Detections
Analytics

SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2495-1)

high Nessus Plugin ID 202569

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2495-1 advisory.

 The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.


 The following security bugs were fixed:

 - CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
 - CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
 - CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
 - CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
 - CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
 - CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
 - CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
 - CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634,).
 - CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595)
 - CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
 - CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).
 - CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
 - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
 - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
 - CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).
 - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()(bsc#1224766).
 - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
 - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
 - CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
 - CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
 - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
 - CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
 - CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
 - CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
 - CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
 - CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
 - CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
 - CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).

 The following non-security bugs were fixed:

 - Revert 'build initrd without systemd' (bsc#1195775)'
 - cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
 - cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
 - cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
 - cgroup: Remove unnecessary list_empty() (bsc#1222254).
 - cgroup: preserve KABI of cgroup_root (bsc#1222254).
 - ocfs2: adjust enabling place for la window (bsc#1219224).
 - ocfs2: fix sparse warnings (bsc#1219224).
 - ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
 - ocfs2: speed up chain-list searching (bsc#1219224).
 - random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
 - rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212).
 - rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211).
 - scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1216124).
 - smb: client: ensure to try all targets when finding nested links (bsc#1224020).
 - x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
 - xfs: do not include bnobt blocks when reserving free block pool (bsc#1226270).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1195775

https://bugzilla.suse.com/1216124

https://bugzilla.suse.com/1218148

https://bugzilla.suse.com/1219224

https://bugzilla.suse.com/1220492

https://bugzilla.suse.com/1222015

https://bugzilla.suse.com/1222254

https://bugzilla.suse.com/1222678

https://bugzilla.suse.com/1223384

https://bugzilla.suse.com/1224020

https://bugzilla.suse.com/1224679

https://bugzilla.suse.com/1224696

https://bugzilla.suse.com/1224703

https://bugzilla.suse.com/1224749

https://bugzilla.suse.com/1224764

https://bugzilla.suse.com/1224765

https://bugzilla.suse.com/1224766

https://bugzilla.suse.com/1224935

https://bugzilla.suse.com/1225098

https://bugzilla.suse.com/1225467

https://bugzilla.suse.com/1225487

https://bugzilla.suse.com/1225518

https://bugzilla.suse.com/1225611

https://bugzilla.suse.com/1225732

https://bugzilla.suse.com/1225737

https://bugzilla.suse.com/1225749

https://bugzilla.suse.com/1225840

https://bugzilla.suse.com/1225866

https://bugzilla.suse.com/1226145

https://bugzilla.suse.com/1226211

https://bugzilla.suse.com/1226212

https://bugzilla.suse.com/1226270

https://bugzilla.suse.com/1226587

https://bugzilla.suse.com/1226595

https://bugzilla.suse.com/1226634

https://bugzilla.suse.com/1226758

https://bugzilla.suse.com/1226785

https://bugzilla.suse.com/1226786

https://bugzilla.suse.com/1226789

https://bugzilla.suse.com/1226953

https://bugzilla.suse.com/1226962

http://www.nessus.org/u?ad7d0f65

https://www.suse.com/security/cve/CVE-2021-47555

https://www.suse.com/security/cve/CVE-2021-47571

https://www.suse.com/security/cve/CVE-2023-24023

https://www.suse.com/security/cve/CVE-2023-52670

https://www.suse.com/security/cve/CVE-2023-52752

https://www.suse.com/security/cve/CVE-2023-52837

https://www.suse.com/security/cve/CVE-2023-52846

https://www.suse.com/security/cve/CVE-2023-52881

https://www.suse.com/security/cve/CVE-2024-26745

https://www.suse.com/security/cve/CVE-2024-26923

https://www.suse.com/security/cve/CVE-2024-35789

https://www.suse.com/security/cve/CVE-2024-35861

https://www.suse.com/security/cve/CVE-2024-35862

https://www.suse.com/security/cve/CVE-2024-35864

https://www.suse.com/security/cve/CVE-2024-35869

https://www.suse.com/security/cve/CVE-2024-35950

https://www.suse.com/security/cve/CVE-2024-36894

https://www.suse.com/security/cve/CVE-2024-36899

https://www.suse.com/security/cve/CVE-2024-36904

https://www.suse.com/security/cve/CVE-2024-36940

https://www.suse.com/security/cve/CVE-2024-36964

https://www.suse.com/security/cve/CVE-2024-36971

https://www.suse.com/security/cve/CVE-2024-38541

https://www.suse.com/security/cve/CVE-2024-38545

https://www.suse.com/security/cve/CVE-2024-38559

https://www.suse.com/security/cve/CVE-2024-38560

https://www.suse.com/security/cve/CVE-2024-38564

https://www.suse.com/security/cve/CVE-2024-38578

Plugin Details

Severity: High

ID: 202569

File Name: suse_SU-2024-2495-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 7/17/2024

Updated: 7/17/2024

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-36971

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150400_24_125-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-64kb, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/16/2024

Vulnerability Publication Date: 11/14/2023

Reference Information

CVE: CVE-2021-47555, CVE-2021-47571, CVE-2023-24023, CVE-2023-52670, CVE-2023-52752, CVE-2023-52837, CVE-2023-52846, CVE-2023-52881, CVE-2024-26745, CVE-2024-26923, CVE-2024-35789, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35950, CVE-2024-36894, CVE-2024-36899, CVE-2024-36904, CVE-2024-36940, CVE-2024-36964, CVE-2024-36971, CVE-2024-38541, CVE-2024-38545, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38578

SuSE: SUSE-SU-2024:2495-1