CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
77.4%
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3641-1 advisory.
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value. (CVE-2021-33033)
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14689. (CVE-2021-34866)
A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)
A flaw was found in the Routing decision classifier in the Linux kernel’s Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition.
This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3715)
A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. (CVE-2021-3760)
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. (CVE-2021-3772)
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. (CVE-2021-41864)
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
(CVE-2021-42008)
An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes. (CVE-2021-42252)
A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-42739)
An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values. (CVE-2021-43056)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2021:3641-1. The text itself
# is copyright (C) SUSE.
##
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(155006);
script_version("1.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2023/07/13");
script_cve_id(
"CVE-2021-3542",
"CVE-2021-3655",
"CVE-2021-3715",
"CVE-2021-3760",
"CVE-2021-3772",
"CVE-2021-3896",
"CVE-2021-33033",
"CVE-2021-34866",
"CVE-2021-41864",
"CVE-2021-42008",
"CVE-2021-42252",
"CVE-2021-42739",
"CVE-2021-43056"
);
script_xref(name:"SuSE", value:"SUSE-SU-2021:3641-1");
script_name(english:"SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3641-1)");
script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in
the SUSE-SU-2021:3641-1 advisory.
- The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because
the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads
to writing an arbitrary value. (CVE-2021-33033)
- This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel
5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in
order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The
issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a
type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute
arbitrary code in the context of the kernel. Was ZDI-CAN-14689. (CVE-2021-34866)
- A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on
inbound SCTP packets may allow the kernel to read uninitialized memory. (CVE-2021-3655)
- A flaw was found in the Routing decision classifier in the Linux kernel's Traffic Control networking
subsystem in the way it handled changing of classification filters, leading to a use-after-free condition.
This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat
from this vulnerability is to confidentiality, integrity, as well as system availability. (CVE-2021-3715)
- A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat
to confidentiality, integrity, and system availability. (CVE-2021-3760)
- A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP
association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and
the attacker can send packets with spoofed IP addresses. (CVE-2021-3772)
- prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows
unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds
write. (CVE-2021-41864)
- The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab
out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
(CVE-2021-42008)
- An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux
kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite
memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a
certain comparison uses values that are not memory sizes. (CVE-2021-42252)
- A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user
calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or
escalate privileges on the system. The highest threat from this vulnerability is to confidentiality,
integrity, as well as system availability. (CVE-2021-42739)
- An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to
crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S
implementation bug in the handling of the SRR1 register values. (CVE-2021-43056)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1065729");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1085030");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1152472");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1152489");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1156395");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1172073");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1173604");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176447");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176774");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1176914");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1178134");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1180100");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1181147");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1184673");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1185762");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186063");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1186109");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1187167");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1188563");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1189841");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190006");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190067");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190349");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190351");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190479");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190620");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190642");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190795");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190801");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1190941");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191229");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191240");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191241");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191315");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191317");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191349");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191384");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191449");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191450");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191451");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191452");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191455");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191456");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191628");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191645");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191663");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191731");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191800");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191867");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191934");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1191958");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192040");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192041");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192074");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192107");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1192145");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-33033");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-34866");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3542");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3655");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3715");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3760");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3772");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-3896");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-41864");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-42008");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-42252");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-42739");
script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2021-43056");
# https://lists.suse.com/pipermail/sle-security-updates/2021-November/009709.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?badb6b03");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-3760");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2021-42252");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2021/05/14");
script_set_attribute(attribute:"patch_publication_date", value:"2021/11/09");
script_set_attribute(attribute:"plugin_publication_date", value:"2021/11/10");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-azure-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-devel-azure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-source-azure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:kernel-syms-azure");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"SuSE Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);
var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLES15" && (! preg(pattern:"^(3)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP3", os_ver + " SP" + service_pack);
var pkgs = [
{'reference':'kernel-azure-5.3.18-38.28.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-public-cloud-release-15.3']},
{'reference':'kernel-azure-devel-5.3.18-38.28.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-public-cloud-release-15.3']},
{'reference':'kernel-devel-azure-5.3.18-38.28.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-public-cloud-release-15.3']},
{'reference':'kernel-source-azure-5.3.18-38.28.2', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-public-cloud-release-15.3']},
{'reference':'kernel-syms-azure-5.3.18-38.28.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-public-cloud-release-15.3']}
];
var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var exists_check = NULL;
var rpm_spec_vers_cmp = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (reference && _release) {
if (exists_check) {
var check_flag = 0;
foreach var check (exists_check) {
if (!rpm_exists(release:_release, rpm:check)) continue;
check_flag++;
}
if (!check_flag) continue;
}
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-azure / kernel-azure-devel / kernel-devel-azure / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33033
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34866
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3542
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3655
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3715
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3760
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3772
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42008
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42252
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42739
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43056
www.nessus.org/u?badb6b03
bugzilla.suse.com/1065729
bugzilla.suse.com/1085030
bugzilla.suse.com/1152472
bugzilla.suse.com/1152489
bugzilla.suse.com/1156395
bugzilla.suse.com/1172073
bugzilla.suse.com/1173604
bugzilla.suse.com/1176447
bugzilla.suse.com/1176774
bugzilla.suse.com/1176914
bugzilla.suse.com/1178134
bugzilla.suse.com/1180100
bugzilla.suse.com/1181147
bugzilla.suse.com/1184673
bugzilla.suse.com/1185762
bugzilla.suse.com/1186063
bugzilla.suse.com/1186109
bugzilla.suse.com/1187167
bugzilla.suse.com/1188563
bugzilla.suse.com/1189841
bugzilla.suse.com/1190006
bugzilla.suse.com/1190067
bugzilla.suse.com/1190349
bugzilla.suse.com/1190351
bugzilla.suse.com/1190479
bugzilla.suse.com/1190620
bugzilla.suse.com/1190642
bugzilla.suse.com/1190795
bugzilla.suse.com/1190801
bugzilla.suse.com/1190941
bugzilla.suse.com/1191229
bugzilla.suse.com/1191240
bugzilla.suse.com/1191241
bugzilla.suse.com/1191315
bugzilla.suse.com/1191317
bugzilla.suse.com/1191349
bugzilla.suse.com/1191384
bugzilla.suse.com/1191449
bugzilla.suse.com/1191450
bugzilla.suse.com/1191451
bugzilla.suse.com/1191452
bugzilla.suse.com/1191455
bugzilla.suse.com/1191456
bugzilla.suse.com/1191628
bugzilla.suse.com/1191645
bugzilla.suse.com/1191663
bugzilla.suse.com/1191731
bugzilla.suse.com/1191800
bugzilla.suse.com/1191867
bugzilla.suse.com/1191934
bugzilla.suse.com/1191958
bugzilla.suse.com/1192040
bugzilla.suse.com/1192041
bugzilla.suse.com/1192074
bugzilla.suse.com/1192107
bugzilla.suse.com/1192145
www.suse.com/security/cve/CVE-2021-33033
www.suse.com/security/cve/CVE-2021-34866
www.suse.com/security/cve/CVE-2021-3542
www.suse.com/security/cve/CVE-2021-3655
www.suse.com/security/cve/CVE-2021-3715
www.suse.com/security/cve/CVE-2021-3760
www.suse.com/security/cve/CVE-2021-3772
www.suse.com/security/cve/CVE-2021-3896
www.suse.com/security/cve/CVE-2021-41864
www.suse.com/security/cve/CVE-2021-42008
www.suse.com/security/cve/CVE-2021-42252
www.suse.com/security/cve/CVE-2021-42739
www.suse.com/security/cve/CVE-2021-43056
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
77.4%