Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

SUSE: Security Advisory (SUSE-SU-2022:0169-1)

Information

Severity

Severity

Medium

Family

Family

SuSE Local Security Checks

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

2 years ago

Modified

Modified

2 years ago

Summary

The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2022:0169-1 advisory.

Insight

Insight

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation (bsc#1194517). CVE-2022-0322: Fixed a denial of service in SCTP sctp_addto_chunk (bsc#1194985). CVE-2021-4197: Fixed a cgroup issue where lower privileged processes could write to fds of lower privileged ones that could lead to privilege escalation (bsc#1194302). CVE-2021-46283: nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace (bnc#1194518). CVE-2021-4135: Fixed an information leak in the nsim_bpf_map_alloc function (bsc#1193927). CVE-2021-4202: Fixed a race condition during NFC device remove which could lead to a use-after-free memory corruption (bsc#1194529) CVE-2021-4083: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allowed a local user to crash the system or escalate their privileges on the system. (bnc#1193727). CVE-2021-4149: Fixed a locking condition in btrfs which could lead to system deadlocks (bsc#1194001). CVE-2021-45485: In the IPv6 implementation net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses (bnc#1194094). CVE-2021-45486: In the IPv4 implementation net/ipv4/route.c has an information leak because the hash table is very small (bnc#1194087). The following non-security bugs were fixed: ACPI: APD: Check for NULL pointer after calling devm_ioremap() (git-fixes). ACPI: Add stubs for wakeup handler functions (git-fixes). ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes (git-fixes). ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls (git-fixes). ALSA: ctl: Fix copy of updated id with element read/write (git-fixes). ALSA: drivers: opl3: Fix incorrect use of vp->state (git-fixes). ALSA: hda/hdmi: Disable silent stream on GLK (git-fixes). ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform (git-fixes). ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows (git-fixes). ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED (git-fixes). ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100 (git-fixes). ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 (git-fixes). ALSA: ... [Please see the references for more information on the vulnerabilities]

Affected Software

Affected Software

'Linux Kernel' package(s) on SUSE Linux Enterprise Module for Public Cloud 15-SP3.

Detection Method

Detection Method

Checks if a vulnerable package version is present on the target host.

Solution

Solution

Please install the updated package(s).