The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3935-1 advisory.
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service. (CVE-2017-17862)
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a pointer leak. (CVE-2017-17864)
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. (CVE-2018-13405)
A use-after-free issue was found in the way the Linux kernel’s KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the ‘pi_desc_page’ without resetting ‘pi_desc’ descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable. (CVE-2018-16882)
In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed.
User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:
A-152735806 (CVE-2020-0429)
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10.
Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767. (CVE-2020-12655)
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2020-14305)
u’Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
(CVE-2020-4788)
A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability.
(CVE-2021-20265)
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. (CVE-2021-20322)
An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi- device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. (CVE-2021-31916)
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value. (CVE-2021-33033)
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)
A flaw was found in the Linux kernel’s CAPI over Bluetooth connection code. An attacker with a local account can escalate privileges when CAPI (ISDN) hardware connection fails. (CVE-2021-34981)
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.
(CVE-2021-35477)
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.
(CVE-2021-3640)
A flaw was found in the KVM’s AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the int_ctl field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7. (CVE-2021-3653)
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)
A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. (CVE-2021-3659)
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
(CVE-2021-3679)
A flaw was found in the Routing decision classifier in the Linux kernel’s Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition.
This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3715)
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
(CVE-2021-37159)
A flaw was found in the Linux kernel’s OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible. (CVE-2021-3732)
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3752)
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753)
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)
A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. (CVE-2021-3760)
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. (CVE-2021-3772)
DISPUTED In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:
the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.
(CVE-2021-38160)
arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. (CVE-2021-38204)
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. (CVE-2021-40490)
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
(CVE-2021-42008)
A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-42739)
An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2021:3935-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(155902);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/13");
script_cve_id(
"CVE-2017-17862",
"CVE-2017-17864",
"CVE-2018-13405",
"CVE-2018-16882",
"CVE-2020-0429",
"CVE-2020-3702",
"CVE-2020-4788",
"CVE-2020-12655",
"CVE-2020-14305",
"CVE-2021-3542",
"CVE-2021-3640",
"CVE-2021-3653",
"CVE-2021-3655",
"CVE-2021-3659",
"CVE-2021-3679",
"CVE-2021-3715",
"CVE-2021-3732",
"CVE-2021-3752",
"CVE-2021-3753",
"CVE-2021-3760",
"CVE-2021-3772",
"CVE-2021-3896",
"CVE-2021-20265",
"CVE-2021-20322",
"CVE-2021-31916",
"CVE-2021-33033",
"CVE-2021-34556",
"CVE-2021-34981",
"CVE-2021-35477",
"CVE-2021-37159",
"CVE-2021-37576",
"CVE-2021-38160",
"CVE-2021-38198",
"CVE-2021-38204",
"CVE-2021-40490",
"CVE-2021-42008",
"CVE-2021-42739",
"CVE-2021-43389"
);
script_xref(name:"SuSE", value:"SUSE-SU-2021:3935-1");
script_name(english:"SUSE SLES12 Security Update : kernel (SUSE-SU-2021:3935-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as
referenced in the SUSE-SU-2021:3935-1 advisory.
- kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would
still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic
issue, could possibly be used by local users for denial of service. (CVE-2017-17862)
- kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons between the
pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially
sensitive address information, aka a pointer leak. (CVE-2017-17864)
- The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create
files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and
is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a
plain file whose group ownership is that group. The intended behavior was that the non-member can trigger
creation of a directory (but not a plain file) whose group ownership is that group. The non-member can
escalate privileges by making the plain file executable and SGID. (CVE-2018-13405)
- A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts
when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while
processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor
address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash
the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before
4.14.91 and before 4.19.13 are vulnerable. (CVE-2018-16882)
- In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a
use after free. This could lead to local escalation of privilege with System execution privileges needed.
User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:
A-152735806 (CVE-2020-0429)
- An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10.
Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka
CID-d0c7feaf8767. (CVE-2020-12655)
- An out-of-bounds memory write flaw was found in how the Linux kernel's Voice Over IP H.323 connection
tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote
user to crash the system, causing a denial of service. The highest threat from this vulnerability is to
confidentiality, integrity, as well as system availability. (CVE-2020-14305)
- u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to
improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for
a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon
Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon
Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W,
MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)
- IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive
information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
(CVE-2020-4788)
- A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux
kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by
exhausting available memory. The highest threat from this vulnerability is to system availability.
(CVE-2021-20265)
- A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux
kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an
off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this
vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source
port randomization are indirectly affected as well. (CVE-2021-20322)
- An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-
device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with
special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or
a leak of internal kernel information. The highest threat from this vulnerability is to system
availability. (CVE-2021-31916)
- The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because
the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads
to writing an arbitrary value. (CVE-2021-33033)
- In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from
kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects
the possibility of uninitialized memory locations on the BPF stack. (CVE-2021-34556)
- A flaw was found in the Linux kernel's CAPI over Bluetooth connection code. An attacker with a local
account can escalate privileges when CAPI (ISDN) hardware connection fails. (CVE-2021-34981)
- In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from
kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store
operation does not necessarily occur before a store operation that has an attacker-controlled value.
(CVE-2021-35477)
- A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the
way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del()
together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A
privileged local user could use this flaw to crash the system or escalate their privileges on the system.
(CVE-2021-3640)
- A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when
processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested
guest (L2). Due to improper validation of the int_ctl field, this issue could allow a malicious L1 to
enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest
would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak
of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to
5.14-rc7. (CVE-2021-3653)
- A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on
inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)
- A NULL pointer dereference flaw was found in the Linux kernel's IEEE 802.15.4 wireless networking
subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the
system. The highest threat from this vulnerability is to system availability. (CVE-2021-3659)
- A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was
found in the way user uses trace ring buffer in a specific way. Only privileged local users (with
CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
(CVE-2021-3679)
- A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking
subsystem in the way it handled changing of classification filters, leading to a use-after-free condition.
This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat
from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3715)
- hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev
without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
(CVE-2021-37159)
- A flaw was found in the Linux kernel's OverlayFS subsystem in the way the user mounts the TmpFS filesystem
with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be
accessible. (CVE-2021-3732)
- A use-after-free flaw was found in the Linux kernel's Bluetooth subsystem in the way user calls connect to
the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the
system or escalate their privileges. The highest threat from this vulnerability is to confidentiality,
integrity, as well as system availability. (CVE-2021-3752)
- A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may
cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl
(KDSETMDE). The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753)
- arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest
OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. (CVE-2021-37576)
- A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat
to confidentiality, integrity, and system availability. (CVE-2021-3760)
- A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP
association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and
the attacker can send packets with spoofed IP addresses. (CVE-2021-3772)
- ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss
can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE:
the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the
length validation was added solely for robustness in the face of anomalous host OS behavior.
(CVE-2021-38160)
- arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access
permissions of a shadow page, leading to a missing guest protection page fault. (CVE-2021-38198)
- drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to
cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain
situations. (CVE-2021-38204)
- A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in
the Linux kernel through 5.13.13. (CVE-2021-40490)
- The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab
out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
(CVE-2021-42008)
- A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user
calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or
escalate privileges on the system. The highest threat from this vulnerability is to confidentiality,
integrity, as well as system availability. (CVE-2021-42739)
- An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in
the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. (CVE-2021-43389)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1073928");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1098425");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1100416");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1119934");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1129735");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171217");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171420");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1173346");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176724");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1177666");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1181158");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1181854");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1181855");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1183089");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1184673");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185726");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185727");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185758");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185973");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186109");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186390");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1188172");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1188563");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1188601");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1188838");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1188876");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1188983");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1188985");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1189057");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1189262");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1189278");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1189291");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1189399");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1189420");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1189706");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190022");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190023");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190025");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190067");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190117");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190159");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190194");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190349");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190351");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190601");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190717");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191193");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191315");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191790");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191801");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191958");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191961");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192267");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192400");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192775");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192781");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-17862");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2017-17864");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-13405");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-16882");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-0429");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-12655");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-14305");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-3702");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-4788");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-20265");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-20322");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-31916");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-33033");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-34556");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-34981");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3542");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-35477");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3640");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3653");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3655");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3659");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3679");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3715");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-37159");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3732");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3752");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3753");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-37576");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3760");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3772");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-38160");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-38198");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-38204");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3896");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-40490");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-42008");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-42739");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-43389");
# https://lists.suse.com/pipermail/sle-security-updates/2021-December/009856.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?71e58fa3");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-14305");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-3653");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/12/23");
script_set_attribute(attribute:"patch_publication_date", value:"2021/12/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/12/07");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-kgraft");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-macros");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kgraft-patch-4_4_180-94_150-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12|SLES_SAP12)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(3|4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES12 SP3/4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP12" && (! preg(pattern:"^(3)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP12 SP3", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'kernel-default-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
{'reference':'kernel-default-base-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
{'reference':'kernel-default-devel-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
{'reference':'kernel-default-kgraft-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
{'reference':'kernel-devel-4.4.180-94.150.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
{'reference':'kernel-macros-4.4.180-94.150.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
{'reference':'kernel-source-4.4.180-94.150.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
{'reference':'kernel-syms-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
{'reference':'kgraft-patch-4_4_180-94_150-default-1-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3']},
{'reference':'cluster-md-kmp-default-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'cluster-md-kmp-default-4.4.180-94.150.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'cluster-md-kmp-default-4.4.180-94.150.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'dlm-kmp-default-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'dlm-kmp-default-4.4.180-94.150.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'dlm-kmp-default-4.4.180-94.150.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'gfs2-kmp-default-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'gfs2-kmp-default-4.4.180-94.150.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'gfs2-kmp-default-4.4.180-94.150.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'ocfs2-kmp-default-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'ocfs2-kmp-default-4.4.180-94.150.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'ocfs2-kmp-default-4.4.180-94.150.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-12.3']},
{'reference':'kernel-default-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-default-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-default-base-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-default-base-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-default-devel-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-default-devel-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-default-kgraft-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-default-man-4.4.180-94.150.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-devel-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-devel-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-macros-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-macros-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-source-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-source-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-syms-4.4.180-94.150.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kernel-syms-4.4.180-94.150.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},
{'reference':'kgraft-patch-4_4_180-94_150-default-1-4.3.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
var ltss_plugin_caveat = NULL;
if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
'NOTE: This vulnerability check contains fixes that apply to\n' +
'packages only available in SUSE Enterprise Linux Server LTSS\n' +
'repositories. Access to these package security updates require\n' +
'a paid SUSE LTSS subscription.\n';
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + ltss_plugin_caveat
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | cluster-md-kmp-default | p-cpe:/a:novell:suse_linux:cluster-md-kmp-default |
novell | suse_linux | dlm-kmp-default | p-cpe:/a:novell:suse_linux:dlm-kmp-default |
novell | suse_linux | gfs2-kmp-default | p-cpe:/a:novell:suse_linux:gfs2-kmp-default |
novell | suse_linux | kernel-default | p-cpe:/a:novell:suse_linux:kernel-default |
novell | suse_linux | kernel-default-base | p-cpe:/a:novell:suse_linux:kernel-default-base |
novell | suse_linux | kernel-default-devel | p-cpe:/a:novell:suse_linux:kernel-default-devel |
novell | suse_linux | kernel-default-kgraft | p-cpe:/a:novell:suse_linux:kernel-default-kgraft |
novell | suse_linux | kernel-default-man | p-cpe:/a:novell:suse_linux:kernel-default-man |
novell | suse_linux | kernel-devel | p-cpe:/a:novell:suse_linux:kernel-devel |
novell | suse_linux | kernel-macros | p-cpe:/a:novell:suse_linux:kernel-macros |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13405
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16882
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0429
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12655
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14305
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3702
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4788
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20265
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20322
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31916
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33033
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34556
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34981
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3542
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35477
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3640
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3653
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3655
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3659
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3679
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3715
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37159
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3753
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37576
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3760
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3772
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38160
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38198
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38204
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40490
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42008
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43389
www.nessus.org/u?71e58fa3
bugzilla.suse.com/1073928
bugzilla.suse.com/1098425
bugzilla.suse.com/1100416
bugzilla.suse.com/1119934
bugzilla.suse.com/1129735
bugzilla.suse.com/1171217
bugzilla.suse.com/1171420
bugzilla.suse.com/1173346
bugzilla.suse.com/1176724
bugzilla.suse.com/1177666
bugzilla.suse.com/1181158
bugzilla.suse.com/1181854
bugzilla.suse.com/1181855
bugzilla.suse.com/1183089
bugzilla.suse.com/1184673
bugzilla.suse.com/1185726
bugzilla.suse.com/1185727
bugzilla.suse.com/1185758
bugzilla.suse.com/1185973
bugzilla.suse.com/1186109
bugzilla.suse.com/1186390
bugzilla.suse.com/1188172
bugzilla.suse.com/1188563
bugzilla.suse.com/1188601
bugzilla.suse.com/1188838
bugzilla.suse.com/1188876
bugzilla.suse.com/1188983
bugzilla.suse.com/1188985
bugzilla.suse.com/1189057
bugzilla.suse.com/1189262
bugzilla.suse.com/1189278
bugzilla.suse.com/1189291
bugzilla.suse.com/1189399
bugzilla.suse.com/1189420
bugzilla.suse.com/1189706
bugzilla.suse.com/1190022
bugzilla.suse.com/1190023
bugzilla.suse.com/1190025
bugzilla.suse.com/1190067
bugzilla.suse.com/1190117
bugzilla.suse.com/1190159
bugzilla.suse.com/1190194
bugzilla.suse.com/1190349
bugzilla.suse.com/1190351
bugzilla.suse.com/1190601
bugzilla.suse.com/1190717
bugzilla.suse.com/1191193
bugzilla.suse.com/1191315
bugzilla.suse.com/1191790
bugzilla.suse.com/1191801
bugzilla.suse.com/1191958
bugzilla.suse.com/1191961
bugzilla.suse.com/1192267
bugzilla.suse.com/1192400
bugzilla.suse.com/1192775
bugzilla.suse.com/1192781
www.suse.com/security/cve/CVE-2017-17862
www.suse.com/security/cve/CVE-2017-17864
www.suse.com/security/cve/CVE-2018-13405
www.suse.com/security/cve/CVE-2018-16882
www.suse.com/security/cve/CVE-2020-0429
www.suse.com/security/cve/CVE-2020-12655
www.suse.com/security/cve/CVE-2020-14305
www.suse.com/security/cve/CVE-2020-3702
www.suse.com/security/cve/CVE-2020-4788
www.suse.com/security/cve/CVE-2021-20265
www.suse.com/security/cve/CVE-2021-20322
www.suse.com/security/cve/CVE-2021-31916
www.suse.com/security/cve/CVE-2021-33033
www.suse.com/security/cve/CVE-2021-34556
www.suse.com/security/cve/CVE-2021-34981
www.suse.com/security/cve/CVE-2021-3542
www.suse.com/security/cve/CVE-2021-35477
www.suse.com/security/cve/CVE-2021-3640
www.suse.com/security/cve/CVE-2021-3653
www.suse.com/security/cve/CVE-2021-3655
www.suse.com/security/cve/CVE-2021-3659
www.suse.com/security/cve/CVE-2021-3679
www.suse.com/security/cve/CVE-2021-3715
www.suse.com/security/cve/CVE-2021-37159
www.suse.com/security/cve/CVE-2021-3732
www.suse.com/security/cve/CVE-2021-3752
www.suse.com/security/cve/CVE-2021-3753
www.suse.com/security/cve/CVE-2021-37576
www.suse.com/security/cve/CVE-2021-3760
www.suse.com/security/cve/CVE-2021-3772
www.suse.com/security/cve/CVE-2021-38160
www.suse.com/security/cve/CVE-2021-38198
www.suse.com/security/cve/CVE-2021-38204
www.suse.com/security/cve/CVE-2021-3896
www.suse.com/security/cve/CVE-2021-40490
www.suse.com/security/cve/CVE-2021-42008
www.suse.com/security/cve/CVE-2021-42739
www.suse.com/security/cve/CVE-2021-43389