The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:1039-1 advisory.

    The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.


    The following security bugs were fixed:

    - CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-     bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299).
    - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access     could trigger crash the system or corrupt system memory (bsc#1196830).
    - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in     drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).
    - CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY flag, and tries to open a regular     file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have     occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612).
    - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could     crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
    - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in     kernel_read_file_from_fd(). (bsc#1196155)
    - CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests,     which could have lead to memory corruption (bsc#1196096).
    - CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905).
    - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897).
    - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a     move_data_page NULL pointer dereference (bsc#1195987).
    - CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in     unix_scm_to_skb of af_unix (bsc#1193731).
    - CVE-2021-39657: Fixed an information leak in the Universal Flash Storage subsystem (bsc#1193864).
    - CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive     information from heap memory via crafted frame lengths from a device (bsc#1196836).
    - CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work.
    This could lead to local escalation of privilege with no additional execution privileges needed.
    (bsc#1196956)
    - CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did not properly update bounds while     handling the mov32 instruction, which allowed local users to obtain potentially sensitive address     information (bsc#1196130).
    -     CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042:
    Fixed multiple issues which could have lead to read/write access to memory pages or denial of service.
    These issues are related to the Xen PV device frontend drivers. (bsc#1196488)


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

openSUSE 15 Security Update : kernel (openSUSE-SU-2022:1039-1)

high Nessus Plugin ID 159460

Version 1.7