SUSE SLES12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2023:0852-1)

high Nessus Plugin ID 173217

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0852-1 advisory.

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. (bsc#1205711)
- CVE-2021-4203: Fixed use-after-free read flaw that was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (bsc#1194535).
- CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer overflow (bsc#1207051).
- CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation failure (bsc#1208700).
- CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query() (bsc#1203331).
- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
- CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2022-2991: Fixed an heap-based overflow in the lightnvm implemenation (bsc#1201420).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1191881

https://bugzilla.suse.com/1194535

https://bugzilla.suse.com/1201420

https://bugzilla.suse.com/1203331

https://bugzilla.suse.com/1203332

https://bugzilla.suse.com/1205711

https://bugzilla.suse.com/1207051

https://bugzilla.suse.com/1207773

https://bugzilla.suse.com/1207795

https://bugzilla.suse.com/1208700

https://bugzilla.suse.com/1209188

https://www.suse.com/security/cve/CVE-2021-4203

https://www.suse.com/security/cve/CVE-2022-2991

https://www.suse.com/security/cve/CVE-2022-36280

https://www.suse.com/security/cve/CVE-2022-38096

https://www.suse.com/security/cve/CVE-2022-4129

https://www.suse.com/security/cve/CVE-2023-0045

https://www.suse.com/security/cve/CVE-2023-0590

https://www.suse.com/security/cve/CVE-2023-23559

https://www.suse.com/security/cve/CVE-2023-26545

http://www.nessus.org/u?39533f38

Plugin Details

Severity: High

ID: 173217

File Name: suse_SU-2023-0852-1.nasl

Version: 1.4

Type: Local

Agent: unix

Published: 3/22/2023

Updated: 6/26/2026

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7

Percentile: 98.35

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 3.8

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:P

CVSS Score Source: CVE-2021-4203

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2023-23559

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-default-kgraft, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-95_120-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/21/2023

Vulnerability Publication Date: 3/25/2022

Reference Information

CVE: CVE-2021-4203, CVE-2022-2991, CVE-2022-36280, CVE-2022-38096, CVE-2022-4129, CVE-2023-0045, CVE-2023-0590, CVE-2023-23559, CVE-2023-26545

SuSE: SUSE-SU-2023:0852-1