Language:
https://lists.suse.com/pipermail/sle-updates/2024-July/035864.html
https://www.suse.com/security/cve/CVE-2020-10135
https://www.suse.com/security/cve/CVE-2021-3896
https://www.suse.com/security/cve/CVE-2021-43389
https://www.suse.com/security/cve/CVE-2021-4439
https://www.suse.com/security/cve/CVE-2021-47247
https://www.suse.com/security/cve/CVE-2021-47311
https://www.suse.com/security/cve/CVE-2021-47328
https://www.suse.com/security/cve/CVE-2021-47368
https://www.suse.com/security/cve/CVE-2021-47372
https://www.suse.com/security/cve/CVE-2021-47379
https://www.suse.com/security/cve/CVE-2021-47571
https://www.suse.com/security/cve/CVE-2021-47583
https://www.suse.com/security/cve/CVE-2022-0435
https://www.suse.com/security/cve/CVE-2022-22942
https://www.suse.com/security/cve/CVE-2022-2938
https://www.suse.com/security/cve/CVE-2022-48711
https://www.suse.com/security/cve/CVE-2022-48760
https://www.suse.com/security/cve/CVE-2022-48771
https://www.suse.com/security/cve/CVE-2023-24023
https://www.suse.com/security/cve/CVE-2023-52707
https://www.suse.com/security/cve/CVE-2023-52752
https://www.suse.com/security/cve/CVE-2023-52881
https://www.suse.com/security/cve/CVE-2024-26921
https://www.suse.com/security/cve/CVE-2024-26923
https://www.suse.com/security/cve/CVE-2024-35789
https://www.suse.com/security/cve/CVE-2024-35861
https://www.suse.com/security/cve/CVE-2024-35862
https://www.suse.com/security/cve/CVE-2024-35864
https://www.suse.com/security/cve/CVE-2024-35878
https://www.suse.com/security/cve/CVE-2024-35950
https://www.suse.com/security/cve/CVE-2024-36894
https://www.suse.com/security/cve/CVE-2024-36904
https://www.suse.com/security/cve/CVE-2024-36940
https://www.suse.com/security/cve/CVE-2024-36964
https://www.suse.com/security/cve/CVE-2024-38541
https://www.suse.com/security/cve/CVE-2024-38545
https://www.suse.com/security/cve/CVE-2024-38559
https://www.suse.com/security/cve/CVE-2024-38560
https://bugzilla.suse.com/1171988
https://bugzilla.suse.com/1191958
https://bugzilla.suse.com/1195065
https://bugzilla.suse.com/1195254
https://bugzilla.suse.com/1202623
https://bugzilla.suse.com/1218148
https://bugzilla.suse.com/1219224
https://bugzilla.suse.com/1222015
https://bugzilla.suse.com/1223138
https://bugzilla.suse.com/1223384
https://bugzilla.suse.com/1224671
https://bugzilla.suse.com/1224703
https://bugzilla.suse.com/1224749
https://bugzilla.suse.com/1224764
https://bugzilla.suse.com/1224765
https://bugzilla.suse.com/1224766
https://bugzilla.suse.com/1224865
https://bugzilla.suse.com/1225010
https://bugzilla.suse.com/1225047
https://bugzilla.suse.com/1225109
https://bugzilla.suse.com/1225161
https://bugzilla.suse.com/1225184
https://bugzilla.suse.com/1225203
https://bugzilla.suse.com/1225487
https://bugzilla.suse.com/1225518
https://bugzilla.suse.com/1225611
https://bugzilla.suse.com/1225732
https://bugzilla.suse.com/1225749
https://bugzilla.suse.com/1225840
https://bugzilla.suse.com/1225866
https://bugzilla.suse.com/1226563
https://bugzilla.suse.com/1226587
https://bugzilla.suse.com/1226595
https://bugzilla.suse.com/1226670
https://bugzilla.suse.com/1226672
https://bugzilla.suse.com/1226712
https://bugzilla.suse.com/1226732
https://bugzilla.suse.com/1226758
Severity: High
ID: 202104
File Name: suse_SU-2024-2365-1.nasl
Version: 1.3
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 7/10/2024
Updated: 8/28/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Factor: Critical
Score: 9.4
Risk Factor: High
Base Score: 9
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2022-0435
Risk Factor: High
Base Score: 8.8
Temporal Score: 8.4
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CPE: p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-preempt-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150200_24_197-default, p-cpe:/a:novell:suse_linux:kernel-preempt, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 7/9/2024
Vulnerability Publication Date: 5/19/2020
Metasploit (vmwgfx Driver File Descriptor Handling Priv Esc)
CVE: CVE-2020-10135, CVE-2021-3896, CVE-2021-43389, CVE-2021-4439, CVE-2021-47247, CVE-2021-47311, CVE-2021-47328, CVE-2021-47368, CVE-2021-47372, CVE-2021-47379, CVE-2021-47571, CVE-2021-47583, CVE-2022-0435, CVE-2022-22942, CVE-2022-2938, CVE-2022-48711, CVE-2022-48760, CVE-2022-48771, CVE-2023-24023, CVE-2023-52707, CVE-2023-52752, CVE-2023-52881, CVE-2024-26921, CVE-2024-26923, CVE-2024-35789, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35878, CVE-2024-35950, CVE-2024-36894, CVE-2024-36904, CVE-2024-36940, CVE-2024-36964, CVE-2024-38541, CVE-2024-38545, CVE-2024-38559, CVE-2024-38560
SuSE: SUSE-SU-2024:2365-1