Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 10 |
CVE-ID | CVE-2021-3655 CVE-2021-3715 CVE-2021-3760 CVE-2021-3772 CVE-2021-41864 CVE-2021-42008 CVE-2021-42252 CVE-2021-42739 CVE-2021-43056 CVE-2018-13405 |
CWE-ID | CWE-909 CWE-416 CWE-345 CWE-787 CWE-119 CWE-252 CWE-264 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #6 is available. |
Vulnerable software |
SUSE Linux Enterprise Module for Realtime Operating systems & Components / Operating system SUSE MicroOS Operating systems & Components / Operating system kernel-rt_debug Operating systems & Components / Operating system package or component ocfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component ocfs2-kmp-rt Operating systems & Components / Operating system package or component kernel-syms-rt Operating systems & Components / Operating system package or component kernel-rt_debug-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt_debug-devel Operating systems & Components / Operating system package or component kernel-rt_debug-debugsource Operating systems & Components / Operating system package or component kernel-rt_debug-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel-debuginfo Operating systems & Components / Operating system package or component kernel-rt-devel Operating systems & Components / Operating system package or component gfs2-kmp-rt-debuginfo Operating systems & Components / Operating system package or component gfs2-kmp-rt Operating systems & Components / Operating system package or component dlm-kmp-rt-debuginfo Operating systems & Components / Operating system package or component dlm-kmp-rt Operating systems & Components / Operating system package or component cluster-md-kmp-rt-debuginfo Operating systems & Components / Operating system package or component cluster-md-kmp-rt Operating systems & Components / Operating system package or component kernel-source-rt Operating systems & Components / Operating system package or component kernel-devel-rt Operating systems & Components / Operating system package or component kernel-rt-debugsource Operating systems & Components / Operating system package or component kernel-rt-debuginfo Operating systems & Components / Operating system package or component kernel-rt Operating systems & Components / Operating system package or component |
Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 10 vulnerabilities.
EUVDB-ID: #VU61098
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-3655
CWE-ID:
CWE-909 - Missing initialization of resource
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to missing initialization of resource in the Linux kernel when processing inbound SCTP packets. A remote attacker can send specially crafted SCTP packets to the system and force the kernel to read uninitialized memory.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU56393
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3715
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem (route4_change() function in net/sched/cls_route.c) in the way it handled changing of classification filters. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63816
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3760
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the NFC stack. A local user can trigger use-after-free error to escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63835
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-3772
CWE-ID:
CWE-345 - Insufficient Verification of Data Authenticity
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack (DoS) on the target system.
The vulnerability exists due to insufficient verification of data authenticity in the Linux SCTP stack. A remote attacker can exploit this vulnerability to perform a denial of service attack.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63855
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-41864
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error when processing untrusted input. A local user can gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63669
Risk: Low
CVSSv4.0: 7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2021-42008
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the decode_data() function in drivers/net/hamradio/6pack.c in the Linux kernel. A local user can send input from a process that has the CAP_NET_ADMIN capability and escalate privileges on the system.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU93833
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-42252
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the aspeed_lpc_ctrl_mmap() function in drivers/soc/aspeed/aspeed-lpc-ctrl.c. A local user can execute arbitrary code.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU59474
Risk: Low
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-42739
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary within the firewire subsystem in the Linux kernel in drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c files. A local privileged user can run a specially crafted program tat calls avc_ca_pmt() function to trigger memory corruption and execute arbitrary code with elevated privileges.
Update the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU63921
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-43056
CWE-ID:
CWE-252 - Unchecked Return Value
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation error when handling SRR1 register values. A local user can perform a denial of service attack, when the host is running on Power8.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU13631
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-13405
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to create arbitrary files on the target system.
The vulnerability exists due to the inode_init_owner function, as defined in the fs/inode.c source code file, allows the creation of arbitrary files in set-group identification (SGID) directories. A local attacker can create arbitrary files with unintended group ownership.
MitigationUpdate the affected package the Linux Kernel to the latest version.
Vulnerable software versionsSUSE Linux Enterprise Module for Realtime: 15-SP2
SUSE MicroOS: 5.0
kernel-rt_debug: before 5.3.18-57.1
ocfs2-kmp-rt-debuginfo: before 5.3.18-57.1
ocfs2-kmp-rt: before 5.3.18-57.1
kernel-syms-rt: before 5.3.18-57.1
kernel-rt_debug-devel-debuginfo: before 5.3.18-57.1
kernel-rt_debug-devel: before 5.3.18-57.1
kernel-rt_debug-debugsource: before 5.3.18-57.1
kernel-rt_debug-debuginfo: before 5.3.18-57.1
kernel-rt-devel-debuginfo: before 5.3.18-57.1
kernel-rt-devel: before 5.3.18-57.1
gfs2-kmp-rt-debuginfo: before 5.3.18-57.1
gfs2-kmp-rt: before 5.3.18-57.1
dlm-kmp-rt-debuginfo: before 5.3.18-57.1
dlm-kmp-rt: before 5.3.18-57.1
cluster-md-kmp-rt-debuginfo: before 5.3.18-57.1
cluster-md-kmp-rt: before 5.3.18-57.1
kernel-source-rt: before 5.3.18-57.1
kernel-devel-rt: before 5.3.18-57.1
kernel-rt-debugsource: before 5.3.18-57.1
kernel-rt-debuginfo: before 5.3.18-57.1
kernel-rt: before 5.3.18-57.1
CPE2.3http://www.suse.com/support/update/announcement/2021/suse-su-20213658-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.