SUSE SLES15: cluster-md-kmp-azure / dlm-kmp-azure / gfs2-kmp-azure / etc (SUSE-SU-2022:3609-1)

high Nessus Plugin ID 166257

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3609-1 advisory.

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.


The following security bugs were fixed:

- CVE-2022-39190: Fixed an issue that was discovered in net/netfilter/nf_tables_api.c and could cause a denial of service upon binding to an already bound chain (bnc#1203117).
- CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where a device driver can free a page while it still has stale TLB entries (bnc#1203107).
- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in net/xfrm/xfrm_policy.c where a refcount could be dropped twice (bnc#1201948).
- CVE-2022-3028: Fixed race condition that was found in the IP framework for transforming packets (XFRM subsystem) (bnc#1202898).
- CVE-2022-2977: Fixed reference counting for struct tpm_chip (bsc#1202672).
- CVE-2022-2905: Fixed tnum_range usage on array range checking for poke descriptors (bsc#1202564, bsc#1202860).
- CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where the message handling could be confused and incorrectly matches the message (bnc#1202097).
- CVE-2022-2639: Fixed an integer coercion error that was found in the openvswitch kernel module (bnc#1202154).
- CVE-2022-26373: Fixed non-transparent sharing of return predictor targets between contexts in some Intel Processors (bnc#1201726).
- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
- CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg() (bsc#1202346).
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bnc#1194535).
- CVE-2021-4155: Fixed a data leak flaw that was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272).
- CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where an attacker was able to inject data into or terminate a victim's TCP session (bnc#1196616).
- CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl() printer_ioctl() when accessing a deallocated instance (bnc#1202895).
- CVE-2016-3695: Fixed an issue inside the einj_error_inject function in drivers/acpi/apei/einj.c that allowed users to simulate hardware errors and consequently cause a denial of service (bnc#1023051).
- CVE-2022-3303: Fixed a race condition in the sound subsystem due to improper locking (bnc#1203769).
- CVE-2022-41218: Fixed an use-after-free caused by refcount races in drivers/media/dvb-core/dmxdev.c (bnc#1202960).
- CVE-2022-3239: Fixed an use-after-free in the video4linux driver that could lead a local user to able to crash the system or escalate their privileges (bnc#1203552).
- CVE-2022-41848: Fixed a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl (bnc#1203987).
- CVE-2022-41849: Fixed a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open (bnc#1203992).
- CVE-2022-2586: Fixed a use-after-free which can be triggered when a nft table is deleted (bnc#1202095).
- CVE-2022-41222: Fixed a use-after-free via a stale TLB because an rmap lock is not held during a PUD move (bnc#1203622).
- CVE-2022-2503: Fixed a bug in dm-verity, device-mapper table reloads allowed users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allowed root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates (bnc#1202677).
- CVE-2020-16119: Fixed a use-after-free vulnerability exploitable by a local attacker due to reuse of a DCCP socket. (bnc#1177471)


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1023051

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1156395

https://bugzilla.suse.com/1177471

https://bugzilla.suse.com/1179722

https://bugzilla.suse.com/1179723

https://bugzilla.suse.com/1181862

https://bugzilla.suse.com/1185032

https://bugzilla.suse.com/1191662

https://bugzilla.suse.com/1191667

https://bugzilla.suse.com/1191881

https://bugzilla.suse.com/1192594

https://bugzilla.suse.com/1194023

https://bugzilla.suse.com/1194272

https://bugzilla.suse.com/1194535

https://bugzilla.suse.com/1196444

https://bugzilla.suse.com/1196616

https://bugzilla.suse.com/1196867

https://bugzilla.suse.com/1197158

https://bugzilla.suse.com/1197659

https://bugzilla.suse.com/1197755

https://bugzilla.suse.com/1197756

https://bugzilla.suse.com/1197757

https://bugzilla.suse.com/1197760

https://bugzilla.suse.com/1197763

https://bugzilla.suse.com/1197920

https://bugzilla.suse.com/1198971

https://bugzilla.suse.com/1199255

https://bugzilla.suse.com/1199291

https://bugzilla.suse.com/1200084

https://bugzilla.suse.com/1200313

https://bugzilla.suse.com/1200431

https://bugzilla.suse.com/1200622

https://bugzilla.suse.com/1200845

https://bugzilla.suse.com/1200868

https://bugzilla.suse.com/1200869

https://bugzilla.suse.com/1200870

https://bugzilla.suse.com/1200871

https://bugzilla.suse.com/1200872

https://bugzilla.suse.com/1200873

https://bugzilla.suse.com/1201019

https://bugzilla.suse.com/1201309

https://bugzilla.suse.com/1201310

https://bugzilla.suse.com/1201420

https://bugzilla.suse.com/1201442

https://bugzilla.suse.com/1201489

https://bugzilla.suse.com/1201610

https://bugzilla.suse.com/1201645

https://bugzilla.suse.com/1201705

https://bugzilla.suse.com/1201726

https://bugzilla.suse.com/1201865

https://bugzilla.suse.com/1201948

https://bugzilla.suse.com/1201990

https://bugzilla.suse.com/1202095

https://bugzilla.suse.com/1202096

https://bugzilla.suse.com/1202097

https://bugzilla.suse.com/1202154

https://bugzilla.suse.com/1202341

https://bugzilla.suse.com/1202346

https://bugzilla.suse.com/1202347

https://bugzilla.suse.com/1202385

https://bugzilla.suse.com/1202393

https://bugzilla.suse.com/1202396

https://bugzilla.suse.com/1202447

https://bugzilla.suse.com/1202577

https://bugzilla.suse.com/1202636

https://bugzilla.suse.com/1202672

https://bugzilla.suse.com/1202677

https://bugzilla.suse.com/1202701

https://bugzilla.suse.com/1202708

https://bugzilla.suse.com/1202709

https://bugzilla.suse.com/1202710

https://bugzilla.suse.com/1202711

https://bugzilla.suse.com/1202712

https://bugzilla.suse.com/1202713

https://bugzilla.suse.com/1202714

https://bugzilla.suse.com/1202715

https://bugzilla.suse.com/1202716

https://bugzilla.suse.com/1202717

https://bugzilla.suse.com/1202718

https://bugzilla.suse.com/1202720

https://bugzilla.suse.com/1202722

https://bugzilla.suse.com/1202745

https://bugzilla.suse.com/1202756

https://bugzilla.suse.com/1202810

https://bugzilla.suse.com/1202811

https://bugzilla.suse.com/1202860

https://bugzilla.suse.com/1202895

https://bugzilla.suse.com/1202898

https://bugzilla.suse.com/1202960

https://bugzilla.suse.com/1202984

https://bugzilla.suse.com/1203063

https://bugzilla.suse.com/1203098

https://bugzilla.suse.com/1203107

https://bugzilla.suse.com/1203116

https://bugzilla.suse.com/1203117

https://bugzilla.suse.com/1203135

https://bugzilla.suse.com/1203136

https://bugzilla.suse.com/1203137

https://bugzilla.suse.com/1203159

https://bugzilla.suse.com/1203313

https://bugzilla.suse.com/1203389

https://bugzilla.suse.com/1203410

https://bugzilla.suse.com/1203424

https://bugzilla.suse.com/1203552

https://bugzilla.suse.com/1203622

https://bugzilla.suse.com/1203737

https://bugzilla.suse.com/1203769

https://bugzilla.suse.com/1203906

https://bugzilla.suse.com/1203909

https://bugzilla.suse.com/1203933

https://bugzilla.suse.com/1203935

https://bugzilla.suse.com/1203939

https://bugzilla.suse.com/1203987

https://bugzilla.suse.com/1203992

https://www.suse.com/security/cve/CVE-2016-3695

https://www.suse.com/security/cve/CVE-2020-16119

https://www.suse.com/security/cve/CVE-2020-27784

https://www.suse.com/security/cve/CVE-2020-36516

https://www.suse.com/security/cve/CVE-2021-4155

https://www.suse.com/security/cve/CVE-2021-4203

https://www.suse.com/security/cve/CVE-2022-20368

https://www.suse.com/security/cve/CVE-2022-20369

https://www.suse.com/security/cve/CVE-2022-2503

https://www.suse.com/security/cve/CVE-2022-2586

https://www.suse.com/security/cve/CVE-2022-2588

https://www.suse.com/security/cve/CVE-2022-26373

https://www.suse.com/security/cve/CVE-2022-2639

https://www.suse.com/security/cve/CVE-2022-2663

https://www.suse.com/security/cve/CVE-2022-2905

https://www.suse.com/security/cve/CVE-2022-2977

https://www.suse.com/security/cve/CVE-2022-3028

https://www.suse.com/security/cve/CVE-2022-3239

https://www.suse.com/security/cve/CVE-2022-3303

https://www.suse.com/security/cve/CVE-2022-36879

https://www.suse.com/security/cve/CVE-2022-39188

https://www.suse.com/security/cve/CVE-2022-39190

https://www.suse.com/security/cve/CVE-2022-41218

https://www.suse.com/security/cve/CVE-2022-41222

https://www.suse.com/security/cve/CVE-2022-41848

https://www.suse.com/security/cve/CVE-2022-41849

http://www.nessus.org/u?868a3805

Plugin Details

Severity: High

ID: 166257

File Name: suse_SU-2022-3609-1.nasl

Version: 1.10

Type: Local

Agent: unix

Published: 10/19/2022

Updated: 6/25/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.5

Percentile: 99.86

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:P

CVSS Score Source: CVE-2021-4203

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2022-3239

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-devel-azure, p-cpe:/a:novell:suse_linux:kernel-source-azure

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 10/18/2022

Vulnerability Publication Date: 12/29/2017

CISA Known Exploited Vulnerability Due Dates: 7/17/2024

Exploitable With

Core Impact

Reference Information

CVE: CVE-2016-3695, CVE-2020-16119, CVE-2020-27784, CVE-2020-36516, CVE-2021-4155, CVE-2021-4203, CVE-2022-20368, CVE-2022-20369, CVE-2022-2503, CVE-2022-2586, CVE-2022-2588, CVE-2022-26373, CVE-2022-2639, CVE-2022-2663, CVE-2022-2905, CVE-2022-2977, CVE-2022-3028, CVE-2022-3239, CVE-2022-3303, CVE-2022-36879, CVE-2022-39188, CVE-2022-39190, CVE-2022-41218, CVE-2022-41222, CVE-2022-41848, CVE-2022-41849

SuSE: SUSE-SU-2022:3609-1