Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2022-0267-1.NASL
HistoryFeb 02, 2022 - 12:00 a.m.

SUSE SLES12 Security Update : kernel (Live Patch 17 for SLE 12 SP5) (SUSE-SU-2022:0267-1)

2022-02-0200:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19
JSON

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0267-1 advisory.

  • u’Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic’ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)

  • A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-42739)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2022:0267-1. The text itself
# is copyright (C) SUSE.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(157310);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/13");

  script_cve_id("CVE-2020-3702", "CVE-2021-42739");
  script_xref(name:"SuSE", value:"SUSE-SU-2022:0267-1");

  script_name(english:"SUSE SLES12 Security Update : kernel (Live Patch 17 for SLE 12 SP5) (SUSE-SU-2022:0267-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in
the SUSE-SU-2022:0267-1 advisory.

  - u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to
    improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for
    a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon
    Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon
    Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W,
    MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 (CVE-2020-3702)

  - A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user
    calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or
    escalate privileges on the system. The highest threat from this vulnerability is to confidentiality,
    integrity, as well as system availability. (CVE-2021-42739)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191529");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192036");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-3702");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-42739");
  # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010157.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?36b6004e");
  script_set_attribute(attribute:"solution", value:
"Update the affected kgraft-patch-4_12_14-122_66-default package.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-42739");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/09/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/02/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_66-default");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES12 SP5", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'kgraft-patch-4_12_14-122_66-default-11-2.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kgraft-patch-4_12_14-122_66-default');
}
VendorProductVersionCPE
novellsuse_linuxkgraft-patch-4_12_14-122_66-defaultp-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_66-default
novellsuse_linux12cpe:/o:novell:suse_linux:12

Related

nessus 100
fedora 3
debiancve 2
cbl_mariner 2
veracode 1
cve 3
f5 1
redhatcve 2
prion 2
arista 1
ubuntucve 2
osv 20
ubuntu 14
redhat 6
photon 6
oraclelinux 3
centos 1
cloudfoundry 5
mageia 4
suse 11
debian 5
ibm 1
rocky 2
slackware 1
almalinux 1
nessus
nessus
SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 20 for SLE 12 SP5) (SUSE-SU-2022:0246-1)
2022-02-01 00:00:00
SUSE SLES12 Security Update : kernel (Live Patch 20 for SLE 12 SP4) (SUSE-SU-2022:0298-1)
2022-02-03 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 24 for SLE 15) (SUSE-SU-2022:0237-1)
2022-02-01 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: kernel-5.14.17-101.fc33
2021-11-14 03:50:20
[SECURITY] Fedora 34 Update: kernel-5.14.17-201.fc34
2021-11-14 03:45:59
[SECURITY] Fedora 35 Update: kernel-5.14.17-301.fc35
2021-11-14 04:10:25
debiancve
debiancve
CVE-2021-42739
2021-10-20 07:15:00
CVE-2020-3702
2020-09-08 10:15:00
cbl_mariner
cbl_mariner
CVE-2021-42739 affecting package kernel 5.10.189.1-1
2021-12-17 20:10:00
CVE-2021-42739 affecting package kernel 5.10.78.1-1
2022-04-09 06:52:47
veracode
veracode
Denial Of Service (DoS)
2022-01-14 06:01:30
cve
cve
CVE-2021-42739
2021-10-20 07:15:00
CVE-2020-3702
2020-09-08 10:15:00
CVE-2021-3542
2021-10-20 15:15:00
f5
f5
K22113693 : Linux kernel vulnerability CVE-2021-42739
2022-03-31 00:00:00
redhatcve
redhatcve
CVE-2021-42739
2021-10-26 21:24:45
CVE-2020-3702
2021-10-05 14:26:55
prion
prion
Heap overflow
2021-10-20 07:15:00
Information disclosure
2020-09-08 10:15:00
arista
arista
Security Advisory 0058
2020-12-16 00:00:00
ubuntucve
ubuntucve
CVE-2020-3702
2020-09-08 00:00:00
CVE-2021-42739
2021-10-20 00:00:00
osv
osv
linux-gke, linux-gke-5.4 vulnerabilities
2022-02-03 04:13:54
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4 regression
2022-02-11 07:28:28
linux-raspi, linux-raspi-5.4 vulnerabilities
2022-02-17 06:11:12
ubuntu
ubuntu
Linux kernel (GKE) vulnerabilities
2022-02-03 00:00:00
Linux kernel vulnerabilities
2022-02-03 00:00:00
Linux kernel (Raspberry Pi) vulnerabilities
2022-02-17 00:00:00
redhat
redhat
(RHSA-2022:0065) Moderate: kernel-rt security and bug fix update
2022-01-11 09:03:22
(RHSA-2022:0063) Moderate: kernel security and bug fix update
2022-01-11 09:02:34
(RHSA-2022:0236) Moderate: OpenShift Container Platform 3.11.570 security update
2022-01-25 15:16:21
photon
photon
Important Photon OS Security Update - PHSA-2021-3.0-0336
2021-12-02 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0399
2021-10-01 00:00:00
Important Photon OS Security Update - PHSA-2021-0302
2021-09-19 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2022-01-11 00:00:00
Unbreakable Enterprise kernel security update
2022-11-01 00:00:00
kernel security, bug fix, and enhancement update
2022-05-17 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2022-01-18 13:57:43
cloudfoundry
cloudfoundry
USN-5267-1: Linux kernel vulnerabilities | Cloud Foundry
2022-03-10 00:00:00
USN-5267-2: Linux kernel regression | Cloud Foundry
2022-03-10 00:00:00
USN-5114-1: Linux kernel vulnerabilities | Cloud Foundry
2021-10-28 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2021-09-08 12:23:46
Updated kernel packages fix security vulnerabilities
2021-08-23 08:28:48
Updated kernel packages fix security vulnerabilities
2021-11-11 18:02:40
suse
suse
Security update for the Linux Kernel (important)
2021-10-15 00:00:00
Security update for the Linux Kernel (important)
2021-10-15 00:00:00
Security update for the Linux Kernel (important)
2021-10-12 00:00:00
debian
debian
[SECURITY] [DLA 2843-1] linux security update
2021-12-16 21:27:40
[SECURITY] [DSA 4978-1] linux security update
2021-09-25 08:09:05
[SECURITY] [DSA 4978-1] linux security update
2021-09-25 08:09:05
ibm
ibm
Security Bulletin: IBM QRadar Network Packet Capture is using components with known vulnerabilities
2022-03-31 14:40:20
rocky
rocky
kernel-rt security and bug fix update
2022-05-10 06:42:36
kernel security, bug fix, and enhancement update
2022-05-10 08:11:36
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2022-02-01 05:01:08
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2022-05-10 08:11:36
JSON
Related for SUSE_SU-2022-0267-1.NASL
nessus100fedora3debiancve2cbl_mariner2veracode1cve3f51redhatcve2prion2arista1ubuntucve2osv20ubuntu14redhat6photon6oraclelinux3centos1cloudfoundry5mageia4suse11debian5ibm1rocky2slackware1almalinux1