SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3566-1)

high Nessus Plugin ID 208672

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3566-1 advisory.

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
- CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
- CVE-2024-41073: nvme: avoid double free special payload (bsc#1228635).
- CVE-2024-41079: nvmet: always initialize cqe.result (bsc#1228615).
- CVE-2024-46859: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (bsc#1231089).
- CVE-2024-46853: spi: nxp-fspi: fix the KASAN report out-of-bounds bug (bsc#1231083).
- CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
- CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620 CVE-2024-41082).
- CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
- CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
- CVE-2024-46731: drm/amd/pm: fix the Out-of-bounds read warning (bsc#1230709).
- CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
- CVE-2024-46722: drm/amdgpu: fix mc_data out-of-bounds read warning (bsc#1230712).
- CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
- CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633).
- CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
- CVE-2024-46761: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (bsc#1230761).
- CVE-2024-46759: hwmon: (adc128d818) Fix underflows seen when writing limit attributes (bsc#1230814).
- CVE-2024-46745: Input: uinput - reject requests with unreasonable number of slots (bsc#1230748).
- CVE-2024-46738: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (bsc#1230731).
- CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
- CVE-2024-44982: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (bsc#1230204).
- CVE-2024-46723: drm/amdgpu: fix ucode out-of-bounds read warning (bsc#1230702).
- CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
- CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
- CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
- CVE-2024-46744: Squashfs: sanity check symbolic link size (bsc#1230747).
- CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
- CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access (bsc#1230700).
- CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
- CVE-2024-46675: usb: dwc3: core: Prevent USB core invalid event buffer address access (bsc#1230533).
- CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
- CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
- CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
- CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
- CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
- CVE-2024-46676: nfc: pn533: Add poll mod list filling check (bsc#1230535).
- CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
- CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
- CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 (bsc#1230582).
- CVE-2022-48799: perf: Fix list corruption in perf_cgroup_switch() (bsc#1227953).
- CVE-2022-48789: nvme-tcp: fix possible use-after-free in transport error_recovery work (bsc#1228000).
- CVE-2022-48790: nvme: fix a possible use-after-free in controller reset during load (bsc#1227941).
- CVE-2024-41000: block/ioctl: prefer different overflow check (bsc#1227867).
- CVE-2024-44948: x86/mtrr: Check if fixed MTRRs exist before saving them (bsc#1230174).
- CVE-2022-48788: nvme-rdma: fix possible use-after-free in transport error_recovery work (bsc#1227952).
- CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
- CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
- CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
- CVE-2022-48943: KVM: x86/mmu: make apf token non-zero to fix bug (bsc#1229645).
- CVE-2023-52915: media: dvb-usb-v2: af9035: fix missing unlock (bsc#1230270).
- CVE-2022-48844: Bluetooth: hci_core: Fix leaking sent_cmd skb (bsc#1228068).
- CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
- CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
- CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
- CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
- CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
- CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
- CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
- CVE-2024-27024: net/rds: fix WARNING in rds_conn_connect_if_down (bsc#1223777).
- CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
- CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
- CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race (bsc#1230178).
- CVE-2021-47387: cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (bsc#1225316).
- CVE-2024-44969: s390/sclp: Prevent release of buffer in I/O (bsc#1230200).
- CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
- CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
- CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
- CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1054914

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1207341

https://bugzilla.suse.com/1223777

https://bugzilla.suse.com/1225316

https://bugzilla.suse.com/1226669

https://bugzilla.suse.com/1226846

https://bugzilla.suse.com/1226860

https://bugzilla.suse.com/1226878

https://bugzilla.suse.com/1227487

https://bugzilla.suse.com/1227867

https://bugzilla.suse.com/1227890

https://bugzilla.suse.com/1227917

https://bugzilla.suse.com/1227941

https://bugzilla.suse.com/1227952

https://bugzilla.suse.com/1227953

https://bugzilla.suse.com/1228000

https://bugzilla.suse.com/1228002

https://bugzilla.suse.com/1228068

https://bugzilla.suse.com/1228507

https://bugzilla.suse.com/1228615

https://bugzilla.suse.com/1228620

https://bugzilla.suse.com/1228635

https://bugzilla.suse.com/1229334

https://bugzilla.suse.com/1229362

https://bugzilla.suse.com/1229363

https://bugzilla.suse.com/1229456

https://bugzilla.suse.com/1229457

https://bugzilla.suse.com/1229633

https://bugzilla.suse.com/1229645

https://bugzilla.suse.com/1229739

https://bugzilla.suse.com/1229753

https://bugzilla.suse.com/1229764

https://bugzilla.suse.com/1229768

https://bugzilla.suse.com/1229790

https://bugzilla.suse.com/1229830

https://bugzilla.suse.com/1229912

https://bugzilla.suse.com/1230015

https://bugzilla.suse.com/1230151

https://bugzilla.suse.com/1230171

https://bugzilla.suse.com/1230174

https://bugzilla.suse.com/1230176

https://bugzilla.suse.com/1230178

https://bugzilla.suse.com/1230180

https://bugzilla.suse.com/1230185

https://bugzilla.suse.com/1230200

https://bugzilla.suse.com/1230204

https://bugzilla.suse.com/1230212

https://bugzilla.suse.com/1230233

https://bugzilla.suse.com/1230248

https://bugzilla.suse.com/1230270

https://bugzilla.suse.com/1230398

https://bugzilla.suse.com/1230506

https://bugzilla.suse.com/1230515

https://bugzilla.suse.com/1230517

https://bugzilla.suse.com/1230533

https://bugzilla.suse.com/1230535

https://bugzilla.suse.com/1230549

https://bugzilla.suse.com/1230556

https://bugzilla.suse.com/1230582

https://bugzilla.suse.com/1230589

https://bugzilla.suse.com/1230620

https://bugzilla.suse.com/1230699

https://bugzilla.suse.com/1230700

https://bugzilla.suse.com/1230702

https://bugzilla.suse.com/1230707

https://bugzilla.suse.com/1230709

https://bugzilla.suse.com/1230710

https://bugzilla.suse.com/1230712

https://bugzilla.suse.com/1230719

https://bugzilla.suse.com/1230724

https://bugzilla.suse.com/1230730

https://bugzilla.suse.com/1230731

https://bugzilla.suse.com/1230732

https://bugzilla.suse.com/1230747

https://bugzilla.suse.com/1230748

https://bugzilla.suse.com/1230751

https://bugzilla.suse.com/1230752

https://bugzilla.suse.com/1230756

https://bugzilla.suse.com/1230761

https://bugzilla.suse.com/1230763

https://bugzilla.suse.com/1230767

https://bugzilla.suse.com/1230771

https://bugzilla.suse.com/1230772

https://bugzilla.suse.com/1230776

https://bugzilla.suse.com/1230783

https://bugzilla.suse.com/1230791

https://bugzilla.suse.com/1230796

https://bugzilla.suse.com/1230810

https://bugzilla.suse.com/1230814

https://bugzilla.suse.com/1230815

https://bugzilla.suse.com/1230826

https://bugzilla.suse.com/1231083

https://bugzilla.suse.com/1231084

https://bugzilla.suse.com/1231089

https://bugzilla.suse.com/1231120

https://bugzilla.suse.com/1231146

https://bugzilla.suse.com/1231184

http://www.nessus.org/u?dbc050ed

https://www.suse.com/security/cve/CVE-2021-4442

https://www.suse.com/security/cve/CVE-2021-47387

https://www.suse.com/security/cve/CVE-2021-47408

https://www.suse.com/security/cve/CVE-2021-47620

https://www.suse.com/security/cve/CVE-2021-47622

https://www.suse.com/security/cve/CVE-2022-48788

https://www.suse.com/security/cve/CVE-2022-48789

https://www.suse.com/security/cve/CVE-2022-48790

https://www.suse.com/security/cve/CVE-2022-48791

https://www.suse.com/security/cve/CVE-2022-48799

https://www.suse.com/security/cve/CVE-2022-48844

https://www.suse.com/security/cve/CVE-2022-48911

https://www.suse.com/security/cve/CVE-2022-48943

https://www.suse.com/security/cve/CVE-2022-48945

https://www.suse.com/security/cve/CVE-2023-52766

https://www.suse.com/security/cve/CVE-2023-52915

https://www.suse.com/security/cve/CVE-2024-27024

https://www.suse.com/security/cve/CVE-2024-38381

https://www.suse.com/security/cve/CVE-2024-38596

https://www.suse.com/security/cve/CVE-2024-38632

https://www.suse.com/security/cve/CVE-2024-40973

https://www.suse.com/security/cve/CVE-2024-41000

https://www.suse.com/security/cve/CVE-2024-41073

https://www.suse.com/security/cve/CVE-2024-41079

https://www.suse.com/security/cve/CVE-2024-41082

https://www.suse.com/security/cve/CVE-2024-42154

https://www.suse.com/security/cve/CVE-2024-42265

https://www.suse.com/security/cve/CVE-2024-42305

https://www.suse.com/security/cve/CVE-2024-42306

https://www.suse.com/security/cve/CVE-2024-43884

https://www.suse.com/security/cve/CVE-2024-43890

https://www.suse.com/security/cve/CVE-2024-43898

https://www.suse.com/security/cve/CVE-2024-43904

https://www.suse.com/security/cve/CVE-2024-43912

https://www.suse.com/security/cve/CVE-2024-43914

https://www.suse.com/security/cve/CVE-2024-44946

https://www.suse.com/security/cve/CVE-2024-44947

https://www.suse.com/security/cve/CVE-2024-44948

https://www.suse.com/security/cve/CVE-2024-44950

https://www.suse.com/security/cve/CVE-2024-44952

https://www.suse.com/security/cve/CVE-2024-44954

https://www.suse.com/security/cve/CVE-2024-44969

https://www.suse.com/security/cve/CVE-2024-44972

https://www.suse.com/security/cve/CVE-2024-44982

https://www.suse.com/security/cve/CVE-2024-44987

https://www.suse.com/security/cve/CVE-2024-44998

https://www.suse.com/security/cve/CVE-2024-44999

https://www.suse.com/security/cve/CVE-2024-45008

https://www.suse.com/security/cve/CVE-2024-46673

https://www.suse.com/security/cve/CVE-2024-46675

https://www.suse.com/security/cve/CVE-2024-46676

https://www.suse.com/security/cve/CVE-2024-46677

https://www.suse.com/security/cve/CVE-2024-46679

https://www.suse.com/security/cve/CVE-2024-46685

https://www.suse.com/security/cve/CVE-2024-46686

https://www.suse.com/security/cve/CVE-2024-46702

https://www.suse.com/security/cve/CVE-2024-46707

https://www.suse.com/security/cve/CVE-2024-46714

https://www.suse.com/security/cve/CVE-2024-46715

https://www.suse.com/security/cve/CVE-2024-46717

https://www.suse.com/security/cve/CVE-2024-46720

https://www.suse.com/security/cve/CVE-2024-46721

https://www.suse.com/security/cve/CVE-2024-46722

https://www.suse.com/security/cve/CVE-2024-46723

https://www.suse.com/security/cve/CVE-2024-46727

https://www.suse.com/security/cve/CVE-2024-46731

https://www.suse.com/security/cve/CVE-2024-46737

https://www.suse.com/security/cve/CVE-2024-46738

https://www.suse.com/security/cve/CVE-2024-46739

https://www.suse.com/security/cve/CVE-2024-46743

https://www.suse.com/security/cve/CVE-2024-46744

https://www.suse.com/security/cve/CVE-2024-46745

https://www.suse.com/security/cve/CVE-2024-46746

https://www.suse.com/security/cve/CVE-2024-46747

https://www.suse.com/security/cve/CVE-2024-46750

https://www.suse.com/security/cve/CVE-2024-46753

https://www.suse.com/security/cve/CVE-2024-46759

https://www.suse.com/security/cve/CVE-2024-46761

https://www.suse.com/security/cve/CVE-2024-46770

https://www.suse.com/security/cve/CVE-2024-46772

https://www.suse.com/security/cve/CVE-2024-46773

https://www.suse.com/security/cve/CVE-2024-46774

https://www.suse.com/security/cve/CVE-2024-46778

https://www.suse.com/security/cve/CVE-2024-46783

https://www.suse.com/security/cve/CVE-2024-46784

https://www.suse.com/security/cve/CVE-2024-46787

https://www.suse.com/security/cve/CVE-2024-46822

https://www.suse.com/security/cve/CVE-2024-46853

https://www.suse.com/security/cve/CVE-2024-46854

https://www.suse.com/security/cve/CVE-2024-46859

Plugin Details

Severity: High

ID: 208672

File Name: suse_SU-2024-3566-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 10/10/2024

Updated: 10/10/2024

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-46859

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:dlm-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt-devel, p-cpe:/a:novell:suse_linux:kernel-source-rt, cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-rt-base, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-syms-rt, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel, p-cpe:/a:novell:suse_linux:kernel-rt_debug, p-cpe:/a:novell:suse_linux:kernel-rt, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-devel-rt

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/9/2024

Vulnerability Publication Date: 1/11/2022

Reference Information

CVE: CVE-2021-4442, CVE-2021-47387, CVE-2021-47408, CVE-2021-47620, CVE-2021-47622, CVE-2022-48788, CVE-2022-48789, CVE-2022-48790, CVE-2022-48791, CVE-2022-48799, CVE-2022-48844, CVE-2022-48911, CVE-2022-48943, CVE-2022-48945, CVE-2023-52766, CVE-2023-52915, CVE-2024-27024, CVE-2024-38381, CVE-2024-38596, CVE-2024-38632, CVE-2024-40973, CVE-2024-41000, CVE-2024-41073, CVE-2024-41079, CVE-2024-41082, CVE-2024-42154, CVE-2024-42265, CVE-2024-42305, CVE-2024-42306, CVE-2024-43884, CVE-2024-43890, CVE-2024-43898, CVE-2024-43904, CVE-2024-43912, CVE-2024-43914, CVE-2024-44946, CVE-2024-44947, CVE-2024-44948, CVE-2024-44950, CVE-2024-44952, CVE-2024-44954, CVE-2024-44969, CVE-2024-44972, CVE-2024-44982, CVE-2024-44987, CVE-2024-44998, CVE-2024-44999, CVE-2024-45008, CVE-2024-46673, CVE-2024-46675, CVE-2024-46676, CVE-2024-46677, CVE-2024-46679, CVE-2024-46685, CVE-2024-46686, CVE-2024-46702, CVE-2024-46707, CVE-2024-46714, CVE-2024-46715, CVE-2024-46717, CVE-2024-46720, CVE-2024-46721, CVE-2024-46722, CVE-2024-46723, CVE-2024-46727, CVE-2024-46731, CVE-2024-46737, CVE-2024-46738, CVE-2024-46739, CVE-2024-46743, CVE-2024-46744, CVE-2024-46745, CVE-2024-46746, CVE-2024-46747, CVE-2024-46750, CVE-2024-46753, CVE-2024-46759, CVE-2024-46761, CVE-2024-46770, CVE-2024-46772, CVE-2024-46773, CVE-2024-46774, CVE-2024-46778, CVE-2024-46783, CVE-2024-46784, CVE-2024-46787, CVE-2024-46822, CVE-2024-46853, CVE-2024-46854, CVE-2024-46859

SuSE: SUSE-SU-2024:3566-1