Detections
Analytics
SUSE SLES15: kernel-azure / kernel-azure-devel / kernel-devel-azure / etc (SUSE-SU-2022:0056-1)
high Nessus Plugin ID 156646
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0056-1 advisory.The SUSE Linux Enterprise 15 SP3 kernel was updated.
The following security bugs were fixed:
- CVE-2021-45485: Fixed an information leak because of certain use of a hash table which use IPv6 source addresses. (bsc#1194094)
- CVE-2021-45486: Fixed an information leak because the hash table is very small in net/ipv4/route.c.
(bnc#1194087).
- CVE-2021-4001: Fixed a race condition when the EBPF map is frozen. (bsc#1192990)
- CVE-2021-28715: Fixed an issue where a guest could force Linux netback driver to hog large amounts of kernel memory by do not queueing unlimited number of packages. (bsc#1193442)
- CVE-2021-28714: Fixed an issue where a guest could force Linux netback driver to hog large amounts of kernel memory by fixing rx queue stall detection. (bsc#1193442)
- CVE-2021-28713: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening hvc_xen against event channel storms. (bsc#1193440)
- CVE-2021-28712: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening netfront against event channel storms. (bsc#1193440)
- CVE-2021-28711: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening blkfront against event channel storms. (bsc#1193440)
- CVE-2020-24504: Fixed an uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers that may have allowed an authenticated user to potentially enable denial of service via local access. (bnc#1182404)
- CVE-2021-43975: Fixed a flaw in hw_atl_utils_fw_rpc_wait that could allow an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. (bnc#1192845)
- CVE-2021-43976: Fixed a flaw that could allow an attacker (who can connect a crafted USB device) to cause a denial of service. (bnc#1192847)
- CVE-2021-4002: Added a missing TLB flush that could lead to leak or corruption of data in hugetlbfs.
(bsc#1192946)
- CVE-2020-27820: Fixed a vulnerability where a use-after-frees in nouveau's postclose() handler could happen if removing device. (bnc#1179599)
- CVE-2021-33098: Fixed a potential denial of service in Intel(R) Ethernet ixgbe driver due to improper input validation. (bnc#1192877)
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1139944
https://bugzilla.suse.com/1151927
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1153275
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1154355
https://bugzilla.suse.com/1161907
https://bugzilla.suse.com/1164565
https://bugzilla.suse.com/1166780
https://bugzilla.suse.com/1169514
https://bugzilla.suse.com/1176242
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176536
https://bugzilla.suse.com/1176544
https://bugzilla.suse.com/1176545
https://bugzilla.suse.com/1176546
https://bugzilla.suse.com/1176548
https://bugzilla.suse.com/1176558
https://bugzilla.suse.com/1176559
https://bugzilla.suse.com/1176774
https://bugzilla.suse.com/1176940
https://bugzilla.suse.com/1176956
https://bugzilla.suse.com/1177440
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1178270
https://bugzilla.suse.com/1179211
https://bugzilla.suse.com/1179424
https://bugzilla.suse.com/1179426
https://bugzilla.suse.com/1179427
https://bugzilla.suse.com/1179599
https://bugzilla.suse.com/1181148
https://bugzilla.suse.com/1181507
https://bugzilla.suse.com/1181710
https://bugzilla.suse.com/1182404
https://bugzilla.suse.com/1183534
https://bugzilla.suse.com/1183540
https://bugzilla.suse.com/1183897
https://bugzilla.suse.com/1184318
https://bugzilla.suse.com/1185726
https://bugzilla.suse.com/1185902
https://bugzilla.suse.com/1186332
https://bugzilla.suse.com/1187541
https://bugzilla.suse.com/1189126
https://bugzilla.suse.com/1189158
https://bugzilla.suse.com/1191793
https://bugzilla.suse.com/1191876
https://bugzilla.suse.com/1192267
https://bugzilla.suse.com/1192320
https://bugzilla.suse.com/1192507
https://bugzilla.suse.com/1192511
https://bugzilla.suse.com/1192569
https://bugzilla.suse.com/1192606
https://bugzilla.suse.com/1192691
https://bugzilla.suse.com/1192845
https://bugzilla.suse.com/1192847
https://bugzilla.suse.com/1192874
https://bugzilla.suse.com/1192877
https://bugzilla.suse.com/1192946
https://bugzilla.suse.com/1192969
https://bugzilla.suse.com/1192987
https://bugzilla.suse.com/1192990
https://bugzilla.suse.com/1192998
https://bugzilla.suse.com/1193002
https://bugzilla.suse.com/1193042
https://bugzilla.suse.com/1193139
https://bugzilla.suse.com/1193169
https://bugzilla.suse.com/1193306
https://bugzilla.suse.com/1193318
https://bugzilla.suse.com/1193349
https://bugzilla.suse.com/1193440
https://bugzilla.suse.com/1193442
https://bugzilla.suse.com/1193655
https://bugzilla.suse.com/1193993
https://bugzilla.suse.com/1194087
https://bugzilla.suse.com/1194094
https://bugzilla.suse.com/1194266
https://www.suse.com/security/cve/CVE-2020-24504
https://www.suse.com/security/cve/CVE-2020-27820
https://www.suse.com/security/cve/CVE-2021-28711
https://www.suse.com/security/cve/CVE-2021-28712
https://www.suse.com/security/cve/CVE-2021-28713
https://www.suse.com/security/cve/CVE-2021-28714
https://www.suse.com/security/cve/CVE-2021-28715
https://www.suse.com/security/cve/CVE-2021-33098
https://www.suse.com/security/cve/CVE-2021-4001
https://www.suse.com/security/cve/CVE-2021-4002
https://www.suse.com/security/cve/CVE-2021-43975
https://www.suse.com/security/cve/CVE-2021-43976
https://www.suse.com/security/cve/CVE-2021-45485
Plugin Details
Severity: High
ID: 156646
File Name: suse_SU-2022-0056-1.nasl
Version: 1.6
Type: Local
Agent: unix
Family: SuSE Local Security Checks
Published: 1/12/2022
Updated: 6/26/2026
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, tenable_cloud_security, tenable_self_hosted_container_security, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2021-45485
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-source-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:kernel-devel-azure, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/11/2022
Vulnerability Publication Date: 2/17/2021
Reference Information
CVE: CVE-2020-24504, CVE-2020-27820, CVE-2021-28711, CVE-2021-28712, CVE-2021-28713, CVE-2021-28714, CVE-2021-28715, CVE-2021-33098, CVE-2021-4001, CVE-2021-4002, CVE-2021-43975, CVE-2021-43976, CVE-2021-45485, CVE-2021-45486
SuSE: SUSE-SU-2022:0056-1