Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2022-0079-1.NASL
HistoryJan 15, 2022 - 12:00 a.m.

SUSE SLES15 Security Update : kernel (SUSE-SU-2022:0079-1)

2022-01-1500:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
JSON

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0079-1 advisory.

  • Uncontrolled resource consumption in some Intel® Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.
    (CVE-2020-24504)

  • A vulnerability was found in Linux kernel, where a use-after-frees in nouveau’s postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if unbind the driver). (CVE-2020-27820)

  • Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the ability to run PV backends in regular unprivileged guests, typically referred to as driver domains.
    Running PV backends in driver domains has one primary security advantage: if a driver domain gets compromised, it doesn’t have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. There are three affected backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch 3, CVE-2021-28713 (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713)

  • Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel’s netback driver are buffered until the guest is ready to process them. There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default).
    Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time.
    (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing. (CVE-2021-28714) (CVE-2021-28714, CVE-2021-28715)

  • Improper input validation in the Intel® Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access. (CVE-2021-33098)

  • A race condition was found in the Linux kernel’s ebpf verifier between bpf_map_update_elem and bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel versions prior to 5.16 rc2. (CVE-2021-4001)

  • A memory leak flaw in the Linux kernel’s hugetlbfs memory usage was found in the way the user maps some regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the memory pages. A local user could use this flaw to get unauthorized access to some data. (CVE-2021-4002)

  • In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. (CVE-2021-43975)

  • In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
    (CVE-2021-43976)

  • In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn’t properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses. (CVE-2021-45485)

  • In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak because the hash table is very small. (CVE-2021-45486)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2022:0079-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(156760);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/14");

  script_cve_id(
    "CVE-2020-24504",
    "CVE-2020-27820",
    "CVE-2021-4001",
    "CVE-2021-4002",
    "CVE-2021-28711",
    "CVE-2021-28712",
    "CVE-2021-28713",
    "CVE-2021-28714",
    "CVE-2021-28715",
    "CVE-2021-33098",
    "CVE-2021-43975",
    "CVE-2021-43976",
    "CVE-2021-45485",
    "CVE-2021-45486"
  );
  script_xref(name:"SuSE", value:"SUSE-SU-2022:0079-1");

  script_name(english:"SUSE SLES15 Security Update : kernel (SUSE-SU-2022:0079-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in
the SUSE-SU-2022:0079-1 advisory.

  - Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version
    1.0.4 may allow an authenticated user to potentially enable denial of service via local access.
    (CVE-2020-24504)

  - A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could
    happen if removing device (that is not common to remove video card physically without power-off, but same
    happens if unbind the driver). (CVE-2020-27820)

  - Rogue backends can cause DoS of guests via high frequency events T[his CNA information record relates to
    multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen offers the
    ability to run PV backends in regular unprivileged guests, typically referred to as driver domains.
    Running PV backends in driver domains has one primary security advantage: if a driver domain gets
    compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain
    could try to attack other guests via sending events at a high frequency leading to a Denial of Service in
    the guest due to trying to service interrupts for elongated amounts of time. There are three affected
    backends: * blkfront patch 1, CVE-2021-28711 * netfront patch 2, CVE-2021-28712 * hvc_xen (console) patch
    3, CVE-2021-28713 (CVE-2021-28711, CVE-2021-28712, CVE-2021-28713)

  - Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record
    relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.]
    Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the guest is
    ready to process them. There are some measures taken for avoiding to pile up too much data, but those can
    be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming
    new packets before it is assumed to have stalled, but this timeout is rather long (60 seconds by default).
    Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time.
    (CVE-2021-28715) The timeout could even never trigger if the guest manages to have only one free slot in
    its RX queue ring page and the next package would require more than one free slot, which may be the case
    when using GSO, XDP, or software hashing. (CVE-2021-28714) (CVE-2021-28714, CVE-2021-28715)

  - Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow
    an authenticated user to potentially enable denial of service via local access. (CVE-2021-33098)

  - A race condition was found in the Linux kernel's ebpf verifier between bpf_map_update_elem and
    bpf_map_freeze due to a missing lock in kernel/bpf/syscall.c. In this flaw, a local user with a special
    privilege (cap_sys_admin or cap_bpf) can modify the frozen mapped address space. This flaw affects kernel
    versions prior to 5.16 rc2. (CVE-2021-4001)

  - A memory leak flaw in the Linux kernel's hugetlbfs memory usage was found in the way the user maps some
    regions of memory twice using shmget() which are aligned to PUD alignment with the fault of some of the
    memory pages. A local user could use this flaw to get unauthorized access to some data. (CVE-2021-4002)

  - In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in
    drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a
    crafted device) to trigger an out-of-bounds write via a crafted length value. (CVE-2021-43975)

  - In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows
    an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).
    (CVE-2021-43976)

  - In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information
    leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based
    attackers can typically choose among many IPv6 source addresses. (CVE-2021-45485)

  - In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information leak
    because the hash table is very small. (CVE-2021-45486)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1139944");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1151927");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1152489");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1153275");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1154353");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1154355");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1161907");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1164565");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1166780");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1169514");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176242");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176447");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176536");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176544");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176545");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176546");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176548");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176558");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176559");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176774");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176940");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176956");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1177440");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1178134");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1178270");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1179211");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1179426");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1179427");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1179599");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1181148");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1181507");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1181710");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1182404");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1183534");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1183540");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1183897");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1184318");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185726");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185902");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186332");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187541");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1189126");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191793");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191876");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192267");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192320");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192507");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192511");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192569");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192606");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192845");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192847");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192877");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192946");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192969");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192987");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192990");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192998");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193002");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193042");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193139");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193169");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193306");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193318");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193349");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193440");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193442");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193655");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193993");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1194087");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1194094");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1194266");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-24504");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-27820");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-28711");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-28712");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-28713");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-28714");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-28715");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-33098");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-4001");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-4002");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-43975");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-43976");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-45485");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-45486");
  # https://lists.suse.com/pipermail/sle-security-updates/2022-January/010004.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4c5c71a6");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-45485");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/02/17");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/01/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/01/15");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-devel-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-rt-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms-rt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(3)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP3", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'cluster-md-kmp-rt-5.3.18-68.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']},
    {'reference':'dlm-kmp-rt-5.3.18-68.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']},
    {'reference':'gfs2-kmp-rt-5.3.18-68.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']},
    {'reference':'kernel-devel-rt-5.3.18-68.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']},
    {'reference':'kernel-rt-5.3.18-68.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']},
    {'reference':'kernel-rt-devel-5.3.18-68.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']},
    {'reference':'kernel-rt_debug-devel-5.3.18-68.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']},
    {'reference':'kernel-source-rt-5.3.18-68.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']},
    {'reference':'kernel-syms-rt-5.3.18-68.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']},
    {'reference':'ocfs2-kmp-rt-5.3.18-68.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-rt-release-15.3']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc');
}
VendorProductVersionCPE
novellsuse_linuxcluster-md-kmp-rtp-cpe:/a:novell:suse_linux:cluster-md-kmp-rt
novellsuse_linuxdlm-kmp-rtp-cpe:/a:novell:suse_linux:dlm-kmp-rt
novellsuse_linuxgfs2-kmp-rtp-cpe:/a:novell:suse_linux:gfs2-kmp-rt
novellsuse_linuxkernel-devel-rtp-cpe:/a:novell:suse_linux:kernel-devel-rt
novellsuse_linuxkernel-rtp-cpe:/a:novell:suse_linux:kernel-rt
novellsuse_linuxkernel-rt-develp-cpe:/a:novell:suse_linux:kernel-rt-devel
novellsuse_linuxkernel-rt_debug-develp-cpe:/a:novell:suse_linux:kernel-rt_debug-devel
novellsuse_linuxkernel-source-rtp-cpe:/a:novell:suse_linux:kernel-source-rt
novellsuse_linuxkernel-syms-rtp-cpe:/a:novell:suse_linux:kernel-syms-rt
novellsuse_linuxocfs2-kmp-rtp-cpe:/a:novell:suse_linux:ocfs2-kmp-rt
Rows per page:
1-10 of 111

References

Related

nessus 44
suse 3
fedora 10
cve 13
mageia 4
ubuntucve 13
debiancve 14
prion 14
xen 2
amazon 4
redhatcve 13
ibm 6
ubuntu 9
osv 12
cloudfoundry 2
debian 2
photon 3
citrix 1
veracode 6
cbl_mariner 13
cnvd 6
broadcom 2
githubexploit 1
redhat 2
nessus
nessus
SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:0131-1)
2022-01-20 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2022:0056-1)
2022-01-12 00:00:00
openSUSE 15 Security Update : kernel (openSUSE-SU-2022:0056-1)
2022-01-12 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2022-05-07 00:00:00
Security update for the Linux Kernel (important)
2022-03-01 00:00:00
Security update for the Linux Kernel (critical)
2022-02-10 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: kernel-5.15.11-200.fc35
2021-12-26 01:27:24
[SECURITY] Fedora 34 Update: kernel-5.15.11-100.fc34
2021-12-26 01:12:01
[SECURITY] Fedora 35 Update: kernel-tools-5.15.4-200.fc35
2021-11-27 01:12:07
cve
cve
CVE-2021-28711
2022-01-05 17:15:00
CVE-2021-28712
2022-01-05 17:15:00
CVE-2021-28713
2022-01-05 17:15:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2021-12-29 22:12:56
Updated kernel-linus packages fix security vulnerabilities
2021-12-05 22:06:44
Updated kernel packages fix security vulnerabilities
2021-12-05 22:06:44
ubuntucve
ubuntucve
CVE-2021-28713
2022-01-05 00:00:00
CVE-2021-28711
2022-01-05 00:00:00
CVE-2021-28712
2022-01-05 00:00:00
debiancve
debiancve
CVE-2021-28712
2022-01-05 17:15:00
CVE-2021-28711
2022-01-05 17:15:00
CVE-2021-28713
2022-01-05 17:15:00
prion
prion
Design/Logic Flaw
2022-01-05 17:15:00
Design/Logic Flaw
2022-01-05 17:15:00
Design/Logic Flaw
2022-01-05 17:15:00
xen
xen
Rogue backends can cause DoS of guests via high frequency events
2021-12-20 09:54:00
Guest can force Linux netback driver to hog large amounts of kernel memory
2021-12-20 09:54:00
amazon
amazon
Important: kernel
2022-02-04 23:24:00
Important: kernel
2023-02-17 00:02:00
Important: kernel
2022-02-04 23:25:00
redhatcve
redhatcve
CVE-2021-28714
2022-05-20 22:29:10
CVE-2020-27820
2020-12-03 14:10:42
CVE-2021-33098
2022-03-24 18:23:57
ibm
ibm
Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System
2022-08-29 11:21:56
Security Bulletin: Multiple vulnerabilities in the Linux kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
2023-03-29 01:48:02
Security Bulletin: IBM DataPower Gateway vulnerable to network state information leakage (CVE-2021-20322, CVE-2021-45485, CVE-2021-45486)
2022-12-16 21:16:31
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-03-22 00:00:00
Linux kernel (BlueField) vulnerabilities
2022-04-13 00:00:00
Linux kernel vulnerabilities
2022-02-22 00:00:00
osv
osv
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, lnux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
2022-03-22 07:26:42
linux-bluefield vulnerabilities
2022-04-13 02:49:23
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
2022-02-22 09:27:43
cloudfoundry
cloudfoundry
USN-5338-1: Linux kernel vulnerabilities | Cloud Foundry
2022-04-14 00:00:00
USN-5298-1: Linux kernel vulnerabilities | Cloud Foundry
2022-04-21 00:00:00
debian
debian
[SECURITY] [DSA 5050-1] linux security update
2022-01-20 16:46:05
[SECURITY] [DLA 2940-1] linux security update
2022-03-09 12:40:13
photon
photon
Important Photon OS Security Update - PHSA-2022-3.0-0350
2022-01-11 00:00:00
Important Photon OS Security Update - PHSA-2021-0138
2021-12-13 00:00:00
Important Photon OS Security Update - PHSA-2021-4.0-0138
2021-12-13 00:00:00
citrix
citrix
Citrix Hypervisor Security Update
2022-01-12 11:09:52
veracode
veracode
Denial Of Service (DoS)
2022-02-08 18:06:15
Denial Of Service (DoS)
2021-11-17 22:36:42
Information Disclosure
2022-01-26 04:33:25
cbl_mariner
cbl_mariner
CVE-2021-28714 affecting package kernel 5.10.189.1-1
2022-01-26 22:54:05
CVE-2021-28715 affecting package kernel 5.10.189.1-1
2022-01-26 22:54:05
CVE-2021-43976 affecting package kernel 5.10.189.1-1
2022-01-26 22:54:05
cnvd
cnvd
Linux kernel denial-of-service vulnerability (CNVD-2021-93367)
2021-11-18 00:00:00
Linux kernel has unspecified vulnerabilities (CNVD-2022-05041)
2022-01-14 00:00:00
Linux kernel has unspecified vulnerabilities (CNVD-2022-05042)
2022-01-14 00:00:00
broadcom
broadcom
net ipv4 route.c has an information leak because the hash table is very small
2023-08-01 00:00:00
net ipv6 output_core.c has an information leak because of certain use of a hash
2023-08-01 00:00:00
githubexploit
githubexploit
Exploit for Use of a Broken or Risky Cryptographic Algorithm in Linux Linux Kernel
2022-04-28 07:38:04
redhat
redhat
(RHSA-2022:6983) Important: kernel security, bug fix, and enhancement update
2022-10-18 07:38:45
(RHSA-2022:6991) Important: kernel-rt security and bug fix update
2022-10-18 07:47:39
JSON
Related for SUSE_SU-2022-0079-1.NASL
nessus44suse3fedora10cve13mageia4ubuntucve13debiancve14prion14xen2amazon4redhatcve13ibm6ubuntu9osv12cloudfoundry2debian2photon3citrix1veracode6cbl_mariner13cnvd6broadcom2githubexploit1redhat2