Test ID:	1.3.6.1.4.1.25623.1.1.4.2021.1865.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2021:1865-1)
Summary:	The remote host is missing an update for the 'Linux Kernel (Live Patch 32 for SLE 12 SP3)' package(s) announced via the SUSE-SU-2021:1865-1 advisory.
Description:	Summary: The remote host is missing an update for the 'Linux Kernel (Live Patch 32 for SLE 12 SP3)' package(s) announced via the SUSE-SU-2021:1865-1 advisory. Vulnerability Insight: This update for the Linux Kernel 4.4.180-94_121 fixes several issues. The following security issues were fixed: - Fix a kernel warning during sysfs read (bsc#1186235) - CVE-2020-36322: An issue was discovered in the FUSE filesystem implementation in the Linux kernel aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bsc#1184952). - CVE-2021-29154: BPF JIT compilers in the Linux kernel have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c (bsc#1184710) Affected Software/OS: 'Linux Kernel (Live Patch 32 for SLE 12 SP3)' package(s) on SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server for SAP Applications 12-SP3. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-36322 Debian Security Information: DSA-5096 (Google Search) https://www.debian.org/security/2022/dsa-5096 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.6 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d069dbe8aaf2a197142558b6fb2978189ba3454 https://www.starwindsoftware.com/security/sw-20220816-0001/ https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2021-28950 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/ https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=775c5033a0d164622d9d10dd0f0a5531639ed3ed Common Vulnerability Exposure (CVE) ID: CVE-2021-29154 https://security.netapp.com/advisory/ntap-20210604-0006/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/ https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=26f55a59dc65ff77cd1c4b37991e26497fc68049 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4d4d456436bfb2fe412ee2cd489f7658449b098 http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html https://news.ycombinator.com/item?id=26757760 https://www.openwall.com/lists/oss-security/2021/04/08/1 https://www.oracle.com/security-alerts/cpujul2022.html https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.