SUSE SLES15 Security Update : kernel (SUSE-SU-2024:3553-1)

high Nessus Plugin ID 208425

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3553-1 advisory.

The SUSE Linux Enterprise 15 SP6 CoCo kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
- CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
- CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
- CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
- CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
- CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
- CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
- CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
- CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
- CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
- CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
- CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
- CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
- CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
- CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
- CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
- CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
- CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
- CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
- CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
- CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
- CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
- CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
- CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
- CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
- CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
- CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 (bsc#1230435).
- CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
- CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
- CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
- CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
- CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
- CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
- CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
- CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() (bsc#1230518).
- CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
- CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
- CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
- CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
- CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
- CVE-2024-46727: Fixed NULL pointer dereference in resource_log_pipe_topology_update (bsc#1230707).
- CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
- CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
- CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
- CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).
- CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
- CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
- CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
- CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
- CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
- CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
- CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 208425

File Name: suse_SU-2024-3553-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 10/9/2024

Updated: 10/9/2024

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-46798

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-coco_debug, p-cpe:/a:novell:suse_linux:kernel-syms-coco, p-cpe:/a:novell:suse_linux:kernel-coco, p-cpe:/a:novell:suse_linux:kernel-source-coco, p-cpe:/a:novell:suse_linux:kernel-coco_debug-devel, p-cpe:/a:novell:suse_linux:kernel-devel-coco, p-cpe:/a:novell:suse_linux:reiserfs-kmp-coco, p-cpe:/a:novell:suse_linux:kernel-coco-devel, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/8/2024

Vulnerability Publication Date: 4/3/2024

Reference Information

CVE: CVE-2023-52752, CVE-2023-52915, CVE-2023-52916, CVE-2024-26759, CVE-2024-26804, CVE-2024-36953, CVE-2024-38538, CVE-2024-38632, CVE-2024-40965, CVE-2024-40973, CVE-2024-40983, CVE-2024-42154, CVE-2024-42252, CVE-2024-43832, CVE-2024-43835, CVE-2024-43870, CVE-2024-43886, CVE-2024-43890, CVE-2024-43904, CVE-2024-43914, CVE-2024-44946, CVE-2024-44947, CVE-2024-44948, CVE-2024-44952, CVE-2024-44954, CVE-2024-44960, CVE-2024-44961, CVE-2024-44962, CVE-2024-44965, CVE-2024-44967, CVE-2024-44969, CVE-2024-44970, CVE-2024-44971, CVE-2024-44972, CVE-2024-44977, CVE-2024-44982, CVE-2024-44984, CVE-2024-44986, CVE-2024-44987, CVE-2024-44988, CVE-2024-44989, CVE-2024-44990, CVE-2024-44991, CVE-2024-44997, CVE-2024-44999, CVE-2024-45000, CVE-2024-45001, CVE-2024-45002, CVE-2024-45005, CVE-2024-45006, CVE-2024-45007, CVE-2024-45008, CVE-2024-45011, CVE-2024-45012, CVE-2024-45013, CVE-2024-45015, CVE-2024-45017, CVE-2024-45018, CVE-2024-45019, CVE-2024-45020, CVE-2024-45021, CVE-2024-45022, CVE-2024-45023, CVE-2024-45026, CVE-2024-45028, CVE-2024-45029, CVE-2024-45030, CVE-2024-46672, CVE-2024-46673, CVE-2024-46674, CVE-2024-46675, CVE-2024-46676, CVE-2024-46677, CVE-2024-46679, CVE-2024-46685, CVE-2024-46686, CVE-2024-46687, CVE-2024-46689, CVE-2024-46691, CVE-2024-46692, CVE-2024-46693, CVE-2024-46694, CVE-2024-46695, CVE-2024-46702, CVE-2024-46706, CVE-2024-46707, CVE-2024-46709, CVE-2024-46710, CVE-2024-46711, CVE-2024-46714, CVE-2024-46715, CVE-2024-46716, CVE-2024-46717, CVE-2024-46719, CVE-2024-46720, CVE-2024-46722, CVE-2024-46723, CVE-2024-46724, CVE-2024-46725, CVE-2024-46726, CVE-2024-46727, CVE-2024-46728, CVE-2024-46729, CVE-2024-46730, CVE-2024-46731, CVE-2024-46732, CVE-2024-46734, CVE-2024-46735, CVE-2024-46737, CVE-2024-46738, CVE-2024-46739, CVE-2024-46741, CVE-2024-46743, CVE-2024-46744, CVE-2024-46745, CVE-2024-46746, CVE-2024-46747, CVE-2024-46749, CVE-2024-46750, CVE-2024-46751, CVE-2024-46752, CVE-2024-46753, CVE-2024-46755, CVE-2024-46756, CVE-2024-46757, CVE-2024-46758, CVE-2024-46759, CVE-2024-46760, CVE-2024-46761, CVE-2024-46767, CVE-2024-46771, CVE-2024-46772, CVE-2024-46773, CVE-2024-46774, CVE-2024-46776, CVE-2024-46778, CVE-2024-46780, CVE-2024-46781, CVE-2024-46783, CVE-2024-46784, CVE-2024-46786, CVE-2024-46787, CVE-2024-46791, CVE-2024-46794, CVE-2024-46797, CVE-2024-46798, CVE-2024-46822

SuSE: SUSE-SU-2024:3553-1

Detections

Analytics