Detections
Analytics

SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2023:1800-1)

high Nessus Plugin ID 174049

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1800-1 advisory.

 The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

 The following security bugs were fixed:

 - CVE-2017-5753: Fixed spectre V1 vulnerability on netlink (bsc#1209547).
 - CVE-2017-5753: Fixed spectre vulnerability in prlimit (bsc#1209256).
 - CVE-2021-3923: Fixed stack information leak vulnerability that could lead to kernel protection bypass in infiniband RDMA (bsc#1209778).
 - CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635).
 - CVE-2023-0394: Fixed a null pointer dereference flaw in the network subcomponent in the Linux kernel which could lead to system crash (bsc#1207168).
 - CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787).
 - CVE-2023-1075: Fixed a type confusion in tls_is_tx_ready (bsc#1208598).
 - CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets (bsc#1208599).
 - CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback (bsc#1208601).
 - CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed list head (bsc#1208777).
 - CVE-2023-1281: Fixed use after free that could lead to privilege escalation in tcindex (bsc#1209634).
 - CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288).
 - CVE-2023-1390: Fixed remote DoS vulnerability in tipc_link_xmit() (bsc#1209289).
 - CVE-2023-1513: Fixed an uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak (bsc#1209532).
 - CVE-2023-1582: Fixed soft lockup in __page_mapcount (bsc#1209636).
 - CVE-2023-23004: Fixed misinterpretation of get_sg_table return value (bsc#1208843).
 - CVE-2023-25012: Fixed a use-after-free in bigben_set_led() (bsc#1207560).
 - CVE-2023-28327: Fixed DoS in in_skb in unix_diag_get_exact() (bsc#1209290).
 - CVE-2023-28328: Fixed a denial of service issue in az6027 driver in drivers/media/usb/dev-usb/az6027.c (bsc#1209291).
 - CVE-2023-28464: Fixed user-after-free that could lead to privilege escalation in hci_conn_cleanup in net/bluetooth/hci_conn.c (bsc#1209052).
 - CVE-2023-28466: Fixed race condition that could lead to use-after-free or NULL pointer dereference in do_tls_getsockopt in net/tls/tls_main.c (bsc#1209366).
 - CVE-2023-28772: Fixed buffer overflow in seq_buf_putmem_hex in lib/seq_buf.c (bsc#1209549).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1207168

https://bugzilla.suse.com/1207185

https://bugzilla.suse.com/1207560

https://bugzilla.suse.com/1208179

https://bugzilla.suse.com/1208598

https://bugzilla.suse.com/1208599

https://bugzilla.suse.com/1208601

https://bugzilla.suse.com/1208777

https://bugzilla.suse.com/1208787

https://bugzilla.suse.com/1208843

https://bugzilla.suse.com/1209008

https://bugzilla.suse.com/1209052

https://bugzilla.suse.com/1209256

https://bugzilla.suse.com/1209288

https://bugzilla.suse.com/1209289

https://bugzilla.suse.com/1209290

https://bugzilla.suse.com/1209291

https://bugzilla.suse.com/1209366

https://bugzilla.suse.com/1209532

https://bugzilla.suse.com/1209547

https://bugzilla.suse.com/1209549

https://bugzilla.suse.com/1209634

https://bugzilla.suse.com/1209635

https://bugzilla.suse.com/1209636

https://bugzilla.suse.com/1209672

https://bugzilla.suse.com/1209683

https://bugzilla.suse.com/1209778

https://lists.suse.com/pipermail/sle-updates/2023-April/028739.html

https://www.suse.com/security/cve/CVE-2017-5753

https://www.suse.com/security/cve/CVE-2021-3923

https://www.suse.com/security/cve/CVE-2022-4744

https://www.suse.com/security/cve/CVE-2023-0394

https://www.suse.com/security/cve/CVE-2023-0461

https://www.suse.com/security/cve/CVE-2023-1075

https://www.suse.com/security/cve/CVE-2023-1076

https://www.suse.com/security/cve/CVE-2023-1078

https://www.suse.com/security/cve/CVE-2023-1095

https://www.suse.com/security/cve/CVE-2023-1281

https://www.suse.com/security/cve/CVE-2023-1382

https://www.suse.com/security/cve/CVE-2023-1390

https://www.suse.com/security/cve/CVE-2023-1513

https://www.suse.com/security/cve/CVE-2023-1582

https://www.suse.com/security/cve/CVE-2023-23004

https://www.suse.com/security/cve/CVE-2023-25012

https://www.suse.com/security/cve/CVE-2023-28327

https://www.suse.com/security/cve/CVE-2023-28328

https://www.suse.com/security/cve/CVE-2023-28464

https://www.suse.com/security/cve/CVE-2023-28466

https://www.suse.com/security/cve/CVE-2023-28772

Plugin Details

Severity: High

ID: 174049

File Name: suse_SU-2023-1800-1.nasl

Version: 1.6

Type: Local

Agent: unix

Published: 4/11/2023

Updated: 6/25/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, tenable_cloud_security, tenable_self_hosted_container_security, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.5

CVSS v2

Risk Factor: Medium

Base Score: 4.7

Temporal Score: 4.1

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2017-5753

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS Score Source: CVE-2023-28464

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-preempt-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-preempt, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150200_24_148-default, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/6/2023

Vulnerability Publication Date: 1/3/2018

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2017-5753, CVE-2021-3923, CVE-2022-4744, CVE-2023-0394, CVE-2023-0461, CVE-2023-1075, CVE-2023-1076, CVE-2023-1078, CVE-2023-1095, CVE-2023-1281, CVE-2023-1382, CVE-2023-1390, CVE-2023-1513, CVE-2023-1582, CVE-2023-23004, CVE-2023-25012, CVE-2023-28327, CVE-2023-28328, CVE-2023-28464, CVE-2023-28466, CVE-2023-28772

SuSE: SUSE-SU-2023:1800-1