Detections
Analytics
SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1037-1)
high Nessus Plugin ID 159357
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1037-1 advisory.The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of- bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299).
- CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830).
- CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).
- CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).
- CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
- CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155)
- CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096).
- CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905).
- CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).
- CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987).
- CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731).
- CVE-2021-39657: Fixed an information leak in the Universal Flash Storage subsystem (bsc#1193864).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176774
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1179439
https://bugzilla.suse.com/1181147
https://bugzilla.suse.com/1191428
https://bugzilla.suse.com/1192273
https://bugzilla.suse.com/1193731
https://bugzilla.suse.com/1193787
https://bugzilla.suse.com/1193864
https://bugzilla.suse.com/1194463
https://bugzilla.suse.com/1194516
https://bugzilla.suse.com/1195211
https://bugzilla.suse.com/1195254
https://bugzilla.suse.com/1195403
https://bugzilla.suse.com/1195612
https://bugzilla.suse.com/1195897
https://bugzilla.suse.com/1195905
https://bugzilla.suse.com/1195939
https://bugzilla.suse.com/1195949
https://bugzilla.suse.com/1195987
https://bugzilla.suse.com/1196079
https://bugzilla.suse.com/1196095
https://bugzilla.suse.com/1196132
https://bugzilla.suse.com/1196155
https://bugzilla.suse.com/1196299
https://bugzilla.suse.com/1196301
https://bugzilla.suse.com/1196433
https://bugzilla.suse.com/1196468
https://bugzilla.suse.com/1196472
https://bugzilla.suse.com/1196627
https://bugzilla.suse.com/1196723
https://bugzilla.suse.com/1196779
https://bugzilla.suse.com/1196830
https://bugzilla.suse.com/1196836
https://bugzilla.suse.com/1196866
https://bugzilla.suse.com/1196868
http://www.nessus.org/u?0509572b
https://www.suse.com/security/cve/CVE-2021-0920
https://www.suse.com/security/cve/CVE-2021-39657
https://www.suse.com/security/cve/CVE-2021-44879
https://www.suse.com/security/cve/CVE-2022-0487
https://www.suse.com/security/cve/CVE-2022-0617
https://www.suse.com/security/cve/CVE-2022-24448
https://www.suse.com/security/cve/CVE-2022-24958
https://www.suse.com/security/cve/CVE-2022-24959
https://www.suse.com/security/cve/CVE-2022-25258
Plugin Details
Severity: High
ID: 159357
File Name: suse_SU-2022-1037-1.nasl
Version: 1.11
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/31/2022
Updated: 9/25/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.9
CVSS v2
Risk Factor: Medium
Base Score: 6.9
Temporal Score: 6
Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2022-25636
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.5
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CVSS Score Source: CVE-2022-26490
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-source-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:kernel-devel-azure, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/30/2022
Vulnerability Publication Date: 12/15/2021
CISA Known Exploited Vulnerability Due Dates: 6/13/2022
Exploitable With
Core Impact
Reference Information
CVE: CVE-2021-0920, CVE-2021-39657, CVE-2021-44879, CVE-2022-0487, CVE-2022-0617, CVE-2022-24448, CVE-2022-24958, CVE-2022-24959, CVE-2022-25258, CVE-2022-25636, CVE-2022-26490
SuSE: SUSE-SU-2022:1037-1