SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2022:2809-1)

high Nessus Plugin ID 164138

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2809-1 advisory.

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2020-36557: Fixed a race condition between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free (bnc#1201429).
- CVE-2020-36558: Fixed a race condition involving VT_RESIZEX which could lead to a NULL pointer dereference and general protection fault (bnc#1200910).
- CVE-2021-4157: Fixed an out of memory bounds write flaw in the NFS subsystem, related to the replication of files with NFS. A user could potentially crash the system or escalate privileges on the system (bsc#1194013).
- CVE-2021-26341: Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage (bsc#1201050).
- CVE-2021-33655: Fixed memory out of bounds write by ioctl cmd FBIOPUT_VSCREENINFO (bnc#1201635).
- CVE-2021-33656: Fixed memory out of bounds write related to ioctl cmd PIO_FONT (bnc#1201636).
- CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which allowed a local attacker to cause memory corruption and escalate privileges to root (bnc#1199647).
- CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe subsystem. This flaw allowed a local user to crash the system or read unauthorized random data from memory. (bnc#1198829)
- CVE-2022-1679: Fixed a use-after-free in the Atheros wireless driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages (bsc#1199487).
- CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer handler in net/rose/rose_timer.c that allow attackers to crash the system without any privileges (bsc#1201251).
- CVE-2022-20132: Fixed out of bounds read due to improper input validation in lg_probe and related functions of hid-lg.c (bsc#1200619).
- CVE-2022-20141: Fixed a possible use after free due to improper locking in ip_check_mc_rcu() (bsc#1200604).
- CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599).
- CVE-2022-21505: Fixed kexec lockdown bypass with ima policy (bsc#1201458).
- CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed multiple potential data leaks with Block and Network devices when using untrusted backends (bsc#1200762).
- CVE-2022-29900, CVE-2022-29901: Fixed the RETBLEED attack, a new Spectre like Branch Target Buffer attack, that can leak arbitrary kernel information (bsc#1199657).
- CVE-2022-33981: Fixed use-after-free in floppy driver (bsc#1200692)
- CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that could lead to remote DoS (bnc#1201940).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1114648

https://bugzilla.suse.com/1194013

https://bugzilla.suse.com/1195478

https://bugzilla.suse.com/1195775

https://bugzilla.suse.com/1196472

https://bugzilla.suse.com/1196901

https://bugzilla.suse.com/1197362

https://bugzilla.suse.com/1198829

https://bugzilla.suse.com/1199487

https://bugzilla.suse.com/1199489

https://bugzilla.suse.com/1199647

https://bugzilla.suse.com/1199648

https://bugzilla.suse.com/1199657

https://bugzilla.suse.com/1200263

https://bugzilla.suse.com/1200442

https://bugzilla.suse.com/1200571

https://bugzilla.suse.com/1200599

https://bugzilla.suse.com/1200604

https://bugzilla.suse.com/1200605

https://bugzilla.suse.com/1200608

https://bugzilla.suse.com/1200619

https://bugzilla.suse.com/1200692

https://bugzilla.suse.com/1200762

https://bugzilla.suse.com/1200905

https://bugzilla.suse.com/1200910

https://bugzilla.suse.com/1201050

https://bugzilla.suse.com/1201080

https://bugzilla.suse.com/1201251

https://bugzilla.suse.com/1201429

https://bugzilla.suse.com/1201458

https://bugzilla.suse.com/1201635

https://bugzilla.suse.com/1201636

https://bugzilla.suse.com/1201644

https://bugzilla.suse.com/1201664

https://bugzilla.suse.com/1201672

https://bugzilla.suse.com/1201673

https://bugzilla.suse.com/1201676

https://bugzilla.suse.com/1201742

https://bugzilla.suse.com/1201752

https://bugzilla.suse.com/1201930

https://bugzilla.suse.com/1201940

https://www.suse.com/security/cve/CVE-2020-36557

https://www.suse.com/security/cve/CVE-2020-36558

https://www.suse.com/security/cve/CVE-2021-26341

https://www.suse.com/security/cve/CVE-2021-33655

https://www.suse.com/security/cve/CVE-2021-33656

https://www.suse.com/security/cve/CVE-2021-4157

https://www.suse.com/security/cve/CVE-2022-1116

https://www.suse.com/security/cve/CVE-2022-1462

https://www.suse.com/security/cve/CVE-2022-1679

https://www.suse.com/security/cve/CVE-2022-20132

https://www.suse.com/security/cve/CVE-2022-20141

https://www.suse.com/security/cve/CVE-2022-20154

https://www.suse.com/security/cve/CVE-2022-21505

https://www.suse.com/security/cve/CVE-2022-2318

https://www.suse.com/security/cve/CVE-2022-26365

https://www.suse.com/security/cve/CVE-2022-29900

https://www.suse.com/security/cve/CVE-2022-29901

https://www.suse.com/security/cve/CVE-2022-33740

https://www.suse.com/security/cve/CVE-2022-33741

https://www.suse.com/security/cve/CVE-2022-33742

https://www.suse.com/security/cve/CVE-2022-33981

https://www.suse.com/security/cve/CVE-2022-36946

http://www.nessus.org/u?4e3ff396

Plugin Details

Severity: High

ID: 164138

File Name: suse_SU-2022-2809-1.nasl

Version: 1.6

Type: Local

Agent: unix

Published: 8/16/2022

Updated: 6/25/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.9

Percentile: 97.36

CVSS v2

Risk Factor: High

Base Score: 7.4

Temporal Score: 5.8

Vector: CVSS2#AV:A/AC:M/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2021-4157

CVSS v3

Risk Factor: High

Base Score: 8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-preempt, p-cpe:/a:novell:suse_linux:kernel-preempt-devel, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150200_24_126-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/15/2022

Vulnerability Publication Date: 9/30/2021

Reference Information

CVE: CVE-2020-36557, CVE-2020-36558, CVE-2021-26341, CVE-2021-33655, CVE-2021-33656, CVE-2021-4157, CVE-2022-1116, CVE-2022-1462, CVE-2022-1679, CVE-2022-20132, CVE-2022-20141, CVE-2022-20154, CVE-2022-21505, CVE-2022-2318, CVE-2022-26365, CVE-2022-29900, CVE-2022-29901, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742, CVE-2022-33981, CVE-2022-36946

SuSE: SUSE-SU-2022:2809-1