Detections
Analytics
SUSE SLES12 Security Update : kernel (SUSE-SU-2021:0739-1)
high Nessus Plugin ID 147454
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The SUSE Linux Enterprise 12 SP5 kernel Azure was updated to receive various security and bugfixes.The following security bugs was fixed :
CVE-2021-3348: Fixed a use-after-free read in nbd_queue_rq (bsc#1181504).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Server 12-SP5 :
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-739=1
See Also
https://bugzilla.suse.com/show_bug.cgi?id=1065600
https://bugzilla.suse.com/show_bug.cgi?id=1065729
https://bugzilla.suse.com/show_bug.cgi?id=1078720
https://bugzilla.suse.com/show_bug.cgi?id=1081134
https://bugzilla.suse.com/show_bug.cgi?id=1084610
https://bugzilla.suse.com/show_bug.cgi?id=1114648
https://bugzilla.suse.com/show_bug.cgi?id=1163617
https://bugzilla.suse.com/show_bug.cgi?id=1163930
https://bugzilla.suse.com/show_bug.cgi?id=1169514
https://bugzilla.suse.com/show_bug.cgi?id=1181574
https://bugzilla.suse.com/show_bug.cgi?id=1181671
https://bugzilla.suse.com/show_bug.cgi?id=1181809
https://bugzilla.suse.com/show_bug.cgi?id=1181854
https://bugzilla.suse.com/show_bug.cgi?id=1181896
https://bugzilla.suse.com/show_bug.cgi?id=1181931
https://bugzilla.suse.com/show_bug.cgi?id=1181960
https://bugzilla.suse.com/show_bug.cgi?id=1181985
https://bugzilla.suse.com/show_bug.cgi?id=1181987
https://bugzilla.suse.com/show_bug.cgi?id=1181996
https://bugzilla.suse.com/show_bug.cgi?id=1181998
https://bugzilla.suse.com/show_bug.cgi?id=1182038
https://bugzilla.suse.com/show_bug.cgi?id=1182047
https://bugzilla.suse.com/show_bug.cgi?id=1182118
https://bugzilla.suse.com/show_bug.cgi?id=1182130
https://bugzilla.suse.com/show_bug.cgi?id=1182140
https://bugzilla.suse.com/show_bug.cgi?id=1182171
https://bugzilla.suse.com/show_bug.cgi?id=1182173
https://bugzilla.suse.com/show_bug.cgi?id=1182175
https://bugzilla.suse.com/show_bug.cgi?id=1182182
https://bugzilla.suse.com/show_bug.cgi?id=1182184
https://bugzilla.suse.com/show_bug.cgi?id=1182195
https://bugzilla.suse.com/show_bug.cgi?id=1182242
https://bugzilla.suse.com/show_bug.cgi?id=1182243
https://bugzilla.suse.com/show_bug.cgi?id=1182248
https://bugzilla.suse.com/show_bug.cgi?id=1182269
https://bugzilla.suse.com/show_bug.cgi?id=1182302
https://bugzilla.suse.com/show_bug.cgi?id=1182307
https://bugzilla.suse.com/show_bug.cgi?id=1182310
https://bugzilla.suse.com/show_bug.cgi?id=1182438
https://bugzilla.suse.com/show_bug.cgi?id=1182447
https://bugzilla.suse.com/show_bug.cgi?id=1182448
https://bugzilla.suse.com/show_bug.cgi?id=1182449
https://bugzilla.suse.com/show_bug.cgi?id=1182460
https://bugzilla.suse.com/show_bug.cgi?id=1182461
https://bugzilla.suse.com/show_bug.cgi?id=1182462
https://bugzilla.suse.com/show_bug.cgi?id=1182463
https://bugzilla.suse.com/show_bug.cgi?id=1182464
https://bugzilla.suse.com/show_bug.cgi?id=1182465
https://bugzilla.suse.com/show_bug.cgi?id=1182466
https://bugzilla.suse.com/show_bug.cgi?id=1182560
https://bugzilla.suse.com/show_bug.cgi?id=1182561
https://bugzilla.suse.com/show_bug.cgi?id=1182571
https://bugzilla.suse.com/show_bug.cgi?id=1182590
https://bugzilla.suse.com/show_bug.cgi?id=1182610
https://bugzilla.suse.com/show_bug.cgi?id=1182612
https://bugzilla.suse.com/show_bug.cgi?id=1182650
https://bugzilla.suse.com/show_bug.cgi?id=1182652
https://www.suse.com/security/cve/CVE-2021-3348/
http://www.nessus.org/u?c94f3760
https://bugzilla.suse.com/show_bug.cgi?id=1170442
https://bugzilla.suse.com/show_bug.cgi?id=1176855
https://bugzilla.suse.com/show_bug.cgi?id=1177440
https://bugzilla.suse.com/show_bug.cgi?id=1178049
https://bugzilla.suse.com/show_bug.cgi?id=1179082
https://bugzilla.suse.com/show_bug.cgi?id=1179142
https://bugzilla.suse.com/show_bug.cgi?id=1179612
https://bugzilla.suse.com/show_bug.cgi?id=1179709
https://bugzilla.suse.com/show_bug.cgi?id=1180058
Plugin Details
Severity: High
ID: 147454
File Name: suse_SU-2021-0739-1.nasl
Version: 1.3
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/10/2021
Updated: 1/11/2024
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 4.4
Temporal Score: 3.3
Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2021-3348
CVSS v3
Risk Factor: High
Base Score: 7
Temporal Score: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:kernel-azure-base, p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo, p-cpe:/a:novell:suse_linux:kernel-azure-debugsource, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-syms-azure, cpe:/o:novell:suse_linux:12
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 3/9/2021
Vulnerability Publication Date: 2/1/2021
Reference Information
CVE: CVE-2021-3348