SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1572-1)

high Nessus Plugin ID 149456
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed :

CVE-2020-36312: Fixed an issue within virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bnc#1184509).

CVE-2021-29650: Fixed an issue within the netfilter subsystem that allowed attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value (bnc#1184208).

CVE-2021-29155: Fixed an issue within kernel/bpf/verifier.c that performed undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations (bnc#1184942).

CVE-2020-36310: Fixed an issue within arch/x86/kvm/svm/svm.c that allowed a set_memory_region_test infinite loop for certain nested page faults (bnc#1184512).

CVE-2021-28950: Fixed an issue within fs/fuse/fuse_i.h where a 'stall on CPU' could have occured because a retry loop continually finds the same bad inode (bnc#1184194, bnc#1184211).

CVE-2020-36322: Fixed an issue within the FUSE filesystem implementation where fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bnc#1184211, bnc#1184952).

CVE-2021-3444: Fixed incorrect mod32 BPF verifier truncation (bsc#1184170).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Server 12-SP5 :

zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1572=1

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1043990

https://bugzilla.suse.com/show_bug.cgi?id=1046303

https://bugzilla.suse.com/show_bug.cgi?id=1047233

https://bugzilla.suse.com/show_bug.cgi?id=1055117

https://bugzilla.suse.com/show_bug.cgi?id=1056787

https://bugzilla.suse.com/show_bug.cgi?id=1065729

https://bugzilla.suse.com/show_bug.cgi?id=1087405

https://bugzilla.suse.com/show_bug.cgi?id=1097583

https://bugzilla.suse.com/show_bug.cgi?id=1097584

https://bugzilla.suse.com/show_bug.cgi?id=1097585

https://bugzilla.suse.com/show_bug.cgi?id=1097586

https://bugzilla.suse.com/show_bug.cgi?id=1097587

https://bugzilla.suse.com/show_bug.cgi?id=1097588

https://bugzilla.suse.com/show_bug.cgi?id=1101816

https://bugzilla.suse.com/show_bug.cgi?id=1103990

https://bugzilla.suse.com/show_bug.cgi?id=1104353

https://bugzilla.suse.com/show_bug.cgi?id=1109837

https://bugzilla.suse.com/show_bug.cgi?id=1111981

https://bugzilla.suse.com/show_bug.cgi?id=1114648

https://bugzilla.suse.com/show_bug.cgi?id=1118657

https://bugzilla.suse.com/show_bug.cgi?id=1118661

https://bugzilla.suse.com/show_bug.cgi?id=1151794

https://bugzilla.suse.com/show_bug.cgi?id=1152457

https://bugzilla.suse.com/show_bug.cgi?id=1175306

https://bugzilla.suse.com/show_bug.cgi?id=1178089

https://bugzilla.suse.com/show_bug.cgi?id=1180624

https://bugzilla.suse.com/show_bug.cgi?id=1180846

https://bugzilla.suse.com/show_bug.cgi?id=1181062

https://bugzilla.suse.com/show_bug.cgi?id=1181161

https://bugzilla.suse.com/show_bug.cgi?id=1182613

https://bugzilla.suse.com/show_bug.cgi?id=1182672

https://bugzilla.suse.com/show_bug.cgi?id=1183063

https://bugzilla.suse.com/show_bug.cgi?id=1183203

https://bugzilla.suse.com/show_bug.cgi?id=1183289

https://bugzilla.suse.com/show_bug.cgi?id=1184170

https://bugzilla.suse.com/show_bug.cgi?id=1184194

https://bugzilla.suse.com/show_bug.cgi?id=1184208

https://bugzilla.suse.com/show_bug.cgi?id=1184209

https://bugzilla.suse.com/show_bug.cgi?id=1184211

https://bugzilla.suse.com/show_bug.cgi?id=1184350

https://bugzilla.suse.com/show_bug.cgi?id=1184388

https://bugzilla.suse.com/show_bug.cgi?id=1184509

https://bugzilla.suse.com/show_bug.cgi?id=1184512

https://bugzilla.suse.com/show_bug.cgi?id=1184514

https://bugzilla.suse.com/show_bug.cgi?id=1184647

https://bugzilla.suse.com/show_bug.cgi?id=1184650

https://bugzilla.suse.com/show_bug.cgi?id=1184724

https://bugzilla.suse.com/show_bug.cgi?id=1184731

https://bugzilla.suse.com/show_bug.cgi?id=1184736

https://bugzilla.suse.com/show_bug.cgi?id=1184737

https://bugzilla.suse.com/show_bug.cgi?id=1184738

https://bugzilla.suse.com/show_bug.cgi?id=1184742

https://bugzilla.suse.com/show_bug.cgi?id=1184760

https://bugzilla.suse.com/show_bug.cgi?id=1184942

https://bugzilla.suse.com/show_bug.cgi?id=1184952

https://bugzilla.suse.com/show_bug.cgi?id=1184957

https://bugzilla.suse.com/show_bug.cgi?id=1184984

https://bugzilla.suse.com/show_bug.cgi?id=1185041

https://bugzilla.suse.com/show_bug.cgi?id=1185113

https://bugzilla.suse.com/show_bug.cgi?id=1185195

https://bugzilla.suse.com/show_bug.cgi?id=1185197

https://bugzilla.suse.com/show_bug.cgi?id=1185244

https://bugzilla.suse.com/show_bug.cgi?id=1185269

https://bugzilla.suse.com/show_bug.cgi?id=1185335

https://bugzilla.suse.com/show_bug.cgi?id=1185365

https://bugzilla.suse.com/show_bug.cgi?id=1185472

https://bugzilla.suse.com/show_bug.cgi?id=1185491

https://bugzilla.suse.com/show_bug.cgi?id=1185549

https://www.suse.com/security/cve/CVE-2020-36310/

https://www.suse.com/security/cve/CVE-2020-36312/

https://www.suse.com/security/cve/CVE-2020-36322/

https://www.suse.com/security/cve/CVE-2021-28950/

https://www.suse.com/security/cve/CVE-2021-29155/

https://www.suse.com/security/cve/CVE-2021-29650/

http://www.nessus.org/u?ab05afda

Plugin Details

Severity: High

ID: 149456

File Name: suse_SU-2021-1572-1.nasl

Version: 1.2

Type: local

Agent: unix

Published: 5/13/2021

Updated: 5/17/2021

Dependencies: ssh_get_info.nasl

Risk Information

CVSS Score Source: CVE-2021-3444

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:U/RL:OF/RC:C

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:kernel-azure-base, p-cpe:/a:novell:suse_linux:kernel-azure-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-azure-debuginfo, p-cpe:/a:novell:suse_linux:kernel-azure-debugsource, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-syms-azure, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/12/2021

Vulnerability Publication Date: 3/20/2021

Reference Information

CVE: CVE-2020-36310, CVE-2020-36312, CVE-2020-36322, CVE-2021-28950, CVE-2021-29155, CVE-2021-29650, CVE-2021-3444