SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2021:3387-1)

high Nessus Plugin ID 154094

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3387-1 advisory.

- A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3752)

- u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)

- A memory leak flaw was found in the Linux kernel in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ccp/ccp-ops.c, which allows attackers to cause a denial of service (memory consumption).
This vulnerability is similar with the older CVE-2019-18808. (CVE-2021-3744)

- A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1148868

https://bugzilla.suse.com/1152489

https://bugzilla.suse.com/1154353

https://bugzilla.suse.com/1159886

https://bugzilla.suse.com/1167773

https://bugzilla.suse.com/1170774

https://bugzilla.suse.com/1171688

https://bugzilla.suse.com/1173746

https://bugzilla.suse.com/1174003

https://bugzilla.suse.com/1176447

https://bugzilla.suse.com/1176940

https://bugzilla.suse.com/1177028

https://bugzilla.suse.com/1178134

https://bugzilla.suse.com/1184439

https://bugzilla.suse.com/1184804

https://bugzilla.suse.com/1185302

https://bugzilla.suse.com/1185550

https://bugzilla.suse.com/1185677

https://bugzilla.suse.com/1185726

https://bugzilla.suse.com/1185762

https://bugzilla.suse.com/1187211

https://bugzilla.suse.com/1188067

https://bugzilla.suse.com/1188418

https://bugzilla.suse.com/1188651

https://bugzilla.suse.com/1188986

https://bugzilla.suse.com/1189257

https://bugzilla.suse.com/1189297

https://bugzilla.suse.com/1189841

https://bugzilla.suse.com/1189884

https://bugzilla.suse.com/1190023

https://bugzilla.suse.com/1190062

https://bugzilla.suse.com/1190115

https://bugzilla.suse.com/1190138

https://bugzilla.suse.com/1190159

https://bugzilla.suse.com/1190358

https://bugzilla.suse.com/1190406

https://bugzilla.suse.com/1190432

https://bugzilla.suse.com/1190467

https://bugzilla.suse.com/1190523

https://bugzilla.suse.com/1190534

https://bugzilla.suse.com/1190543

https://bugzilla.suse.com/1190544

https://bugzilla.suse.com/1190561

https://bugzilla.suse.com/1190576

https://bugzilla.suse.com/1190595

https://bugzilla.suse.com/1190596

https://bugzilla.suse.com/1190598

https://bugzilla.suse.com/1190620

https://bugzilla.suse.com/1190626

https://bugzilla.suse.com/1190679

https://bugzilla.suse.com/1190705

https://bugzilla.suse.com/1190717

https://bugzilla.suse.com/1190746

https://bugzilla.suse.com/1190758

https://bugzilla.suse.com/1190784

https://bugzilla.suse.com/1190785

https://bugzilla.suse.com/1191172

https://bugzilla.suse.com/1191193

https://bugzilla.suse.com/1191292

http://www.nessus.org/u?73d7d193

https://www.suse.com/security/cve/CVE-2020-3702

https://www.suse.com/security/cve/CVE-2021-3669

https://www.suse.com/security/cve/CVE-2021-3744

https://www.suse.com/security/cve/CVE-2021-3752

https://www.suse.com/security/cve/CVE-2021-3759

https://www.suse.com/security/cve/CVE-2021-3764

https://www.suse.com/security/cve/CVE-2021-40490

Plugin Details

Severity: High

ID: 154094

File Name: suse_SU-2021-3387-1.nasl

Version: 1.6

Type: local

Agent: unix

Published: 10/13/2021

Updated: 3/14/2022

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.9

Temporal Score: 5.8

Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:U/RL:OF/RC:C

CVSS Score Source: CVE-2021-3752

CVSS v3

Risk Factor: High

Base Score: 7.1

Temporal Score: 6.2

Vector: CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-64kb, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-59_27-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-preempt, p-cpe:/a:novell:suse_linux:kernel-preempt-devel, p-cpe:/a:novell:suse_linux:kernel-preempt-extra, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 10/12/2021

Vulnerability Publication Date: 9/8/2020

Reference Information

CVE: CVE-2020-3702, CVE-2021-3669, CVE-2021-3744, CVE-2021-3752, CVE-2021-3759, CVE-2021-3764, CVE-2021-40490

SuSE: SUSE-SU-2021:3387-1