Detections
Analytics

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:2078-1)

high Nessus Plugin ID 162239

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2078-1 advisory.

 The SUSE Linux Enterprise 15 SP3 kernel was updated.

 The following security bugs were fixed:

 - CVE-2022-0168: Fixed a NULL pointer dereference in smb2_ioctl_query_info. (bsc#1197472)
 - CVE-2022-20008: Fixed bug that allows to read kernel heap memory due to uninitialized data in mmc_blk_read_single of block.c. (bnc#1199564)
 - CVE-2022-1972: Fixed a buffer overflow in nftable that could lead to privilege escalation. (bsc#1200019)
 - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
 - CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
 - CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
 - CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
 - CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
 - CVE-2019-19377: Fixed an user-after-free that could be triggered when an attacker mounts a crafted btrfs filesystem image. (bnc#1158266)
 - CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self (bsc#1199507).
 - CVE-2022-1184: Fixed an use-after-free and memory errors in ext4 when mounting and operating on a corrupted image. (bsc#1198577)
 - CVE-2022-1652: Fixed a statically allocated error counter inside the floppy kernel module (bsc#1199063).
 - CVE-2022-30594: Fixed restriction bypass on setting the PT_SUSPEND_SECCOMP flag (bnc#1199505).
 - CVE-2021-33061: Fixed insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1196426).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1055117

https://bugzilla.suse.com/1061840

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1103269

https://bugzilla.suse.com/1118212

https://bugzilla.suse.com/1153274

https://bugzilla.suse.com/1154353

https://bugzilla.suse.com/1156395

https://bugzilla.suse.com/1158266

https://bugzilla.suse.com/1167773

https://bugzilla.suse.com/1176447

https://bugzilla.suse.com/1178134

https://bugzilla.suse.com/1180100

https://bugzilla.suse.com/1183405

https://bugzilla.suse.com/1188885

https://bugzilla.suse.com/1195826

https://bugzilla.suse.com/1196426

https://bugzilla.suse.com/1196478

https://bugzilla.suse.com/1196570

https://bugzilla.suse.com/1196840

https://bugzilla.suse.com/1197446

https://bugzilla.suse.com/1197472

https://bugzilla.suse.com/1197601

https://bugzilla.suse.com/1197675

https://bugzilla.suse.com/1198438

https://bugzilla.suse.com/1198577

https://bugzilla.suse.com/1198971

https://bugzilla.suse.com/1198989

https://bugzilla.suse.com/1199035

https://bugzilla.suse.com/1199052

https://bugzilla.suse.com/1199063

https://bugzilla.suse.com/1199114

https://bugzilla.suse.com/1199314

https://bugzilla.suse.com/1199505

https://bugzilla.suse.com/1199507

https://bugzilla.suse.com/1199564

https://bugzilla.suse.com/1199626

https://bugzilla.suse.com/1199631

https://bugzilla.suse.com/1199650

https://bugzilla.suse.com/1199670

https://bugzilla.suse.com/1199839

https://bugzilla.suse.com/1200019

https://bugzilla.suse.com/1200045

https://bugzilla.suse.com/1200046

https://bugzilla.suse.com/1200192

https://bugzilla.suse.com/1200216

http://www.nessus.org/u?408d8b87

https://www.suse.com/security/cve/CVE-2019-19377

https://www.suse.com/security/cve/CVE-2021-33061

https://www.suse.com/security/cve/CVE-2022-0168

https://www.suse.com/security/cve/CVE-2022-1184

https://www.suse.com/security/cve/CVE-2022-1652

https://www.suse.com/security/cve/CVE-2022-1729

https://www.suse.com/security/cve/CVE-2022-20008

https://www.suse.com/security/cve/CVE-2022-21123

https://www.suse.com/security/cve/CVE-2022-21125

https://www.suse.com/security/cve/CVE-2022-21127

https://www.suse.com/security/cve/CVE-2022-21166

https://www.suse.com/security/cve/CVE-2022-21180

https://www.suse.com/security/cve/CVE-2022-30594

Plugin Details

Severity: High

ID: 162239

File Name: suse_SU-2022-2078-1.nasl

Version: 1.10

Type: local

Agent: unix

Published: 6/15/2022

Updated: 9/24/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.2

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2022-1652

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2022-30594

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_71-default, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:kernel-preempt-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-preempt-extra, p-cpe:/a:novell:suse_linux:kernel-preempt, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-extra, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-64kb

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/14/2022

Vulnerability Publication Date: 11/29/2019

Reference Information

CVE: CVE-2019-19377, CVE-2021-33061, CVE-2022-0168, CVE-2022-1184, CVE-2022-1652, CVE-2022-1729, CVE-2022-20008, CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166, CVE-2022-21180, CVE-2022-30594

SuSE: SUSE-SU-2022:2078-1