Detections
Analytics
SUSE SLES12 Security Update : kernel (SUSE-SU-2022:1651-1)
high Nessus Plugin ID 161160
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1651-1 advisory.The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-7755: Fixed an issue in the fd_locked_ioctl function in drivers/block/floppy.c. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR (bnc#1084513).
- CVE-2019-20811: Fixed issue in rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net- sysfs.c, where a reference count is mishandled (bnc#1172456).
- CVE-2021-20292: Fixed object validation prior to performing operations on the object in nouveau_sgdma_create_ttm in Nouveau DRM subsystem (bnc#1183723).
- CVE-2021-20321: Fixed a race condition accessing file object in the OverlayFS subsystem in the way users do rename in specific way with OverlayFS. A local user could have used this flaw to crash the system (bnc#1191647).
- CVE-2021-38208: Fixed a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call (bnc#1187055).
- CVE-2021-43389: Fixed an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).
- CVE-2022-1011: Fixed a use-after-free flaw inside the FUSE filesystem in the way a user triggers write(). This flaw allowed a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation (bnc#1197343).
- CVE-2022-1280: Fixed a use-after-free vulnerability in drm_lease_held in drivers/gpu/drm/drm_lease.c (bnc#1197914).
- CVE-2022-1353: Fixed access controll to kernel memory in the pfkey_register function in net/key/af_key.c (bnc#1198516).
- CVE-2022-1419: Fixed a concurrency use-after-free in vgem_gem_dumb_create (bsc#1198742).
- CVE-2022-1516: Fixed null-ptr-deref caused by x25_disconnect (bsc#1199012).
- CVE-2022-23960: Fixed speculation issues in the Branch History Buffer that allowed an attacker to obtain sensitive information using cache allocation (bnc#1196657).
- CVE-2022-28748: Fixed memory lead over the network by ax88179_178a devices (bsc#1196018).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1028340
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1084513
https://bugzilla.suse.com/1114648
https://bugzilla.suse.com/1121726
https://bugzilla.suse.com/1129770
https://bugzilla.suse.com/1137728
https://bugzilla.suse.com/1172456
https://bugzilla.suse.com/1183723
https://bugzilla.suse.com/1187055
https://bugzilla.suse.com/1191647
https://bugzilla.suse.com/1191958
https://bugzilla.suse.com/1194625
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196247
https://bugzilla.suse.com/1196657
https://bugzilla.suse.com/1196901
https://bugzilla.suse.com/1197075
https://bugzilla.suse.com/1197343
https://bugzilla.suse.com/1197663
https://bugzilla.suse.com/1197888
https://bugzilla.suse.com/1197914
https://bugzilla.suse.com/1198217
https://bugzilla.suse.com/1198228
https://bugzilla.suse.com/1198400
https://bugzilla.suse.com/1198413
https://bugzilla.suse.com/1198516
https://bugzilla.suse.com/1198660
https://bugzilla.suse.com/1198687
https://bugzilla.suse.com/1198742
https://bugzilla.suse.com/1198825
https://bugzilla.suse.com/1199012
http://www.nessus.org/u?7c7e6d75
https://www.suse.com/security/cve/CVE-2018-7755
https://www.suse.com/security/cve/CVE-2019-20811
https://www.suse.com/security/cve/CVE-2021-20292
https://www.suse.com/security/cve/CVE-2021-20321
https://www.suse.com/security/cve/CVE-2021-38208
https://www.suse.com/security/cve/CVE-2021-43389
https://www.suse.com/security/cve/CVE-2022-1011
https://www.suse.com/security/cve/CVE-2022-1280
https://www.suse.com/security/cve/CVE-2022-1353
https://www.suse.com/security/cve/CVE-2022-1419
Plugin Details
Severity: High
ID: 161160
File Name: suse_SU-2022-1651-1.nasl
Version: 1.7
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 5/13/2022
Updated: 9/24/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2021-20292
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2022-1419
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-source-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-azure, cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-devel-azure, p-cpe:/a:novell:suse_linux:kernel-azure-base
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/12/2022
Vulnerability Publication Date: 3/8/2018
Reference Information
CVE: CVE-2018-7755, CVE-2019-20811, CVE-2021-20292, CVE-2021-20321, CVE-2021-38208, CVE-2021-43389, CVE-2022-1011, CVE-2022-1280, CVE-2022-1353, CVE-2022-1419, CVE-2022-1516, CVE-2022-23960
SuSE: SUSE-SU-2022:1651-1