CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
83.5%
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2362-1 advisory.
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865).
- CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010).
- CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161).
- CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).
- CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712).
- CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). polled (bsc#1202623).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595)
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2024:2362-1. The text itself
# is copyright (C) SUSE.
##
include('compat.inc');
if (description)
{
script_id(202093);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/08/28");
script_cve_id(
"CVE-2021-3896",
"CVE-2021-4439",
"CVE-2021-43389",
"CVE-2021-47247",
"CVE-2021-47311",
"CVE-2021-47328",
"CVE-2021-47368",
"CVE-2021-47372",
"CVE-2021-47379",
"CVE-2021-47571",
"CVE-2021-47576",
"CVE-2021-47583",
"CVE-2021-47589",
"CVE-2021-47595",
"CVE-2021-47596",
"CVE-2021-47600",
"CVE-2021-47602",
"CVE-2021-47609",
"CVE-2021-47611",
"CVE-2021-47612",
"CVE-2021-47617",
"CVE-2021-47618",
"CVE-2021-47619",
"CVE-2021-47620",
"CVE-2022-0435",
"CVE-2022-2938",
"CVE-2022-22942",
"CVE-2022-48711",
"CVE-2022-48715",
"CVE-2022-48717",
"CVE-2022-48722",
"CVE-2022-48724",
"CVE-2022-48726",
"CVE-2022-48728",
"CVE-2022-48730",
"CVE-2022-48732",
"CVE-2022-48736",
"CVE-2022-48737",
"CVE-2022-48738",
"CVE-2022-48746",
"CVE-2022-48747",
"CVE-2022-48748",
"CVE-2022-48749",
"CVE-2022-48752",
"CVE-2022-48754",
"CVE-2022-48756",
"CVE-2022-48758",
"CVE-2022-48759",
"CVE-2022-48760",
"CVE-2022-48767",
"CVE-2022-48768",
"CVE-2022-48771",
"CVE-2023-24023",
"CVE-2023-52707",
"CVE-2023-52752",
"CVE-2023-52881",
"CVE-2024-26822",
"CVE-2024-26923",
"CVE-2024-35789",
"CVE-2024-35861",
"CVE-2024-35862",
"CVE-2024-35864",
"CVE-2024-35878",
"CVE-2024-35950",
"CVE-2024-36894",
"CVE-2024-36904",
"CVE-2024-36940",
"CVE-2024-36964",
"CVE-2024-38541",
"CVE-2024-38545",
"CVE-2024-38559",
"CVE-2024-38560"
);
script_xref(name:"SuSE", value:"SUSE-SU-2024:2362-1");
script_name(english:"SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2362-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as
referenced in the SUSE-SU-2024:2362-1 advisory.
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865).
- CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010).
- CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161).
- CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).
- CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712).
- CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). polled
(bsc#1202623).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595)
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1156395");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1171988");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176447");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176774");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1181147");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191958");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195065");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195254");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1195798");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1202623");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1218148");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1219224");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1219633");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1222015");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1223011");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1223384");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1224671");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1224703");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1224749");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1224764");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1224765");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1224766");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1224865");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225010");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225047");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225109");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225161");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225184");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225203");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225487");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225518");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225611");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225732");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225749");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225840");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1225866");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226226");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226537");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226552");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226554");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226557");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226558");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226562");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226563");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226575");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226583");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226585");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226587");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226595");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226614");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226619");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226621");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226624");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226643");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226644");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226645");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226647");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226650");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226669");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226670");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226672");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226674");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226679");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226686");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226691");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226692");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226698");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226703");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226708");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226709");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226711");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226712");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226713");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226715");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226716");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226720");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226721");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226732");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226758");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226762");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226786");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1226962");
script_set_attribute(attribute:"see_also", value:"https://lists.suse.com/pipermail/sle-updates/2024-July/035872.html");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3896");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-43389");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-4439");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47247");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47311");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47328");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47368");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47372");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47379");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47571");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47576");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47583");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47589");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47595");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47596");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47600");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47602");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47609");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47611");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47612");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47617");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47618");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47619");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-47620");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-0435");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-22942");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-2938");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48711");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48715");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48717");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48722");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48724");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48726");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48728");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48730");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48732");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48736");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48737");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48738");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48746");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48747");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48748");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48749");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48752");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48754");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48756");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48758");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48759");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48760");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48767");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48768");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2022-48771");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-24023");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-52707");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-52752");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-52881");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-26822");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-26923");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-35789");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-35861");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-35862");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-35864");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-35878");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-35950");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-36894");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-36904");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-36940");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-36964");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-38541");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-38545");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-38559");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2024-38560");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-0435");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"metasploit_name", value:'vmwgfx Driver File Descriptor Handling Priv Esc');
script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/11/04");
script_set_attribute(attribute:"patch_publication_date", value:"2024/07/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/07/10");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:dlm-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gfs2-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-64kb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-64kb-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-livepatch");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_167-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-macros");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-obs-build");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-preempt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-preempt-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-zfcpdump");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES15|SLES_SAP15)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(3)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP3", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(3)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP3", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'kernel-default-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-default-devel-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-devel-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-macros-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-obs-build-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-preempt-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-preempt-devel-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-source-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-syms-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'reiserfs-kmp-default-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},
{'reference':'kernel-64kb-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},
{'reference':'kernel-64kb-devel-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},
{'reference':'kernel-default-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'kernel-default-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'kernel-default-devel-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'kernel-default-devel-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'kernel-devel-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},
{'reference':'kernel-macros-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},
{'reference':'kernel-obs-build-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'kernel-obs-build-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'kernel-preempt-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},
{'reference':'kernel-preempt-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},
{'reference':'kernel-preempt-devel-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},
{'reference':'kernel-preempt-devel-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},
{'reference':'kernel-source-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3', 'sles-ltss-release-15.3']},
{'reference':'kernel-syms-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'kernel-syms-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'reiserfs-kmp-default-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'reiserfs-kmp-default-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.3']},
{'reference':'cluster-md-kmp-default-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.3']},
{'reference':'dlm-kmp-default-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.3']},
{'reference':'gfs2-kmp-default-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.3']},
{'reference':'ocfs2-kmp-default-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-ha-release-15.3']},
{'reference':'kernel-default-livepatch-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']},
{'reference':'kernel-default-livepatch-devel-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']},
{'reference':'kernel-livepatch-5_3_18-150300_59_167-default-1-150300.7.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-live-patching-release-15.3']},
{'reference':'kernel-default-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
{'reference':'kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
{'reference':'kernel-default-devel-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
{'reference':'kernel-obs-build-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
{'reference':'kernel-syms-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
{'reference':'kernel-zfcpdump-5.3.18-150300.59.167.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']},
{'reference':'reiserfs-kmp-default-5.3.18-150300.59.167.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.3']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
var ltss_plugin_caveat = NULL;
if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
'NOTE: This vulnerability check contains fixes that apply to\n' +
'packages only available in SUSE Enterprise Linux Server LTSS\n' +
'repositories. Access to these package security updates require\n' +
'a paid SUSE LTSS subscription.\n';
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get() + ltss_plugin_caveat
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43389
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4439
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47247
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47311
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47328
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47368
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47372
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47379
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47571
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47576
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47583
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47589
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47595
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47596
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47600
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47602
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47609
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47611
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47612
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47617
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47618
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47620
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0435
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22942
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2938
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48711
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48715
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48717
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48722
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48724
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48726
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48728
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48730
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48732
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48736
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48737
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48738
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48746
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48747
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48748
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48749
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48754
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48756
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48758
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48759
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48760
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48767
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48768
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48771
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24023
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52707
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52881
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26822
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26923
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35789
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35861
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35862
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35878
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35950
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36894
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36904
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36940
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36964
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38541
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38545
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38559
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38560
bugzilla.suse.com/1156395
bugzilla.suse.com/1171988
bugzilla.suse.com/1176447
bugzilla.suse.com/1176774
bugzilla.suse.com/1181147
bugzilla.suse.com/1191958
bugzilla.suse.com/1195065
bugzilla.suse.com/1195254
bugzilla.suse.com/1195798
bugzilla.suse.com/1202623
bugzilla.suse.com/1218148
bugzilla.suse.com/1219224
bugzilla.suse.com/1219633
bugzilla.suse.com/1222015
bugzilla.suse.com/1223011
bugzilla.suse.com/1223384
bugzilla.suse.com/1224671
bugzilla.suse.com/1224703
bugzilla.suse.com/1224749
bugzilla.suse.com/1224764
bugzilla.suse.com/1224765
bugzilla.suse.com/1224766
bugzilla.suse.com/1224865
bugzilla.suse.com/1225010
bugzilla.suse.com/1225047
bugzilla.suse.com/1225109
bugzilla.suse.com/1225161
bugzilla.suse.com/1225184
bugzilla.suse.com/1225203
bugzilla.suse.com/1225487
bugzilla.suse.com/1225518
bugzilla.suse.com/1225611
bugzilla.suse.com/1225732
bugzilla.suse.com/1225749
bugzilla.suse.com/1225840
bugzilla.suse.com/1225866
bugzilla.suse.com/1226226
bugzilla.suse.com/1226537
bugzilla.suse.com/1226552
bugzilla.suse.com/1226554
bugzilla.suse.com/1226557
bugzilla.suse.com/1226558
bugzilla.suse.com/1226562
bugzilla.suse.com/1226563
bugzilla.suse.com/1226575
bugzilla.suse.com/1226583
bugzilla.suse.com/1226585
bugzilla.suse.com/1226587
bugzilla.suse.com/1226595
bugzilla.suse.com/1226614
bugzilla.suse.com/1226619
bugzilla.suse.com/1226621
bugzilla.suse.com/1226624
bugzilla.suse.com/1226643
bugzilla.suse.com/1226644
bugzilla.suse.com/1226645
bugzilla.suse.com/1226647
bugzilla.suse.com/1226650
bugzilla.suse.com/1226669
bugzilla.suse.com/1226670
bugzilla.suse.com/1226672
bugzilla.suse.com/1226674
bugzilla.suse.com/1226679
bugzilla.suse.com/1226686
bugzilla.suse.com/1226691
bugzilla.suse.com/1226692
bugzilla.suse.com/1226698
bugzilla.suse.com/1226703
bugzilla.suse.com/1226708
bugzilla.suse.com/1226709
bugzilla.suse.com/1226711
bugzilla.suse.com/1226712
bugzilla.suse.com/1226713
bugzilla.suse.com/1226715
bugzilla.suse.com/1226716
bugzilla.suse.com/1226720
bugzilla.suse.com/1226721
bugzilla.suse.com/1226732
bugzilla.suse.com/1226758
bugzilla.suse.com/1226762
bugzilla.suse.com/1226786
bugzilla.suse.com/1226962
lists.suse.com/pipermail/sle-updates/2024-July/035872.html
www.suse.com/security/cve/CVE-2021-3896
www.suse.com/security/cve/CVE-2021-43389
www.suse.com/security/cve/CVE-2021-4439
www.suse.com/security/cve/CVE-2021-47247
www.suse.com/security/cve/CVE-2021-47311
www.suse.com/security/cve/CVE-2021-47328
www.suse.com/security/cve/CVE-2021-47368
www.suse.com/security/cve/CVE-2021-47372
www.suse.com/security/cve/CVE-2021-47379
www.suse.com/security/cve/CVE-2021-47571
www.suse.com/security/cve/CVE-2021-47576
www.suse.com/security/cve/CVE-2021-47583
www.suse.com/security/cve/CVE-2021-47589
www.suse.com/security/cve/CVE-2021-47595
www.suse.com/security/cve/CVE-2021-47596
www.suse.com/security/cve/CVE-2021-47600
www.suse.com/security/cve/CVE-2021-47602
www.suse.com/security/cve/CVE-2021-47609
www.suse.com/security/cve/CVE-2021-47611
www.suse.com/security/cve/CVE-2021-47612
www.suse.com/security/cve/CVE-2021-47617
www.suse.com/security/cve/CVE-2021-47618
www.suse.com/security/cve/CVE-2021-47619
www.suse.com/security/cve/CVE-2021-47620
www.suse.com/security/cve/CVE-2022-0435
www.suse.com/security/cve/CVE-2022-22942
www.suse.com/security/cve/CVE-2022-2938
www.suse.com/security/cve/CVE-2022-48711
www.suse.com/security/cve/CVE-2022-48715
www.suse.com/security/cve/CVE-2022-48717
www.suse.com/security/cve/CVE-2022-48722
www.suse.com/security/cve/CVE-2022-48724
www.suse.com/security/cve/CVE-2022-48726
www.suse.com/security/cve/CVE-2022-48728
www.suse.com/security/cve/CVE-2022-48730
www.suse.com/security/cve/CVE-2022-48732
www.suse.com/security/cve/CVE-2022-48736
www.suse.com/security/cve/CVE-2022-48737
www.suse.com/security/cve/CVE-2022-48738
www.suse.com/security/cve/CVE-2022-48746
www.suse.com/security/cve/CVE-2022-48747
www.suse.com/security/cve/CVE-2022-48748
www.suse.com/security/cve/CVE-2022-48749
www.suse.com/security/cve/CVE-2022-48752
www.suse.com/security/cve/CVE-2022-48754
www.suse.com/security/cve/CVE-2022-48756
www.suse.com/security/cve/CVE-2022-48758
www.suse.com/security/cve/CVE-2022-48759
www.suse.com/security/cve/CVE-2022-48760
www.suse.com/security/cve/CVE-2022-48767
www.suse.com/security/cve/CVE-2022-48768
www.suse.com/security/cve/CVE-2022-48771
www.suse.com/security/cve/CVE-2023-24023
www.suse.com/security/cve/CVE-2023-52707
www.suse.com/security/cve/CVE-2023-52752
www.suse.com/security/cve/CVE-2023-52881
www.suse.com/security/cve/CVE-2024-26822
www.suse.com/security/cve/CVE-2024-26923
www.suse.com/security/cve/CVE-2024-35789
www.suse.com/security/cve/CVE-2024-35861
www.suse.com/security/cve/CVE-2024-35862
www.suse.com/security/cve/CVE-2024-35864
www.suse.com/security/cve/CVE-2024-35878
www.suse.com/security/cve/CVE-2024-35950
www.suse.com/security/cve/CVE-2024-36894
www.suse.com/security/cve/CVE-2024-36904
www.suse.com/security/cve/CVE-2024-36940
www.suse.com/security/cve/CVE-2024-36964
www.suse.com/security/cve/CVE-2024-38541
www.suse.com/security/cve/CVE-2024-38545
www.suse.com/security/cve/CVE-2024-38559
www.suse.com/security/cve/CVE-2024-38560
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
83.5%