Lucene search
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2023-3311-1.NASLHistoryAug 15, 2023 - 12:00 a.m.
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3311-1)
2023-08-1500:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
2
suse sled15
sles15
opensuse 15
intel processors
amd cpus
side channel
io_uring.c
networking subsystem
can protocol
bluetooth
relayfs
vc_screen
cls_u32
sch_qfq
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.013 Low
EPSS
Percentile
85.9%
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3311-1 advisory.
-
Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access. (CVE-2022-40982)
-
Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the access_ok check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 (CVE-2023-0459)
-
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure. (CVE-2023-20569)
-
In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking.
This could lead to local escalation of privilege in the kernel with System execution privileges needed.
User interaction is not needed for exploitation. (CVE-2023-21400) -
A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol.
This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system. (CVE-2023-2156) -
A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux.
ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service. (CVE-2023-2166) -
An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl, there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before hu->proto is set. A NULL pointer dereference may occur. (CVE-2023-31083)
-
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. (CVE-2023-3268)
-
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This flaw allows an attacker with local user access to cause a system crash or leak internal kernel information. (CVE-2023-3567)
-
A use-after-free vulnerability in the Linux kernel’s net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc.
(CVE-2023-3609) -
An out-of-bounds write vulnerability in the Linux kernel’s net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out- of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64. (CVE-2023-3611)
-
A use-after-free vulnerability in the Linux kernel’s net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 0323bce598eea038714f941ce2b22541c46d488f.
(CVE-2023-3776) -
An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info).
(CVE-2023-38409) -
A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel.
This flaw allows a local user with special privileges to impact a kernel information leak issue.
(CVE-2023-3863) -
A use-after-free flaw was found in the Linux kernel’s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. (CVE-2023-4004)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2023:3311-1. The text itself
# is copyright (C) SUSE.
##
include('compat.inc');
if (description)
{
script_id(179822);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/20");
script_cve_id(
"CVE-2022-40982",
"CVE-2023-0459",
"CVE-2023-2156",
"CVE-2023-2166",
"CVE-2023-3268",
"CVE-2023-3567",
"CVE-2023-3609",
"CVE-2023-3611",
"CVE-2023-3776",
"CVE-2023-3863",
"CVE-2023-4004",
"CVE-2023-20569",
"CVE-2023-21400",
"CVE-2023-31083",
"CVE-2023-38409"
);
script_xref(name:"SuSE", value:"SUSE-SU-2023:3311-1");
script_name(english:"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3311-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are
affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3311-1 advisory.
- Information exposure through microarchitectural state after transient execution in certain vector
execution units for some Intel(R) Processors may allow an authenticated user to potentially enable
information disclosure via local access. (CVE-2022-40982)
- Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec
allowing a user to bypass the access_ok check and pass a kernel pointer to copy_from_user(). This would
allow an attacker to leak information. We recommend upgrading beyond commit
74e19ef0ff8061ef55957c3abd71614ef0f42f47 (CVE-2023-0459)
- A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address
prediction. This may result in speculative execution at an attacker-controlled?address, potentially
leading to information disclosure. (CVE-2023-20569)
- In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking.
This could lead to local escalation of privilege in the kernel with System execution privileges needed.
User interaction is not needed for exploitation. (CVE-2023-21400)
- A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol.
This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion
failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the
system. (CVE-2023-2156)
- A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux.
ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to
crash the system or potentially cause a denial of service. (CVE-2023-2166)
- An issue was discovered in drivers/bluetooth/hci_ldisc.c in the Linux kernel 6.2. In hci_uart_tty_ioctl,
there is a race condition between HCIUARTSETPROTO and HCIUARTGETPROTO. HCI_UART_PROTO_SET is set before
hu->proto is set. A NULL pointer dereference may occur. (CVE-2023-31083)
- An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in
kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel
internal information. (CVE-2023-3268)
- A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux
Kernel. This flaw allows an attacker with local user access to cause a system crash or leak internal
kernel information. (CVE-2023-3567)
- A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to
achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return
an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can
control the reference counter and set it to zero, they can cause the reference to be freed, leading to a
use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc.
(CVE-2023-3609)
- An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited
to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-
of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend
upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64. (CVE-2023-3611)
- A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to
achieve local privilege escalation. If tcf_change_indev() fails, fw_set_parms() will immediately return an
error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can
control the reference counter and set it to zero, they can cause the reference to be freed, leading to a
use-after-free vulnerability. We recommend upgrading past commit 0323bce598eea038714f941ce2b22541c46d488f.
(CVE-2023-3776)
- An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before
6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_display
arrays can be desynchronized in fbcon_mode_deleted (the con2fb_map points at the old fb_info).
(CVE-2023-38409)
- A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel.
This flaw allows a local user with special privileges to impact a kernel information leak issue.
(CVE-2023-3863)
- A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the
nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local
user to crash the system or potentially escalate their privileges on the system. (CVE-2023-4004)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1206418");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207129");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1207948");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1210627");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1210780");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1210825");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211131");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211738");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1211811");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212445");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212502");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212604");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212766");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212901");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213167");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213272");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213287");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213304");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213417");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213578");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213585");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213586");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213588");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213601");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213620");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213632");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213653");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213713");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213715");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213747");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213756");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213759");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213777");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213810");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213812");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213856");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213857");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213863");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213867");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213870");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213871");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1213872");
script_set_attribute(attribute:"see_also", value:"https://lists.suse.com/pipermail/sle-updates/2023-August/031007.html");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-40982");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-0459");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-20569");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-21400");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2156");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-2166");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-31083");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-3268");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-3567");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-3609");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-3611");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-3776");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-38409");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-3863");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-4004");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-4004");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/01/18");
script_set_attribute(attribute:"patch_publication_date", value:"2023/08/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/15");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-64kb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-64kb-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-livepatch");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150500_55_19-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-macros");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-obs-build");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-zfcpdump");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES|SUSE)") audit(AUDIT_OS_NOT, "SUSE / openSUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+|SUSE([\d.]+))", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15|SUSE15\.5)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED15" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED15 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP15" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP15 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLES15" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP5", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'kernel-64kb-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-64kb-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-64kb-devel-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-64kb-devel-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'sp':'5', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'sp':'5', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-devel-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-devel-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-extra-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-default-extra-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-devel-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-devel-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-macros-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-macros-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-obs-build-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-obs-build-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-source-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-source-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-syms-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-syms-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-zfcpdump-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'s390x', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-zfcpdump-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'s390x', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'reiserfs-kmp-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
{'reference':'kernel-64kb-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-64kb-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-64kb-devel-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-64kb-devel-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'sp':'5', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'sp':'5', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-default-devel-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-default-devel-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-devel-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-devel-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-macros-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-macros-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-obs-build-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-obs-build-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-source-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-source-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-syms-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-syms-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-zfcpdump-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'s390x', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-zfcpdump-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'reiserfs-kmp-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-legacy-release-15.5', 'sles-release-15.5']},
{'reference':'cluster-md-kmp-64kb-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'cluster-md-kmp-default-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dlm-kmp-64kb-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dlm-kmp-default-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-allwinner-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-altera-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-amazon-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-amd-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-amlogic-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-apm-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-apple-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-arm-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-broadcom-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-cavium-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-exynos-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-freescale-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-hisilicon-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-lg-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-marvell-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-mediatek-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-nvidia-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-qcom-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-renesas-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-rockchip-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-socionext-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-sprd-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'dtb-xilinx-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'gfs2-kmp-64kb-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'gfs2-kmp-default-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-64kb-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-64kb-devel-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-64kb-extra-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-64kb-livepatch-devel-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-64kb-optional-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-debug-5.14.21-150500.55.19.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-debug-devel-5.14.21-150500.55.19.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-debug-livepatch-devel-5.14.21-150500.55.19.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-debug-vdso-5.14.21-150500.55.19.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-base-5.14.21-150500.55.19.1.150500.6.6.4', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-base-rebuild-5.14.21-150500.55.19.1.150500.6.6.4', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-base-rebuild-5.14.21-150500.55.19.1.150500.6.6.4', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-devel-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-extra-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-livepatch-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-livepatch-devel-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-optional-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-default-vdso-5.14.21-150500.55.19.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-devel-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-kvmsmall-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-kvmsmall-5.14.21-150500.55.19.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-kvmsmall-devel-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-kvmsmall-devel-5.14.21-150500.55.19.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.19.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-kvmsmall-vdso-5.14.21-150500.55.19.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-macros-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-obs-build-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-obs-qa-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-source-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-source-vanilla-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-syms-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kernel-zfcpdump-5.14.21-150500.55.19.1', 'cpu':'s390x', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kselftests-kmp-64kb-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'kselftests-kmp-default-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ocfs2-kmp-64kb-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'ocfs2-kmp-default-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'reiserfs-kmp-64kb-5.14.21-150500.55.19.1', 'cpu':'aarch64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'reiserfs-kmp-default-5.14.21-150500.55.19.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
{'reference':'cluster-md-kmp-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.5']},
{'reference':'dlm-kmp-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.5']},
{'reference':'gfs2-kmp-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.5']},
{'reference':'ocfs2-kmp-default-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.5']},
{'reference':'kernel-default-livepatch-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.5']},
{'reference':'kernel-default-livepatch-devel-5.14.21-150500.55.19.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.5']},
{'reference':'kernel-livepatch-5_14_21-150500_55_19-default-1-150500.11.3.4', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.5']},
{'reference':'kernel-default-extra-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
{'reference':'kernel-default-extra-5.14.21-150500.55.19.1', 'sp':'5', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.5', 'sled-release-15.5', 'sles-release-15.5']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | cluster-md-kmp-default | p-cpe:/a:novell:suse_linux:cluster-md-kmp-default |
| novell | suse_linux | dlm-kmp-default | p-cpe:/a:novell:suse_linux:dlm-kmp-default |
| novell | suse_linux | gfs2-kmp-default | p-cpe:/a:novell:suse_linux:gfs2-kmp-default |
| novell | suse_linux | kernel-64kb | p-cpe:/a:novell:suse_linux:kernel-64kb |
| novell | suse_linux | kernel-64kb-devel | p-cpe:/a:novell:suse_linux:kernel-64kb-devel |
| novell | suse_linux | kernel-default | p-cpe:/a:novell:suse_linux:kernel-default |
| novell | suse_linux | kernel-default-base | p-cpe:/a:novell:suse_linux:kernel-default-base |
| novell | suse_linux | kernel-default-devel | p-cpe:/a:novell:suse_linux:kernel-default-devel |
| novell | suse_linux | kernel-default-extra | p-cpe:/a:novell:suse_linux:kernel-default-extra |
| novell | suse_linux | kernel-default-livepatch | p-cpe:/a:novell:suse_linux:kernel-default-livepatch |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40982
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0459
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21400
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2156
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2166
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31083
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3268
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3567
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3609
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3611
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3776
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38409
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3863
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4004
bugzilla.suse.com/1206418
bugzilla.suse.com/1207129
bugzilla.suse.com/1207948
bugzilla.suse.com/1210627
bugzilla.suse.com/1210780
bugzilla.suse.com/1210825
bugzilla.suse.com/1211131
bugzilla.suse.com/1211738
bugzilla.suse.com/1211811
bugzilla.suse.com/1212445
bugzilla.suse.com/1212502
bugzilla.suse.com/1212604
bugzilla.suse.com/1212766
bugzilla.suse.com/1212901
bugzilla.suse.com/1213167
bugzilla.suse.com/1213272
bugzilla.suse.com/1213287
bugzilla.suse.com/1213304
bugzilla.suse.com/1213417
bugzilla.suse.com/1213578
bugzilla.suse.com/1213585
bugzilla.suse.com/1213586
bugzilla.suse.com/1213588
bugzilla.suse.com/1213601
bugzilla.suse.com/1213620
bugzilla.suse.com/1213632
bugzilla.suse.com/1213653
bugzilla.suse.com/1213713
bugzilla.suse.com/1213715
bugzilla.suse.com/1213747
bugzilla.suse.com/1213756
bugzilla.suse.com/1213759
bugzilla.suse.com/1213777
bugzilla.suse.com/1213810
bugzilla.suse.com/1213812
bugzilla.suse.com/1213856
bugzilla.suse.com/1213857
bugzilla.suse.com/1213863
bugzilla.suse.com/1213867
bugzilla.suse.com/1213870
bugzilla.suse.com/1213871
bugzilla.suse.com/1213872
lists.suse.com/pipermail/sle-updates/2023-August/031007.html
www.suse.com/security/cve/CVE-2022-40982
www.suse.com/security/cve/CVE-2023-0459
www.suse.com/security/cve/CVE-2023-20569
www.suse.com/security/cve/CVE-2023-21400
www.suse.com/security/cve/CVE-2023-2156
www.suse.com/security/cve/CVE-2023-2166
www.suse.com/security/cve/CVE-2023-31083
www.suse.com/security/cve/CVE-2023-3268
www.suse.com/security/cve/CVE-2023-3567
www.suse.com/security/cve/CVE-2023-3609
www.suse.com/security/cve/CVE-2023-3611
www.suse.com/security/cve/CVE-2023-3776
www.suse.com/security/cve/CVE-2023-38409
www.suse.com/security/cve/CVE-2023-3863
www.suse.com/security/cve/CVE-2023-4004
Related
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3376-1)
2023-08-23 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:3377-1)
2023-08-23 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3376-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3311-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:3313-1)
2024-03-04 00:00:00
amazon
amazon
Important: kernel
2023-08-03 18:09:00
Important: kernel
2023-08-03 20:16:00
Important: kernel
2023-08-03 18:09:00
osv
osv
linux-gkeop vulnerabilities
2023-08-31 13:23:41
linux-gcp-5.4, linux-oracle-5.4 vulnerabilities
2023-08-31 22:07:37
ubuntu
ubuntu
Linux kernel (Raspberry Pi) vulnerabilities
2023-09-06 00:00:00
Linux kernel vulnerabilities
2023-08-31 00:00:00
Linux kernel vulnerabilities
2023-08-29 00:00:00
virtuozzo
virtuozzo
debian
debian
[SECURITY] [DLA 3525-1] linux-5.10 security update
2023-08-11 17:21:05
[SECURITY] [DSA 5475-1] linux security update
2023-08-11 07:57:07
fedora
fedora
[SECURITY] Fedora 38 Update: xen-4.17.2-1.fc38
2023-08-16 01:22:32
[SECURITY] Fedora 37 Update: xen-4.16.5-1.fc37
2023-08-27 00:50:59
redhat
redhat
(RHSA-2023:7417) Important: kpatch-patch security update
2023-11-21 14:37:02
(RHSA-2023:7431) Important: kernel-rt security update
2023-11-21 15:05:38
(RHSA-2023:7434) Important: kernel security and bug fix update
2023-11-21 15:07:16
mageia
mageia
Updated kernel packages fix security vulnerabilities
2023-08-23 22:56:41
Updated kernel-linus packages fix security vulnerabilities
2023-08-23 22:56:41
Updated microcode packages fix security vulnerabilities
2023-08-23 22:56:41
citrix
citrix
thn
thn
cnvd
cnvd
Google Pixel elevation of privilege vulnerability
2023-07-14 00:00:00
Linux kernel fbcon.c file out-of-bounds read vulnerability
2023-07-19 00:00:00
oraclelinux
oraclelinux
kernel security update
2023-11-22 00:00:00
kernel security update
2024-04-22 00:00:00
Unbreakable Enterprise kernel security update
2023-09-11 00:00:00
prion
prion
Design/Logic Flaw
2023-07-17 22:15:00
Memory corruption
2023-07-13 00:15:00
nvd
nvd
CVE-2023-38409
2023-07-17 22:15:09
CVE-2023-21400
2023-07-13 00:15:24
cvelist
cvelist
CVE-2023-38409
2023-07-17 00:00:00
CVE-2023-21400
2023-07-12 23:53:37
redhatcve
redhatcve
debiancve
debiancve
cve
cve
CVE-2023-21400
2023-07-13 00:15:24
CVE-2023-38409
2023-07-17 22:15:09
ubuntucve
ubuntucve
CVE-2023-21400
2023-07-13 00:00:00
CVE-2023-38409
2023-07-17 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-38409 affecting package hyperv-daemons for versions less than 5.15.122.1-1
2023-08-10 16:37:57
CVE-2023-38409 affecting package kernel for versions less than 5.15.122.1-2
2023-08-10 16:37:57
CVE-2023-38409 affecting package kernel 5.10.185.1-1
2023-08-15 16:37:27
centos
centos
bpftool, kernel, perf, python security update
2024-01-12 19:36:38
ics
ics
Siemens SIMATIC IPCs
2023-09-14 12:00:00
f5
f5
K000135795: Downfall Attacks CVE-2022-40982
2023-08-09 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.013 Low
EPSS
Percentile
85.9%
Related for SUSE_SU-2023-3311-1.NASL