SUSE: 2022:2144-2 Critical: Network DoS Vulnerability in SUSE Manager 4.2

suse

June 21, 2022

An update that solves three vulnerabilities and has 18 fixes is now available

Summary

This update fixes the following issues: inter-server-sync: - version 0.2.2 * Parameter --channel-with-children didn't export data (bsc#1199089) * Clean rhnchannelcloned table to rebuild hierarchy (bsc#1197400) - Version 0.2.1 * Correct sequence in use for table rhnpackagekey(bsc#1197400) * Make Docker image export compatible with Suse Manager 4.2 - Version 0.2.0 * Allow images export and import (os based and Docker) prometheus-formula: - Version 0.6.2 * Allow prometheus-formula only for SUSE systems (bsc#1199149) salt-netapi-client: - Improve the hotfix for bsc#1192550 (bsc#1197449): smdba: - Don't package egg-info file for Enterprise Linux. spacecmd: - Version 4.2.17-1 * parse boolean paramaters correctly (bsc#1197689) spacewalk-backend: - version 4.2.22-1

Topics Covered

security advisory security issue remote DoS critical threat system fix important update SUSE Manager Server

References

#1187333 #1191143 #1192550 #1193707 #1194594

#1195710 #1196702 #1197400 #1197438 #1197449

#1197488 #1197591 #1197689 #1198221 #1199089

#1199142 #1199149 #1199512 #1199629 #1200212

#1200606

Cross- CVE-2021-44906 CVE-2022-21952 CVE-2022-31248

CVSS scores:

CVE-2021-44906 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2021-44906 (SUSE): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CVE-2022-31248 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products:

SUSE Linux Enterprise Module for SUSE Manager Server 4.2

SUSE Manager Server 4.2

https://www.suse.com/security/cve/CVE-2021-44906.html

https://www.suse.com/security/cve/CVE-2022-21952.html

https://www.suse.com/security/cve/CVE-2022-31248.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2022:2144-1

Rating: important

Topics Covered

security advisory security issue remote DoS critical threat system fix important update SUSE Manager Server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:2144-2 Critical: Network DoS Vulnerability in SUSE Manager 4.2

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2022:2144-2 Critical: Network DoS Vulnerability in SUSE Manager 4.2

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!