SUSE SLES12 Security Update : kernel (SUSE-SU-2024:4367-1)

high Nessus Plugin ID 213130

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4367-1 advisory.

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2022-48853: swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1228015).
- CVE-2024-26801: Bluetooth: Avoid potential use-after-free in hci_error_reset (bsc#1222413).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).
- CVE-2024-27051: cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (bsc#1223769).
- CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).
- CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-46771: can: bcm: Remove proc entry when dev is unregistered (bsc#1230766).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930).
- CVE-2024-47701: ext4: avoid OOB when system.data xattr changes underneath the filesystem (bsc#1231920).
- CVE-2024-49858: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (bsc#1232251).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49938: wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (bsc#1232552).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-50044: Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (bsc#1231904).
- CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329).
- CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520).
- CVE-2024-50074: parport: Proper fix for array out-of-bounds access (bsc#1232507).
- CVE-2024-50095: RDMA/mad: Improve handling of timed out WRs of mad agent (bsc#1232873).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50117: drm/amd: Guard against bad data for ATIF ACPI method (bsc#1232897).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888).
- CVE-2024-50148: Bluetooth: bnep: fix wild-memory-access in proto_unregister (bsc#1233063).
- CVE-2024-50150: usb: typec: altmode should keep reference to parent (bsc#1233051).
- CVE-2024-50154: tcp/dccp: Do not use timer_pending() in reqsk_queue_unlink() (bsc#1233070).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50183: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1233130).
- CVE-2024-50187: drm/vc4: Stop the active perfmon before being destroyed (bsc#1233108).
- CVE-2024-50195: posix-clock: Fix missing timespec64 check in pc_clock_settime() (bsc#1233103).
- CVE-2024-50218: ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (bsc#1233191).
- CVE-2024-50234: wifi: iwlegacy: Clear stale interrupts before resuming device (bsc#1233211).
- CVE-2024-50236: wifi: ath10k: Fix memory leak in management tx (bsc#1233212).
- CVE-2024-50237: wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (bsc#1233216).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50265: ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (bsc#1233454).
- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in key_task_permission (bsc#1233490).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).
- CVE-2024-53066: nfs: Fix KMSAN warning in decode_getfattr_attrs() (bsc#1233560).
- CVE-2024-53085: tpm: Lock TPM chip in tpm_pm_suspend() first (bsc#1082555 bsc#1233577).
- CVE-2024-53088: i40e: fix race condition by adding filter's intermediate sync state (bsc#1233580).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 213130

File Name: suse_SU-2024-4367-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 12/18/2024

Updated: 12/18/2024

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-53142

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_237-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-kgraft, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-default-man

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 12/17/2024

Vulnerability Publication Date: 1/12/2022

Reference Information

CVE: CVE-2021-47162, CVE-2022-48853, CVE-2024-26801, CVE-2024-26852, CVE-2024-26886, CVE-2024-27051, CVE-2024-35937, CVE-2024-36886, CVE-2024-36905, CVE-2024-36954, CVE-2024-42098, CVE-2024-42131, CVE-2024-42229, CVE-2024-44995, CVE-2024-45016, CVE-2024-46771, CVE-2024-46777, CVE-2024-46800, CVE-2024-47660, CVE-2024-47679, CVE-2024-47701, CVE-2024-49858, CVE-2024-49868, CVE-2024-49884, CVE-2024-49921, CVE-2024-49925, CVE-2024-49938, CVE-2024-49945, CVE-2024-49950, CVE-2024-49952, CVE-2024-50044, CVE-2024-50055, CVE-2024-50073, CVE-2024-50074, CVE-2024-50095, CVE-2024-50099, CVE-2024-50115, CVE-2024-50117, CVE-2024-50125, CVE-2024-50135, CVE-2024-50148, CVE-2024-50150, CVE-2024-50154, CVE-2024-50167, CVE-2024-50171, CVE-2024-50179, CVE-2024-50183, CVE-2024-50187, CVE-2024-50194, CVE-2024-50195, CVE-2024-50210, CVE-2024-50218, CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50264, CVE-2024-50265, CVE-2024-50267, CVE-2024-50273, CVE-2024-50278, CVE-2024-50279, CVE-2024-50289, CVE-2024-50290, CVE-2024-50296, CVE-2024-50301, CVE-2024-50302, CVE-2024-53058, CVE-2024-53061, CVE-2024-53063, CVE-2024-53066, CVE-2024-53085, CVE-2024-53088, CVE-2024-53104, CVE-2024-53114, CVE-2024-53142

SuSE: SUSE-SU-2024:4367-1

Detections

Analytics