The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3641-1 advisory.

  - The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because     the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads     to writing an arbitrary value. (CVE-2021-33033)

  - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42739. Reason: This candidate is a     reservation duplicate of CVE-2021-42739. Notes: All CVE users should reference CVE-2021-42739 instead of     this candidate. All references and descriptions in this candidate have been removed to prevent accidental     usage. (CVE-2021-3542)

  - A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on     inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)

  - kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)

  - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43389. Reason: This candidate is a     reservation duplicate of CVE-2021-43389. Notes: All CVE users should reference CVE-2021-43389 instead of     this candidate. All references and descriptions in this candidate have been removed to prevent accidental     usage. (CVE-2021-3896)

  - prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows     unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds     write. (CVE-2021-41864)

  - The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab     out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
    (CVE-2021-42008)

  - An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux     kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite     memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a     certain comparison uses values that are not memory sizes. (CVE-2021-42252)

  - The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to     drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt     mishandles bounds checking. (CVE-2021-42739)

  - An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to     crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S     implementation bug in the handling of the SRR1 register values. (CVE-2021-43056)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Detections

Analytics

openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3641-1)

high Nessus Plugin ID 155009

Version 1.4