SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2022:0181-1)

medium Nessus Plugin ID 157076

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0181-1 advisory.

The SUSE MicroOS 5.0 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2021-4001: Fixed a race condition when the EBPF map is frozen. (bsc#1192990)
- CVE-2021-4002: Added a missing TLB flush that could lead to leak or corruption of data in hugetlbfs.
(bsc#1192946)
- CVE-2021-28711: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening blkfront against event channel storms. (bsc#1193440)
- CVE-2021-28712: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening netfront against event channel storms. (bsc#1193440)
- CVE-2021-28713: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening hvc_xen against event channel storms. (bsc#1193440)
- CVE-2021-28714: Fixed an issue where a guest could force Linux netback driver to hog large amounts of kernel memory by fixing rx queue stall detection. (bsc#1193442)
- CVE-2021-28715: Fixed an issue where a guest could force Linux netback driver to hog large amounts of kernel memory by do not queueing unlimited number of packages. (bsc#1193442)
- CVE-2021-33098: Fixed improper input validation in the Intel(R) Ethernet ixgbe driver that could allow an authenticate user to cause a denial of service (bnc#1192877).
- CVE-2021-43975: Fixed a flaw in hw_atl_utils_fw_rpc_wait that could allow an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. (bnc#1192845)
- CVE-2021-43976: Fixed a flaw that could allow an attacker (who can connect a crafted USB device) to cause a denial of service. (bnc#1192847)


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1139944

https://bugzilla.suse.com/1151927

https://bugzilla.suse.com/1152489

https://bugzilla.suse.com/1154353

https://bugzilla.suse.com/1154355

https://bugzilla.suse.com/1161907

https://bugzilla.suse.com/1164565

https://bugzilla.suse.com/1166780

https://bugzilla.suse.com/1176242

https://bugzilla.suse.com/1176536

https://bugzilla.suse.com/1176544

https://bugzilla.suse.com/1176545

https://bugzilla.suse.com/1176546

https://bugzilla.suse.com/1176548

https://bugzilla.suse.com/1176558

https://bugzilla.suse.com/1176559

https://bugzilla.suse.com/1176956

https://bugzilla.suse.com/1177440

https://bugzilla.suse.com/1178270

https://bugzilla.suse.com/1179211

https://bugzilla.suse.com/1179426

https://bugzilla.suse.com/1179427

https://bugzilla.suse.com/1179960

https://bugzilla.suse.com/1181148

https://bugzilla.suse.com/1181507

https://bugzilla.suse.com/1181710

https://bugzilla.suse.com/1183534

https://bugzilla.suse.com/1183540

https://bugzilla.suse.com/1183897

https://bugzilla.suse.com/1185726

https://bugzilla.suse.com/1185902

https://bugzilla.suse.com/1187541

https://bugzilla.suse.com/1189126

https://bugzilla.suse.com/1191793

https://bugzilla.suse.com/1191876

https://bugzilla.suse.com/1192267

https://bugzilla.suse.com/1192507

https://bugzilla.suse.com/1192511

https://bugzilla.suse.com/1192569

https://bugzilla.suse.com/1192606

https://bugzilla.suse.com/1192845

https://bugzilla.suse.com/1192847

https://bugzilla.suse.com/1192877

https://bugzilla.suse.com/1192946

https://bugzilla.suse.com/1192969

https://bugzilla.suse.com/1192990

https://bugzilla.suse.com/1193042

https://bugzilla.suse.com/1193169

https://bugzilla.suse.com/1193318

https://bugzilla.suse.com/1193349

https://bugzilla.suse.com/1193440

https://bugzilla.suse.com/1193442

https://www.suse.com/security/cve/CVE-2021-28711

https://www.suse.com/security/cve/CVE-2021-28712

https://www.suse.com/security/cve/CVE-2021-28713

https://www.suse.com/security/cve/CVE-2021-28714

https://www.suse.com/security/cve/CVE-2021-28715

https://www.suse.com/security/cve/CVE-2021-33098

https://www.suse.com/security/cve/CVE-2021-4001

https://www.suse.com/security/cve/CVE-2021-4002

https://www.suse.com/security/cve/CVE-2021-43975

https://www.suse.com/security/cve/CVE-2021-43976

http://www.nessus.org/u?d4fc18f7

Plugin Details

Severity: Medium

ID: 157076

File Name: suse_SU-2022-0181-1.nasl

Version: 1.7

Type: Local

Agent: unix

Published: 1/26/2022

Updated: 6/26/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.9

Percentile: 57.12

CVSS v2

Risk Factor: Medium

Base Score: 4.7

Temporal Score: 3.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:C/A:N

CVSS Score Source: CVE-2021-4001

CVSS v3

Risk Factor: Medium

Base Score: 6.7

Temporal Score: 6

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2021-43975

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt, p-cpe:/a:novell:suse_linux:dlm-kmp-rt, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt, p-cpe:/a:novell:suse_linux:kernel-rt-devel, p-cpe:/a:novell:suse_linux:kernel-rt_debug, p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel, p-cpe:/a:novell:suse_linux:kernel-syms-rt, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-devel-rt, p-cpe:/a:novell:suse_linux:kernel-source-rt

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/25/2022

Vulnerability Publication Date: 11/9/2021

Reference Information

CVE: CVE-2021-28711, CVE-2021-28712, CVE-2021-28713, CVE-2021-28714, CVE-2021-28715, CVE-2021-33098, CVE-2021-4001, CVE-2021-4002, CVE-2021-43975, CVE-2021-43976

SuSE: SUSE-SU-2022:0181-1