SUSE Linux Enterprise Server Improper Access Control Vulnerability Disabling Nftables

An improper access control vulnerability has been identified in the kernel of SUSE Linux Enterprise Server 12 SP5. This vulnerability disrupts the functionality of nftables, a tool used for managing firewall rules. As a result, firewall rules applied through nftables become ineffective. The issue arises from a problematic backport of a kernel commit, which causes nftables to malfunction by returning an 'Operation Not Supported' error when attempting to create tables. This vulnerability affects SUSE Linux Enterprise Server versions from the problematic commit introduction to the version where the issue was fixed.

Impact

The vulnerability leads to a complete failure of nftables functionality, causing firewall management to be ineffective. This could allow malicious activities to go unregulated by the firewall, potentially leading to unauthorized access or attacks on the system.

Reproduction

The vulnerability can be reproduced by using SUSE Linux Enterprise Server 12 SP5 and attempting to use nftables for firewall management. The issue will manifest as an 'Operation Not Supported' error when trying to create nftables tables, indicating that nftables is not functioning as intended.

Remediation

Users are advised to upgrade to a version of the kernel that includes the fix for this vulnerability. The fixed version can be identified by the commit '9c294edb7085fb91650bc12233495a8974c5ff2d'.