SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2183-1)

critical Nessus Plugin ID 200932

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2183-1 advisory.

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).
- CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).
- CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208).
- CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
- CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
- CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).
- CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)
- CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301)
- CVE-2022-48673: kABI workarounds for struct smc_link (bsc#1223934).
- CVE-2023-52871: Handle a second device without data corruption (bsc#1225534)
- CVE-2024-26828: Fix underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-27413: Fix incorrect allocation size (bsc#1224438).
- CVE-2023-52840: Fix use after free in rmi_unregister_function() (bsc#1224928).
- CVE-2021-47261: Fix initializing CQ fragments buffer (bsc#1224954)
- CVE-2021-47254: Fix use-after-free in gfs2_glock_shrink_scan (bsc#1224888).
- CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).
- CVE-2023-52686: Fix a null pointer in opal_event_init() (bsc#1065729).

The following non-security bugs were fixed:

- NFC: nxp: add NXP1002 (bsc#1185589).
- PCI: rpaphp: Add MODULE_DESCRIPTION (bsc#1176869 ltc#188243).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
- btrfs: do not start relocation until in progress drops are done (bsc#1222251).
- md: Replace snprintf with scnprintf (git-fixes).
- netfilter: nf_tables: GC transaction race with abort path (git-fixes).
- netfilter: nf_tables: GC transaction race with netns dismantle (git-fixes).
- netfilter: nf_tables: defer gc run if previous batch is still pending (git-fixes).
- netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path (git-fixes).
- netfilter: nf_tables: fix kdoc warnings after gc rework (git-fixes).
- netfilter: nf_tables: fix memleak when more than 255 elements expired (git-fixes).
- netfilter: nf_tables: mark newset as dead on transaction abort (git-fixes).
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (git-fixes).
- netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure (git-fixes).
- netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path (git-fixes).
- netfilter: nf_tables: skip dead set elements in netlink dump (git-fixes).
- netfilter: nf_tables: use correct lock to protect gc_list (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_rbtree: Add missing expired checks (git-fixes).
- netfilter: nft_set_rbtree: Detect partial overlap with start endpoint match (git-fixes).
- netfilter: nft_set_rbtree: Detect partial overlaps on insertion (git-fixes).
- netfilter: nft_set_rbtree: Do not account for expired elements on insertion (git-fixes).
- netfilter: nft_set_rbtree: Drop spurious condition for overlap detection on insertion (git-fixes).
- netfilter: nft_set_rbtree: Handle outcomes of tree rotations in overlap detection (git-fixes).
- netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() (git-fixes).
- netfilter: nft_set_rbtree: Switch to node list walk for overlap detection (git-fixes).
- netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets (git-fixes).
- netfilter: nft_set_rbtree: fix null deref on element insertion (git-fixes).
- netfilter: nft_set_rbtree: fix overlap expiration walk (git-fixes).
- netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion (git-fixes).
- netfilter: nft_set_rbtree: skip elements in transaction from garbage collection (git-fixes).
- netfilter: nft_set_rbtree: skip end interval element from gc (git-fixes).
- netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction (git-fixes).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).
- x86/pkeys: Revert a5eff7259790 ('x86/pkeys: Add PKRU value to init_fpstate') (bsc#1215356).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: Critical

ID: 200932

File Name: suse_SU-2024-2183-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 6/25/2024

Updated: 6/25/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2021-43527

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-preempt-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150200_24_194-default, p-cpe:/a:novell:suse_linux:kernel-preempt, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/24/2024

Vulnerability Publication Date: 10/28/2021

Reference Information

CVE: CVE-2021-3743, CVE-2021-39698, CVE-2021-43056, CVE-2021-43527, CVE-2021-47104, CVE-2021-47220, CVE-2021-47229, CVE-2021-47231, CVE-2021-47236, CVE-2021-47239, CVE-2021-47240, CVE-2021-47246, CVE-2021-47252, CVE-2021-47254, CVE-2021-47255, CVE-2021-47259, CVE-2021-47260, CVE-2021-47261, CVE-2021-47267, CVE-2021-47269, CVE-2021-47270, CVE-2021-47274, CVE-2021-47275, CVE-2021-47276, CVE-2021-47280, CVE-2021-47284, CVE-2021-47285, CVE-2021-47288, CVE-2021-47289, CVE-2021-47296, CVE-2021-47301, CVE-2021-47302, CVE-2021-47305, CVE-2021-47307, CVE-2021-47308, CVE-2021-47314, CVE-2021-47315, CVE-2021-47320, CVE-2021-47321, CVE-2021-47323, CVE-2021-47324, CVE-2021-47330, CVE-2021-47332, CVE-2021-47333, CVE-2021-47334, CVE-2021-47338, CVE-2021-47341, CVE-2021-47344, CVE-2021-47347, CVE-2021-47350, CVE-2021-47354, CVE-2021-47356, CVE-2021-47369, CVE-2021-47375, CVE-2021-47378, CVE-2021-47381, CVE-2021-47382, CVE-2021-47383, CVE-2021-47388, CVE-2021-47391, CVE-2021-47393, CVE-2021-47395, CVE-2021-47396, CVE-2021-47399, CVE-2021-47402, CVE-2021-47404, CVE-2021-47405, CVE-2021-47416, CVE-2021-47423, CVE-2021-47424, CVE-2021-47425, CVE-2021-47431, CVE-2021-47434, CVE-2021-47436, CVE-2021-47441, CVE-2021-47442, CVE-2021-47443, CVE-2021-47445, CVE-2021-47456, CVE-2021-47460, CVE-2021-47464, CVE-2021-47465, CVE-2021-47468, CVE-2021-47473, CVE-2021-47482, CVE-2021-47483, CVE-2021-47485, CVE-2021-47495, CVE-2021-47496, CVE-2021-47497, CVE-2021-47500, CVE-2021-47505, CVE-2021-47506, CVE-2021-47511, CVE-2021-47516, CVE-2021-47522, CVE-2021-47538, CVE-2021-47541, CVE-2021-47542, CVE-2021-47562, CVE-2021-47563, CVE-2021-47565, CVE-2022-20132, CVE-2022-48673, CVE-2023-0160, CVE-2023-1829, CVE-2023-2176, CVE-2023-4244, CVE-2023-47233, CVE-2023-52433, CVE-2023-52581, CVE-2023-52591, CVE-2023-52654, CVE-2023-52655, CVE-2023-52686, CVE-2023-52840, CVE-2023-52871, CVE-2023-52880, CVE-2023-6531, CVE-2024-26581, CVE-2024-26643, CVE-2024-26828, CVE-2024-26925, CVE-2024-26929, CVE-2024-26930, CVE-2024-27398, CVE-2024-27413, CVE-2024-35811, CVE-2024-35895, CVE-2024-35914

SuSE: SUSE-SU-2024:2183-1

Detections

Analytics