Lucene search
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2022-14905-1.NASLHistoryMar 09, 2022 - 12:00 a.m.
SUSE SLES11 Security Update : kernel (SUSE-SU-2022:14905-1)
2022-03-0900:00:00
This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
63
suse sles11
security update
multiple vulnerabilities
kernel
cve-2019-0136
cve-2020-12770
cve-2020-27820
cve-2021-3753
cve-2021-4155
cve-2021-45095
cve-2022-0001
cve-2022-0002
cve-2022-0492
cve-2022-0617
nessus
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.095
Percentile
94.8%
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14905-1 advisory.
-
Insufficient access control in the IntelĀ® PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access. (CVE-2019-0136)
-
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. (CVE-2020-12770)
-
A vulnerability was found in Linux kernel, where a use-after-frees in nouveauās postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if unbind the driver). (CVE-2020-27820)
-
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753)
-
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. (CVE-2021-4155)
-
pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
(CVE-2021-45095) -
Non-transparent sharing of branch predictor selectors between contexts in some IntelĀ® Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)
-
Non-transparent sharing of branch predictor within a context in some IntelĀ® Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)
-
A vulnerability was found in the Linux kernelās cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
(CVE-2022-0492) -
A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)
Note that Nessus has not tested for these issues but has instead relied only on the applicationās self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2022:14905-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(158749);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/12/07");
script_cve_id(
"CVE-2019-0136",
"CVE-2020-12770",
"CVE-2020-27820",
"CVE-2021-3753",
"CVE-2021-4155",
"CVE-2021-45095",
"CVE-2022-0001",
"CVE-2022-0002",
"CVE-2022-0492",
"CVE-2022-0617"
);
script_xref(name:"SuSE", value:"SUSE-SU-2022:14905-1");
script_name(english:"SUSE SLES11 Security Update : kernel (SUSE-SU-2022:14905-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in
the SUSE-SU-2022:14905-1 advisory.
- Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may
allow an unauthenticated user to potentially enable denial of service via adjacent access. (CVE-2019-0136)
- An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a
certain failure case, aka CID-83c6f2390040. (CVE-2020-12770)
- A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could
happen if removing device (that is not common to remove video card physically without power-off, but same
happens if unbind the driver). (CVE-2020-27820)
- A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may
cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl
(KDSETMDE). The highest threat from this vulnerability is to data confidentiality. (CVE-2021-3753)
- A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size
increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS
filesystem otherwise not accessible to them. (CVE-2021-4155)
- pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.
(CVE-2021-45095)
- Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may
allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)
- Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an
authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)
- A vulnerability was found in the Linux kernel's cgroup_release_agent_write in the
kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups
v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
(CVE-2022-0492)
- A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way
user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw
to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. (CVE-2022-0617)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171420");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1179599");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190025");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191580");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193157");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193669");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1193867");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1194272");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195109");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195543");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195908");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1196079");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1196612");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-0136");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-12770");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-27820");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3753");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-4155");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-45095");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0001");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0002");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0492");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0617");
# https://lists.suse.com/pipermail/sle-security-updates/2022-March/010396.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ba15d7fc");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-0492");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'Docker cgroups Container Escape');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/06/11");
script_set_attribute(attribute:"patch_publication_date", value:"2022/03/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/03/09");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-bigmem");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-bigmem-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-bigmem-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ec2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-pae-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ppc64");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ppc64-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-ppc64-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-trace-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES11" && (! preg(pattern:"^(4)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES11 SP4", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'kernel-default-3.0.101-108.135.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-default-base-3.0.101-108.135.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-default-devel-3.0.101-108.135.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-default-man-3.0.101-108.135.1', 'sp':'4', 'cpu':'s390x', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-ec2-3.0.101-108.135.1', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-ec2-3.0.101-108.135.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-ec2-base-3.0.101-108.135.1', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-ec2-base-3.0.101-108.135.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-ec2-devel-3.0.101-108.135.1', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-ec2-devel-3.0.101-108.135.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-pae-3.0.101-108.135.1', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-pae-base-3.0.101-108.135.1', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-pae-devel-3.0.101-108.135.1', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-source-3.0.101-108.135.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-syms-3.0.101-108.135.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-trace-3.0.101-108.135.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-trace-base-3.0.101-108.135.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-trace-devel-3.0.101-108.135.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-xen-3.0.101-108.135.1', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-xen-3.0.101-108.135.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-xen-base-3.0.101-108.135.1', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-xen-base-3.0.101-108.135.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-xen-devel-3.0.101-108.135.1', 'sp':'4', 'cpu':'i586', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']},
{'reference':'kernel-xen-devel-3.0.101-108.135.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-11.4']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
var ltss_plugin_caveat = NULL;
if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
'NOTE: This vulnerability check contains fixes that apply to\n' +
'packages only available in SUSE Enterprise Linux Server LTSS\n' +
'repositories. Access to these package security updates require\n' +
'a paid SUSE LTSS subscription.\n';
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get() + ltss_plugin_caveat
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-default / kernel-default-base / kernel-default-devel / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | kernel-bigmem | p-cpe:/a:novell:suse_linux:kernel-bigmem |
| novell | suse_linux | kernel-bigmem-base | p-cpe:/a:novell:suse_linux:kernel-bigmem-base |
| novell | suse_linux | kernel-default | p-cpe:/a:novell:suse_linux:kernel-default |
| novell | suse_linux | kernel-default-base | p-cpe:/a:novell:suse_linux:kernel-default-base |
| novell | suse_linux | kernel-default-devel | p-cpe:/a:novell:suse_linux:kernel-default-devel |
| novell | suse_linux | kernel-default-man | p-cpe:/a:novell:suse_linux:kernel-default-man |
| novell | suse_linux | kernel-ec2 | p-cpe:/a:novell:suse_linux:kernel-ec2 |
| novell | suse_linux | kernel-ec2-base | p-cpe:/a:novell:suse_linux:kernel-ec2-base |
| novell | suse_linux | kernel-ec2-devel | p-cpe:/a:novell:suse_linux:kernel-ec2-devel |
| novell | suse_linux | kernel-pae | p-cpe:/a:novell:suse_linux:kernel-pae |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0136
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12770
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27820
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3753
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4155
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45095
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0001
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0002
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0492
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0617
www.nessus.org/u?ba15d7fc
bugzilla.suse.com/1171420
bugzilla.suse.com/1179599
bugzilla.suse.com/1190025
bugzilla.suse.com/1191580
bugzilla.suse.com/1193157
bugzilla.suse.com/1193669
bugzilla.suse.com/1193867
bugzilla.suse.com/1194272
bugzilla.suse.com/1195109
bugzilla.suse.com/1195543
bugzilla.suse.com/1195908
bugzilla.suse.com/1196079
bugzilla.suse.com/1196612
www.suse.com/security/cve/CVE-2019-0136
www.suse.com/security/cve/CVE-2020-12770
www.suse.com/security/cve/CVE-2020-27820
www.suse.com/security/cve/CVE-2021-3753
www.suse.com/security/cve/CVE-2021-4155
www.suse.com/security/cve/CVE-2021-45095
www.suse.com/security/cve/CVE-2022-0001
www.suse.com/security/cve/CVE-2022-0002
www.suse.com/security/cve/CVE-2022-0492
www.suse.com/security/cve/CVE-2022-0617
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:14905-1)
2022-03-09 00:00:00
Debian: Security Advisory (DSA-5095-1)
2022-03-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0756-1)
2022-03-09 00:00:00
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2022:0756-1)
2022-03-09 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2022:0762-1)
2022-03-09 00:00:00
Debian DSA-5095-1 : linux - security update
2022-03-09 00:00:00
debian
debian
[SECURITY] [DSA 5095-1] linux security update
2022-03-09 15:30:29
osv
osv
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-03-09 00:00:00
Linux kernel vulnerabilities
2022-03-09 00:00:00
Linux kernel vulnerabilities
2022-03-09 00:00:00
intel
intel
IntelĀ® Processor Advisory
2022-03-08 00:00:00
IntelĀ® PROSet/Wireless WiFi Software Advisory
2019-06-11 00:00:00
cloudfoundry
cloudfoundry
USN-5319-1: Linux kernel vulnerabilities | Cloud Foundry
2022-04-21 00:00:00
USN-5318-1: Linux kernel vulnerabilities | Cloud Foundry
2022-03-11 00:00:00
ibm
ibm
suse
suse
Security update for the Linux Kernel (important)
2022-03-08 00:00:00
Security update for the Linux Kernel (important)
2022-03-08 00:00:00
Security update for the Linux Kernel (important)
2022-03-08 00:00:00
prion
prion
Design/Logic Flaw
2021-11-03 00:15:00
Memory corruption
2021-12-16 04:15:00
Design/Logic Flaw
2020-05-09 21:15:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-0920, CVE-2022-0492, CVE-2020-0466, CVE-2021-4155
2022-04-26 15:23:09
Fix of CVE: CVE-2020-0466, CVE-2022-0492, CVE-2021-4155, CVE-2021-0920
2022-04-26 15:21:28
nvd
nvd
veracode
veracode
Denial Of Service (DoS)
2020-11-05 03:10:03
Denial Of Service (DoS)
2023-03-06 20:41:33
Denial Of Service (DoS)
2021-12-07 00:33:32
redhatcve
redhatcve
cvelist
cvelist
cve
cve
debiancve
debiancve
cnvd
cnvd
Linux kernel information disclosure vulnerability (CNVD-2021-102393)
2021-12-17 00:00:00
Linux kernel denial-of-service vulnerability (CNVD-2022-69196)
2022-02-18 00:00:00
Linux kernel authorization issue vulnerability
2022-02-09 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-12770 affecting package kernel 5.4.91-6
2021-04-06 23:51:14
CVE-2021-45095 affecting package kernel for versions less than 5.15.18.1-1
2022-04-09 06:52:47
CVE-2021-45095 affecting package kernel 5.10.189.1-1
2022-02-01 04:54:07
ubuntucve
ubuntucve
redhat
redhat
(RHSA-2022:1417) Important: kernel security update
2022-04-19 13:57:18
(RHSA-2022:0344) Important: kernel security update
2022-02-01 13:56:19
(RHSA-2022:0335) Important: kpatch-patch security update
2022-02-01 10:43:10
oraclelinux
oraclelinux
kernel security update
2022-09-15 00:00:00
Unbreakable Enterprise kernel security update
2022-02-28 00:00:00
Unbreakable Enterprise kernel-container security update
2022-02-28 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: kernel-5.6.12-300.fc32
2020-05-15 02:37:22
lenovo
lenovo
Intel PROSet/Wireless WiFi Software Vulnerability - NL
2019-06-10 15:19:38
jvn
jvn
virtuozzo
virtuozzo
xen
xen
Multiple speculative security issues
2022-03-08 18:12:00
f5
f5
K71080411 : Linux kernel vulnerability CVE-2021-4155
2022-04-27 00:00:00
K54724312 : Linux kernel vulnerability CVE-2022-0492
2022-05-25 00:00:00
githubexploit
githubexploit
Exploit for Missing Authorization in Linux Linux Kernel
2022-03-11 08:02:46
Exploit for Missing Authorization in Linux Linux Kernel
2022-05-09 13:20:03
Exploit for Missing Authorization in Linux Linux Kernel
2022-03-07 10:03:17
packetstorm
packetstorm
Docker cgroups Container Escape
2023-12-07 00:00:00
redos
redos
ROS-20220324-01
2022-03-24 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2022-05-19 15:09:15
metasploit
metasploit
Docker cgroups Container Escape
2023-11-28 18:44:08
hivepro
hivepro
Linux Distributions affected by a privilege escalation vulnerability
2022-03-08 08:30:44
photon
photon
Important Photon OS Security Update - PHSA-2022-0151
2022-02-05 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.4
Confidence
High
EPSS
0.095
Percentile
94.8%
Related for SUSE_SU-2022-14905-1.NASL