Detections
Analytics
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:0741-1)
high Nessus Plugin ID 147579
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.The following security bugs were fixed :
CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping (XSA-365 bsc#1181843).
CVE-2021-26931: Fixed an issue where Linux kernel was treating grant mapping errors as bugs (XSA-362 bsc#1181753).
CVE-2021-26932: Fixed improper error handling issues in Linux grant mapping (XSA-361 bsc#1181747). by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#178372).
CVE-2020-12362: Fixed an integer overflow in the firmware which may have allowed a privileged user to potentially enable an escalation of privilege via local access (bsc#1181720).
CVE-2020-12363: Fixed an improper input validation which may have allowed a privileged user to potentially enable a denial of service via local access (bsc#1181735).
CVE-2020-12364: Fixed a NULL pointer reference which may have allowed a privileged user to potentially enable a denial of service via local access (bsc#1181736 ).
CVE-2020-12373: Fixed an expired pointer dereference which may have allowed a privileged user to potentially enable a denial of service via local access (bsc#1181738).
CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.Alternatively you can run the command listed for your product :
SUSE MicroOS 5.0 :
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2021-741=1
SUSE Linux Enterprise Workstation Extension 15-SP2 :
zypper in -t patch SUSE-SLE-Product-WE-15-SP2-2021-741=1
SUSE Linux Enterprise Module for Live Patching 15-SP2 :
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2021-741=1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 :
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2021-741=1
SUSE Linux Enterprise Module for Development Tools 15-SP2 :
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP2-2021-741=1
SUSE Linux Enterprise Module for Basesystem 15-SP2 :
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-741=1
SUSE Linux Enterprise High Availability 15-SP2 :
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2021-741=1
See Also
https://bugzilla.suse.com/show_bug.cgi?id=1179137
https://bugzilla.suse.com/show_bug.cgi?id=1179243
https://bugzilla.suse.com/show_bug.cgi?id=1179428
https://bugzilla.suse.com/show_bug.cgi?id=1179660
https://bugzilla.suse.com/show_bug.cgi?id=1179929
https://bugzilla.suse.com/show_bug.cgi?id=1180058
https://bugzilla.suse.com/show_bug.cgi?id=1180846
https://bugzilla.suse.com/show_bug.cgi?id=1180964
https://bugzilla.suse.com/show_bug.cgi?id=1180989
https://bugzilla.suse.com/show_bug.cgi?id=1181133
https://bugzilla.suse.com/show_bug.cgi?id=1181259
https://bugzilla.suse.com/show_bug.cgi?id=1181544
https://bugzilla.suse.com/show_bug.cgi?id=1181574
https://bugzilla.suse.com/show_bug.cgi?id=1181637
https://bugzilla.suse.com/show_bug.cgi?id=1181655
https://bugzilla.suse.com/show_bug.cgi?id=1181671
https://bugzilla.suse.com/show_bug.cgi?id=1181674
https://bugzilla.suse.com/show_bug.cgi?id=1181710
https://bugzilla.suse.com/show_bug.cgi?id=1181720
https://bugzilla.suse.com/show_bug.cgi?id=1065600
https://bugzilla.suse.com/show_bug.cgi?id=1065729
https://bugzilla.suse.com/show_bug.cgi?id=1078720
https://bugzilla.suse.com/show_bug.cgi?id=1081134
https://bugzilla.suse.com/show_bug.cgi?id=1084610
https://bugzilla.suse.com/show_bug.cgi?id=1132477
https://bugzilla.suse.com/show_bug.cgi?id=1151927
https://bugzilla.suse.com/show_bug.cgi?id=1152472
https://bugzilla.suse.com/show_bug.cgi?id=1152489
https://bugzilla.suse.com/show_bug.cgi?id=1154353
https://bugzilla.suse.com/show_bug.cgi?id=1155518
https://bugzilla.suse.com/show_bug.cgi?id=1156395
https://bugzilla.suse.com/show_bug.cgi?id=1163776
https://bugzilla.suse.com/show_bug.cgi?id=1169514
https://bugzilla.suse.com/show_bug.cgi?id=1170442
https://bugzilla.suse.com/show_bug.cgi?id=1176248
https://bugzilla.suse.com/show_bug.cgi?id=1176855
https://bugzilla.suse.com/show_bug.cgi?id=1177109
https://bugzilla.suse.com/show_bug.cgi?id=1177326
https://bugzilla.suse.com/show_bug.cgi?id=1181735
https://bugzilla.suse.com/show_bug.cgi?id=1181736
https://bugzilla.suse.com/show_bug.cgi?id=1181738
https://bugzilla.suse.com/show_bug.cgi?id=1181747
https://bugzilla.suse.com/show_bug.cgi?id=1181753
https://bugzilla.suse.com/show_bug.cgi?id=1181818
https://bugzilla.suse.com/show_bug.cgi?id=1181843
https://bugzilla.suse.com/show_bug.cgi?id=1181854
https://bugzilla.suse.com/show_bug.cgi?id=1181896
https://bugzilla.suse.com/show_bug.cgi?id=1181958
https://bugzilla.suse.com/show_bug.cgi?id=1181960
https://bugzilla.suse.com/show_bug.cgi?id=1181985
https://bugzilla.suse.com/show_bug.cgi?id=1182047
https://bugzilla.suse.com/show_bug.cgi?id=1182110
https://bugzilla.suse.com/show_bug.cgi?id=1182118
https://bugzilla.suse.com/show_bug.cgi?id=1182128
https://bugzilla.suse.com/show_bug.cgi?id=1182140
https://bugzilla.suse.com/show_bug.cgi?id=1182171
https://bugzilla.suse.com/show_bug.cgi?id=1182175
https://bugzilla.suse.com/show_bug.cgi?id=1182259
https://bugzilla.suse.com/show_bug.cgi?id=1182265
https://bugzilla.suse.com/show_bug.cgi?id=1182266
https://bugzilla.suse.com/show_bug.cgi?id=1182267
https://bugzilla.suse.com/show_bug.cgi?id=1182268
https://bugzilla.suse.com/show_bug.cgi?id=1182271
https://bugzilla.suse.com/show_bug.cgi?id=1182272
https://bugzilla.suse.com/show_bug.cgi?id=1182273
https://bugzilla.suse.com/show_bug.cgi?id=1182275
https://bugzilla.suse.com/show_bug.cgi?id=1182276
https://bugzilla.suse.com/show_bug.cgi?id=1182278
https://bugzilla.suse.com/show_bug.cgi?id=1182283
https://bugzilla.suse.com/show_bug.cgi?id=1182341
https://bugzilla.suse.com/show_bug.cgi?id=1182374
https://bugzilla.suse.com/show_bug.cgi?id=1177440
https://bugzilla.suse.com/show_bug.cgi?id=1177529
https://bugzilla.suse.com/show_bug.cgi?id=1178142
https://bugzilla.suse.com/show_bug.cgi?id=1178995
https://bugzilla.suse.com/show_bug.cgi?id=1179082
https://bugzilla.suse.com/show_bug.cgi?id=1182380
https://bugzilla.suse.com/show_bug.cgi?id=1182381
https://bugzilla.suse.com/show_bug.cgi?id=1182406
https://bugzilla.suse.com/show_bug.cgi?id=1182430
https://bugzilla.suse.com/show_bug.cgi?id=1182439
https://bugzilla.suse.com/show_bug.cgi?id=1182441
https://bugzilla.suse.com/show_bug.cgi?id=1182442
https://bugzilla.suse.com/show_bug.cgi?id=1182443
https://bugzilla.suse.com/show_bug.cgi?id=1182444
https://bugzilla.suse.com/show_bug.cgi?id=1182445
https://bugzilla.suse.com/show_bug.cgi?id=1182446
https://bugzilla.suse.com/show_bug.cgi?id=1182447
https://bugzilla.suse.com/show_bug.cgi?id=1182449
https://bugzilla.suse.com/show_bug.cgi?id=1182454
https://bugzilla.suse.com/show_bug.cgi?id=1182455
https://bugzilla.suse.com/show_bug.cgi?id=1182456
https://bugzilla.suse.com/show_bug.cgi?id=1182457
https://bugzilla.suse.com/show_bug.cgi?id=1182458
https://bugzilla.suse.com/show_bug.cgi?id=1182459
https://bugzilla.suse.com/show_bug.cgi?id=1182460
https://bugzilla.suse.com/show_bug.cgi?id=1182461
https://bugzilla.suse.com/show_bug.cgi?id=1182462
https://bugzilla.suse.com/show_bug.cgi?id=1182463
https://bugzilla.suse.com/show_bug.cgi?id=1182464
https://bugzilla.suse.com/show_bug.cgi?id=1182465
https://bugzilla.suse.com/show_bug.cgi?id=1182466
https://bugzilla.suse.com/show_bug.cgi?id=1182485
https://bugzilla.suse.com/show_bug.cgi?id=1182489
https://bugzilla.suse.com/show_bug.cgi?id=1182490
https://bugzilla.suse.com/show_bug.cgi?id=1182507
https://bugzilla.suse.com/show_bug.cgi?id=1182547
https://bugzilla.suse.com/show_bug.cgi?id=1182558
https://bugzilla.suse.com/show_bug.cgi?id=1182560
https://bugzilla.suse.com/show_bug.cgi?id=1182561
https://bugzilla.suse.com/show_bug.cgi?id=1182571
https://bugzilla.suse.com/show_bug.cgi?id=1182599
https://bugzilla.suse.com/show_bug.cgi?id=1182602
https://bugzilla.suse.com/show_bug.cgi?id=1182626
https://bugzilla.suse.com/show_bug.cgi?id=1182650
https://bugzilla.suse.com/show_bug.cgi?id=1182672
https://bugzilla.suse.com/show_bug.cgi?id=1182676
https://bugzilla.suse.com/show_bug.cgi?id=1182683
https://bugzilla.suse.com/show_bug.cgi?id=1182684
https://bugzilla.suse.com/show_bug.cgi?id=1182686
https://bugzilla.suse.com/show_bug.cgi?id=1182770
https://bugzilla.suse.com/show_bug.cgi?id=1182798
https://bugzilla.suse.com/show_bug.cgi?id=1182800
https://bugzilla.suse.com/show_bug.cgi?id=1182801
https://bugzilla.suse.com/show_bug.cgi?id=1182854
https://bugzilla.suse.com/show_bug.cgi?id=1182856
https://www.suse.com/security/cve/CVE-2020-12362/
https://www.suse.com/security/cve/CVE-2020-12363/
https://www.suse.com/security/cve/CVE-2020-12364/
https://www.suse.com/security/cve/CVE-2020-12373/
https://www.suse.com/security/cve/CVE-2020-29368/
https://www.suse.com/security/cve/CVE-2020-29374/
https://www.suse.com/security/cve/CVE-2021-26930/
https://www.suse.com/security/cve/CVE-2021-26931/
Plugin Details
Severity: High
ID: 147579
File Name: suse_SU-2021-0741-1.nasl
Version: 1.4
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/10/2021
Updated: 1/10/2024
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.9
Temporal Score: 5.4
Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2020-29368
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2021-26930
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-obs-build-debugsource, p-cpe:/a:novell:suse_linux:kernel-preempt, p-cpe:/a:novell:suse_linux:kernel-preempt-debuginfo, p-cpe:/a:novell:suse_linux:kernel-preempt-debugsource, p-cpe:/a:novell:suse_linux:kernel-preempt-devel, p-cpe:/a:novell:suse_linux:kernel-preempt-devel-debuginfo, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default-debuginfo, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/9/2021
Vulnerability Publication Date: 11/28/2020
Reference Information
CVE: CVE-2020-12362, CVE-2020-12363, CVE-2020-12364, CVE-2020-12373, CVE-2020-29368, CVE-2020-29374, CVE-2021-26930, CVE-2021-26931, CVE-2021-26932