Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
SUSE: Security Advisory (SUSE-SU-2022:0169-1)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update for the 'Linux Kernel' package(s) announced via the SUSE-SU-2022:0169-1 advisory.
Insight
Insight
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation (bsc#1194517). CVE-2022-0322: Fixed a denial of service in SCTP sctp_addto_chunk (bsc#1194985). CVE-2021-4197: Fixed a cgroup issue where lower privileged processes could write to fds of lower privileged ones that could lead to privilege escalation (bsc#1194302). CVE-2021-46283: nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace (bnc#1194518). CVE-2021-4135: Fixed an information leak in the nsim_bpf_map_alloc function (bsc#1193927). CVE-2021-4202: Fixed a race condition during NFC device remove which could lead to a use-after-free memory corruption (bsc#1194529) CVE-2021-4083: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allowed a local user to crash the system or escalate their privileges on the system. (bnc#1193727). CVE-2021-4149: Fixed a locking condition in btrfs which could lead to system deadlocks (bsc#1194001). CVE-2021-45485: In the IPv6 implementation net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses (bnc#1194094). CVE-2021-45486: In the IPv4 implementation net/ipv4/route.c has an information leak because the hash table is very small (bnc#1194087). The following non-security bugs were fixed: ACPI: APD: Check for NULL pointer after calling devm_ioremap() (git-fixes). ACPI: Add stubs for wakeup handler functions (git-fixes). ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes (git-fixes). ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls (git-fixes). ALSA: ctl: Fix copy of updated id with element read/write (git-fixes). ALSA: drivers: opl3: Fix incorrect use of vp->state (git-fixes). ALSA: hda/hdmi: Disable silent stream on GLK (git-fixes). ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform (git-fixes). ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows (git-fixes). ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED (git-fixes). ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100 (git-fixes). ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 (git-fixes). ALSA: ... [Please see the references for more information on the vulnerabilities]
Affected Software
Affected Software
'Linux Kernel' package(s) on SUSE Linux Enterprise Module for Public Cloud 15-SP3.
Detection Method
Detection Method
Checks if a vulnerable package version is present on the target host.
Solution
Solution
Please install the updated package(s).