve/CVE-2022-48694

https://www.suse.com/security/cve/CVE-2022-48695

https://www.suse.com/security/cve/CVE-2022-48697

https://www.suse.com/security/cve/CVE-2022-48698

https://www.suse.com/security/cve/CVE-2022-48699

https://www.suse.com/security/cve/CVE-2022-48700

https://www.suse.com/security/cve/CVE-2022-48701

https://www.suse.com/security/cve/CVE-2022-48702

https://www.suse.com/security/cve/CVE-2022-48703

https://www.suse.com/security/cve/CVE-2022-48704

https://www.suse.com/security/cve/CVE-2023-2860

https://www.suse.com/security/cve/CVE-2023-52585

https://www.suse.com/security/cve/CVE-2023-52589

https://www.suse.com/security/cve/CVE-2023-52590

https://www.suse.com/security/cve/CVE-2023-52591

https://www.suse.com/security/cve/CVE-2023-52593

https://www.suse.com/security/cve/CVE-2023-52614

https://www.suse.com/security/cve/CVE-2023-52616

https://www.suse.com/security/cve/CVE-2023-52620

https://www.suse.com/security/cve/CVE-2023-52635

https://www.suse.com/security/cve/CVE-2023-52645

https://www.suse.com/security/cve/CVE-2023-52646

https://www.suse.com/security/cve/CVE-2023-52652

https://www.suse.com/security/cve/CVE-2024-26656

https://www.suse.com/security/cve/CVE-2024-26671

https://www.suse.com/security/cve/CVE-2024-26673

https://www.suse.com/security/cve/CVE-2024-26675

https://www.suse.com/security/cve/CVE-2024-26679

https://www.suse.com/security/cve/CVE-2024-26687

https://www.suse.com/security/cve/CVE-2024-26688

https://www.suse.com/security/cve/CVE-2024-26700

https://www.suse.com/security/cve/CVE-2024-26702

https://www.suse.com/security/cve/CVE-2024-26733

https://www.suse.com/security/cve/CVE-2024-26739

https://www.suse.com/security/cve/CVE-2024-26764

https://www.suse.com/security/cve/CVE-2024-26766

https://www.suse.com/security/cve/CVE-2024-26772

https://www.suse.com/security/cve/CVE-2024-26773

https://www.suse.com/security/cve/CVE-2024-26783

https://www.suse.com/security/cve/CVE-2024-26791

https://www.suse.com/security/cve/CVE-2024-26792

https://www.suse.com/security/cve/CVE-2024-26816

https://www.suse.com/security/cve/CVE-2024-26817

https://www.suse.com/security/cve/CVE-2024-26820

https://www.suse.com/security/cve/CVE-2024-26825

https://www.suse.com/security/cve/CVE-2024-26830

https://www.suse.com/security/cve/CVE-2024-26833

https://www.suse.com/security/cve/CVE-2024-26836

https://www.suse.com/security/cve/CVE-2024-26840

https://www.suse.com/security/cve/CVE-2024-26843

https://www.suse.com/security/cve/CVE-2024-26852

https://www.suse.com/security/cve/CVE-2024-26966

https://www.suse.com/security/cve/CVE-2024-26969

https://www.suse.com/security/cve/CVE-2024-26970

https://www.suse.com/security/cve/CVE-2024-26972

https://www.suse.com/security/cve/CVE-2024-26979

https://www.suse.com/security/cve/CVE-2024-26981

https://www.suse.com/security/cve/CVE-2024-26982

https://www.suse.com/security/cve/CVE-2024-26993

https://www.suse.com/security/cve/CVE-2024-27013

https://www.suse.com/security/cve/CVE-2024-27014

https://www.suse.com/security/cve/CVE-2024-27030

https://www.suse.com/security/cve/CVE-2024-26917

https://www.suse.com/security/cve/CVE-2024-26927

https://www.suse.com/security/cve/CVE-2024-26933

https://www.suse.com/security/cve/CVE-2024-26939

https://www.suse.com/security/cve/CVE-2024-26948

https://www.suse.com/security/cve/CVE-2024-26950

https://www.suse.com/security/cve/CVE-2024-26951

https://www.suse.com/security/cve/CVE-2024-26955

https://www.suse.com/security/cve/CVE-2024-26956

https://www.suse.com/security/cve/CVE-2024-26960

https://www.suse.com/security/cve/CVE-2024-26965

https://www.suse.com/security/cve/CVE-2024-27038

https://www.suse.com/security/cve/CVE-2024-27039

https://www.suse.com/security/cve/CVE-2024-27041

https://www.suse.com/security/cve/CVE-2024-27042

https://www.suse.com/security/cve/CVE-2024-27043

https://www.suse.com/security/cve/CVE-2024-27046

https://www.suse.com/security/cve/CVE-2024-27056

https://www.suse.com/security/cve/CVE-2024-27059

https://www.suse.com/security/cve/CVE-2024-27062

https://www.suse.com/security/cve/CVE-2024-27389

Plugin Details

Severity: High

ID: 197056

File Name: suse_SU-2024-1644-1.nasl

Version: 1.3

Type: local

Agent: unix

Published: 5/15/2024

Updated: 8/28/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-26933

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-source-azure, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-devel-azure, p-cpe:/a:novell:suse_linux:kernel-azure, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/14/2024

Vulnerability Publication Date: 9/30/2022

Reference Information

CVE: CVE-2021-47047, CVE-2021-47184, CVE-2021-47185, CVE-2021-47187, CVE-2021-47188, CVE-2021-47191, CVE-2021-47192, CVE-2021-47193, CVE-2021-47194, CVE-2021-47195, CVE-2021-47196, CVE-2021-47197, CVE-2021-47198, CVE-2021-47199, CVE-2021-47200, CVE-2021-47201, CVE-2021-47202, CVE-2021-47203, CVE-2021-47204, CVE-2021-47205, CVE-2021-47206, CVE-2021-47207, CVE-2021-47209, CVE-2021-47210, CVE-2021-47211, CVE-2021-47212, CVE-2021-47214, CVE-2021-47215, CVE-2021-47216, CVE-2021-47217, CVE-2021-47218, CVE-2021-47219, CVE-2022-48631, CVE-2022-48632, CVE-2022-48634, CVE-2022-48636, CVE-2022-48637, CVE-2022-48638, CVE-2022-48639, CVE-2022-48640, CVE-2022-48642, CVE-2022-48644, CVE-2022-48646, CVE-2022-48647, CVE-2022-48648, CVE-2022-48650, CVE-2022-48651, CVE-2022-48652, CVE-2022-48653, CVE-2022-48654, CVE-2022-48655, CVE-2022-48656, CVE-2022-48657, CVE-2022-48658, CVE-2022-48659, CVE-2022-48660, CVE-2022-48662, CVE-2022-48663, CVE-2022-48667, CVE-2022-48668, CVE-2022-48671, CVE-2022-48672, CVE-2022-48673, CVE-2022-48675, CVE-2022-48686, CVE-2022-48687, CVE-2022-48688, CVE-2022-48690, CVE-2022-48692, CVE-2022-48693, CVE-2022-48694, CVE-2022-48695, CVE-2022-48697, CVE-2022-48698, CVE-2022-48699, CVE-2022-48700, CVE-2022-48701, CVE-2022-48702, CVE-2022-48703, CVE-2022-48704, CVE-2023-2860, CVE-2023-52585, CVE-2023-52589, CVE-2023-52590, CVE-2023-52591, CVE-2023-52593, CVE-2023-52614, CVE-2023-52616, CVE-2023-52620, CVE-2023-52635, CVE-2023-52645, CVE-2023-52646, CVE-2023-52652, CVE-2023-6270, CVE-2024-0639, CVE-2024-0841, CVE-2024-2201, CVE-2024-22099, CVE-2024-23307, CVE-2024-23848, CVE-2024-23850, CVE-2024-26601, CVE-2024-26610, CVE-2024-26656, CVE-2024-26671, CVE-2024-26673, CVE-2024-26675, CVE-2024-26679, CVE-2024-26687, CVE-2024-26688, CVE-2024-26700, CVE-2024-26702, CVE-2024-26733, CVE-2024-26739, CVE-2024-26764, CVE-2024-26766, CVE-2024-26772, CVE-2024-26773, CVE-2024-26783, CVE-2024-26791, CVE-2024-26792, CVE-2024-26816, CVE-2024-26817, CVE-2024-26820, CVE-2024-26825, CVE-2024-26830, CVE-2024-26833, CVE-2024-26836, CVE-2024-26840, CVE-2024-26843, CVE-2024-26852, CVE-2024-26853, CVE-2024-26855, CVE-2024-26856, CVE-2024-26857, CVE-2024-26861, CVE-2024-26862, CVE-2024-26866, CVE-2024-26872, CVE-2024-26875, CVE-2024-26876, CVE-2024-26877, CVE-2024-26878, CVE-2024-26879, CVE-2024-26881, CVE-2024-26882, CVE-2024-26883, CVE-2024-26884, CVE-2024-26885, CVE-2024-26891, CVE-2024-26893, CVE-2024-26895, CVE-2024-26896, CVE-2024-26897, CVE-2024-26898, CVE-2024-26901, CVE-2024-26903, CVE-2024-26915, CVE-2024-26917, CVE-2024-26927, CVE-2024-26933, CVE-2024-26939, CVE-2024-26948, CVE-2024-26950, CVE-2024-26951, CVE-2024-26955, CVE-2024-26956, CVE-2024-26960, CVE-2024-26965, CVE-2024-26966, CVE-2024-26969, CVE-2024-26970, CVE-2024-26972, CVE-2024-26979, CVE-2024-26981, CVE-2024-26982, CVE-2024-26993, CVE-2024-27013, CVE-2024-27014, CVE-2024-27030, CVE-2024-27038, CVE-2024-27039, CVE-2024-27041, CVE-2024-27042, CVE-2024-27043, CVE-2024-27046, CVE-2024-27056, CVE-2024-27059, CVE-2024-27062, CVE-2024-27389

SuSE: SUSE-SU-2024:1644-1