In the Linux kernel, the following vulnerability has been resolved: perf: Fix list corruption in perf_cgroup_switch() There's list corruption on cgrp_cpuctx_list. This happens on the following path: perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list) cpu_ctx_sched_in ctx_sched_in ctx_pinned_sched_in merge_sched_in perf_cgroup_event_disable: remove the event from the list Use list_for_each_entry_safe() to allow removing an entry during iteration.

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3591-1 advisory.

    The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2021-47387: cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (bsc#1225316).
    - CVE-2022-48788: nvme-rdma: fix possible use-after-free in transport error_recovery work (bsc#1227952).
    - CVE-2022-48789: nvme-tcp: fix possible use-after-free in transport error_recovery work (bsc#1228000).
    - CVE-2022-48790: nvme: fix a possible use-after-free in controller reset during load (bsc#1227941).
    - CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
    - CVE-2022-48799: perf: Fix list corruption in perf_cgroup_switch() (bsc#1227953).
    - CVE-2022-48844: Bluetooth: hci_core: Fix leaking sent_cmd skb (bsc#1228068).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2022-48943: KVM: x86/mmu: make apf token non-zero to fix bug (bsc#1229645).
    - CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
    - CVE-2023-52915: media: dvb-usb-v2: af9035: fix missing unlock (bsc#1230270).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-41073: nvme: avoid double free special payload (bsc#1228635).
    - CVE-2024-41079: nvmet: always initialize cqe.result (bsc#1228615).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44948: x86/mtrr: Check if fixed MTRRs exist before saving them (bsc#1230174).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
    - CVE-2024-44969: s390/sclp: Prevent release of buffer in I/O (bsc#1230200).
    - CVE-2024-44982: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (bsc#1230204).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46675: usb: dwc3: core: Prevent USB core invalid event buffer address access (bsc#1230533).
    - CVE-2024-46676: nfc: pn533: Add poll mod list filling check (bsc#1230535).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46722: drm/amdgpu: fix mc_data out-of-bounds read warning (bsc#1230712).
    - CVE-2024-46723: drm/amdgpu: fix ucode out-of-bounds read warning (bsc#1230702).
    - CVE-2024-46731: drm/amd/pm: fix the Out-of-bounds read warning (bsc#1230709).
    - CVE-2024-46738: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (bsc#1230731).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46744: Squashfs: sanity check symbolic link size (bsc#1230747).
    - CVE-2024-46745: Input: uinput - reject requests with unreasonable number of slots (bsc#1230748).
    - CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46759: hwmon: (adc128d818) Fix underflows seen when writing limit attributes (bsc#1230814).
    - CVE-2024-46761: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (bsc#1230761).
    - CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-46853: spi: nxp-fspi: fix the KASAN report out-of-bounds bug (bsc#1231083).
    - CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
    - CVE-2024-46859: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (bsc#1231089).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3566-1 advisory.

    The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
    - CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
    - CVE-2024-41073: nvme: avoid double free special payload (bsc#1228635).
    - CVE-2024-41079: nvmet: always initialize cqe.result (bsc#1228615).
    - CVE-2024-46859: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (bsc#1231089).
    - CVE-2024-46853: spi: nxp-fspi: fix the KASAN report out-of-bounds bug (bsc#1231083).
    - CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-46731: drm/amd/pm: fix the Out-of-bounds read warning (bsc#1230709).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46722: drm/amdgpu: fix mc_data out-of-bounds read warning (bsc#1230712).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46761: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (bsc#1230761).
    - CVE-2024-46759: hwmon: (adc128d818) Fix underflows seen when writing limit attributes (bsc#1230814).
    - CVE-2024-46745: Input: uinput - reject requests with unreasonable number of slots (bsc#1230748).
    - CVE-2024-46738: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (bsc#1230731).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-44982: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (bsc#1230204).
    - CVE-2024-46723: drm/amdgpu: fix ucode out-of-bounds read warning (bsc#1230702).
    - CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-46744: Squashfs: sanity check symbolic link size (bsc#1230747).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46675: usb: dwc3: core: Prevent USB core invalid event buffer address access (bsc#1230533).
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46676: nfc: pn533: Add poll mod list filling check (bsc#1230535).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2022-48799: perf: Fix list corruption in perf_cgroup_switch() (bsc#1227953).
    - CVE-2022-48789: nvme-tcp: fix possible use-after-free in transport error_recovery work (bsc#1228000).
    - CVE-2022-48790: nvme: fix a possible use-after-free in controller reset during load (bsc#1227941).
    - CVE-2024-41000: block/ioctl: prefer different overflow check (bsc#1227867).
    - CVE-2024-44948: x86/mtrr: Check if fixed MTRRs exist before saving them (bsc#1230174).
    - CVE-2022-48788: nvme-rdma: fix possible use-after-free in transport error_recovery work (bsc#1227952).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2022-48943: KVM: x86/mmu: make apf token non-zero to fix bug (bsc#1229645).
    - CVE-2023-52915: media: dvb-usb-v2: af9035: fix missing unlock (bsc#1230270).
    - CVE-2022-48844: Bluetooth: hci_core: Fix leaking sent_cmd skb (bsc#1228068).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-27024: net/rds: fix WARNING in rds_conn_connect_if_down (bsc#1223777).
    - CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2021-47387: cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (bsc#1225316).
    - CVE-2024-44969: s390/sclp: Prevent release of buffer in I/O (bsc#1230200).
    - CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
    - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3559-1 advisory.

    The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2021-47387: cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (bsc#1225316).
    - CVE-2022-48788: nvme-rdma: fix possible use-after-free in transport error_recovery work (bsc#1227952).
    - CVE-2022-48789: nvme-tcp: fix possible use-after-free in transport error_recovery work (bsc#1228000).
    - CVE-2022-48790: nvme: fix a possible use-after-free in controller reset during load (bsc#1227941).
    - CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
    - CVE-2022-48799: perf: Fix list corruption in perf_cgroup_switch() (bsc#1227953).
    - CVE-2022-48844: Bluetooth: hci_core: Fix leaking sent_cmd skb (bsc#1228068).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2022-48943: KVM: x86/mmu: make apf token non-zero to fix bug (bsc#1229645).
    - CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
    - CVE-2023-52915: media: dvb-usb-v2: af9035: fix missing unlock (bsc#1230270).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-41073: nvme: avoid double free special payload (bsc#1228635).
    - CVE-2024-41079: nvmet: always initialize cqe.result (bsc#1228615).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44948: x86/mtrr: Check if fixed MTRRs exist before saving them (bsc#1230174).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
    - CVE-2024-44969: s390/sclp: Prevent release of buffer in I/O (bsc#1230200).
    - CVE-2024-44982: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (bsc#1230204).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46675: usb: dwc3: core: Prevent USB core invalid event buffer address access (bsc#1230533).
    - CVE-2024-46676: nfc: pn533: Add poll mod list filling check (bsc#1230535).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46722: drm/amdgpu: fix mc_data out-of-bounds read warning (bsc#1230712).
    - CVE-2024-46723: drm/amdgpu: fix ucode out-of-bounds read warning (bsc#1230702).
    - CVE-2024-46731: drm/amd/pm: fix the Out-of-bounds read warning (bsc#1230709).
    - CVE-2024-46738: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (bsc#1230731).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46744: Squashfs: sanity check symbolic link size (bsc#1230747).
    - CVE-2024-46745: Input: uinput - reject requests with unreasonable number of slots (bsc#1230748).
    - CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46759: hwmon: (adc128d818) Fix underflows seen when writing limit attributes (bsc#1230814).
    - CVE-2024-46761: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (bsc#1230761).
    - CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-46853: spi: nxp-fspi: fix the KASAN report out-of-bounds bug (bsc#1231083).
    - CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
    - CVE-2024-46859: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (bsc#1231089).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6991 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: mm/sparsemem: fix race in accessing memory_section->usage (CVE-2023-52489)

    * kernel: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs     (CVE-2021-47393)

    * kernel: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() (CVE-2021-47559)

    * kernel: ACPICA: Revert ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.
    (CVE-2024-40984)

    * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)

    * kernel: powerpc/fixmap: Fix VM debug warning on unmap (CVE-2021-47623)

    * kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)

    * kernel: vsock: remove vsock from connected table when connect is interrupted by a signal     (CVE-2022-48786)

    * kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)

    * kernel: SUNRPC: lock against ->sock changing during sysfs read (CVE-2022-48816)

    * kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)

    * kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6992 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: x86/xen: Add some null pointer checking to smp.c (CVE-2024-26908)

    * kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)

    * kernel: NFSD: Fix ia_size underflow (CVE-2022-48828)

    * kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes (CVE-2022-48829)

    * kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)

    * kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)

    * kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6990 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: mm/sparsemem: fix race in accessing memory_section->usage (CVE-2023-52489)

    * kernel: hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs     (CVE-2021-47393)

    * kernel: net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() (CVE-2021-47559)

    * kernel: ACPICA: Revert ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.
    (CVE-2024-40984)

    * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)

    * kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CVE-2022-48773)

    * kernel: vsock: remove vsock from connected table when connect is interrupted by a signal     (CVE-2022-48786)

    * kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)

    * kernel: SUNRPC: lock against ->sock changing during sysfs read (CVE-2022-48816)

    * kernel: mm: prevent derefencing NULL ptr in pfn_section_valid() (CVE-2024-41055)

    * kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    kernel:ACPI: CPPC: Use access_width over bit_width for system memory accesses(CVE-2024-35995)

    kernel: block: fix overflow in blk_ioctl_discard()(CVE-2024-36917)

    kernel:block: prevent division by zero in blk_rq_stat_sum()(CVE-2024-35925)

    bpf: Fix stackmap overflow check on 32-bit arches(CVE-2024-26883)

    kernel:calipso: fix memory leak in netlbl_calipso_add_pass()(CVE-2023-52698)

    kernel:erspan: make sure erspan_base_hdr is present in skb-head(CVE-2024-35888)

    kernel: ext4: fix corruption during on-line resize(CVE-2024-35807)

    kernel:HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up(CVE-2024-35997)

    HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect(CVE-2023-52478)

    kernel:i2c: smbus: fix NULL function pointer dereference(CVE-2024-35984)

    kernel:i40e: Do not use WQ_MEM_RECLAIM flag for workqueue(CVE-2024-36004)

    i40e: Fix NULL ptr dereference on VSI filter sync(CVE-2021-47184)

    iavf: free q_vectors before queues in iavf_disable_vf(CVE-2021-47201)

    ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()(CVE-2024-26633)

    ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()(CVE-2024-26641)

    kernel:ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()(CVE-2024-36902)

    kernel:ipv6: Fix infinite recursion in fib6_dump_done().(CVE-2024-35886)

    kernel:ipv6: Fix potential uninit-value access in __ip6_make_skb()(CVE-2024-36903)

    kernel:ipv6: prevent NULL dereference in ip6_output()(CVE-2024-36901)

    kernel:ipvlan: add ipvlan_route_v6_outbound() helper(CVE-2023-52796)

    kernel:irqchip/gic-v3-its: Prevent double free on error(CVE-2024-35847)

    kernel: md/dm-raid: don#39;t call md_reap_sync_thread() directly(CVE-2024-35808)

    kernel:net/mlx5: Properly link new fs rules into the tree(CVE-2024-35960)

    kernel:net/mlx5e: fix a double-free in arfs_create_groups(CVE-2024-35835)

    kernel:net: fix __dst_negative_advice() race(CVE-2024-36971)

    kernel:net: fix out-of-bounds access in ops_init(CVE-2024-36883)

    kernel:netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()(CVE-2024-27020)

    kernel:netfilter: validate user input for expected length(CVE-2024-35896)

    NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds(CVE-2021-46952)

    kernel:nvme-fc: do not wait in vain when unloading module(CVE-2024-26846)

    nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells(CVE-2021-47497)

    kernel: PCI/PM: Drain runtime-idle callbacks before driver removal(CVE-2024-35809)

    kernel: perf/core: Bail out early if the request AUX area is out of bound(CVE-2023-52835)

    kernel: pinctrl: core: delete incorrect free in pinctrl_enable()(CVE-2024-36940)

    kernel:dm: call the resume method on internal suspend(CVE-2024-26880)

    kernel:RDMA: Verify port when creating flow rule(CVE-2021-47265)

    kernel:ring-buffer: Fix a race between readers and resize checks(CVE-2024-38601)

    kernel: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload(CVE-2024-36919)

    kernel:scsi: iscsi: Fix iscsi_task use after free(CVE-2021-47427)

    kernel:scsi: lpfc: Fix link down processing to address NULL pointer dereference(CVE-2021-47183)

    kernel:scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()(CVE-2024-36924)

    kernel: scsi: mpt3sas: Fix use-after-free warning(CVE-2022-48695)

    kernel: selinux: avoid dereference of garbage after mount failure(CVE-2024-35904)

    kernel: smb: client: fix use-after-free bug in cifs_debug_data_proc_show()(CVE-2023-52752)

    kernel:spi: Fix deadlock when adding SPI controllers on SPI buses(CVE-2021-47469)

    kernel:SUNRPC: fix a memleak in gss_import_v2_context(CVE-2023-52653)

    kernel:tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets(CVE-2024-36905)

    kernel:tcp: properly terminate timers for kernel sockets(CVE-2024-35910)

    kernel:tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().(CVE-2024-36904)

    kernel: thermal: core: prevent potential string overflow(CVE-2023-52868)

    tty: Fix out-of-bound vmalloc access in imageblit(CVE-2021-47383)

    kernel:tty: n_gsm: fix possible out-of-bounds in gsm0_receive()(CVE-2024-36016)

    kernel:vt: fix unicode buffer corruption when deleting characters(CVE-2024-35823)

    kernel:llc: verify mac len before reading mac header(CVE-2023-52843)

    kernel:SUNRPC: fix some memleaks in gssx_dec_option_array(CVE-2024-27388)

    kernel:net: cdc_eem: fix tx fixup skb leak(CVE-2021-47236)

    NFS: Fix use-after-free in nfs4_init_client()(CVE-2021-47259)

    kernel: IB/mlx5: Fix initializing CQ fragments buffer(CVE-2021-47261)

    kernel:kvm: avoid speculation-based attacks from out-of-range memslot accesses(CVE-2021-47277)

    kernel: drm: Fix use-after-free read in drm_getunique()(CVE-2021-47280)

    net/sched: act_skbmod: Skip non-Ethernet packets(CVE-2021-47293)

    kernel:igb: Fix use-after-free error during reset(CVE-2021-47301)

    kernel:net: qcom/emac: fix UAF in emac_remove(CVE-2021-47311)

    kernel:scsi: megaraid_sas: Fix resource leak in case of probe failure(CVE-2021-47329)

    kernel: udf: Fix NULL pointer dereference in udf_symlink function(CVE-2021-47353)

    kernel: drm/sched: Avoid data corruptions(CVE-2021-47354)

    irqchip/gic-v3-its: Fix potential VPE leak on error(CVE-2021-47373)

    kernel:sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb(CVE-2021-47397)

    kernel: netfilter: conntrack: serialize hash resizes and cleanups(CVE-2021-47408)

    phy: mdio: fix memory leak(CVE-2021-47416)

    i40e: Fix freeing of uninitialized misc IRQ vector(CVE-2021-47424)

    kernel:i2c: acpi: fix resource leak in reconfiguration device addition(CVE-2021-47425)

    kernel: dm: fix mempool NULL pointer race when completing IO(CVE-2021-47435)

    kernel:net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path(CVE-2021-47438)

    kernel:ptp: Fix possible memory leak in ptp_clock_register()(CVE-2021-47455)

    kernel: mm, slub: fix potential memoryleak in kmem_cache_open()(CVE-2021-47466)

    kernel: scsi: qla2xxx: Fix a memory leak in an error path of qla2x00_process_els()(CVE-2021-47473)

    kernel: isofs: Fix out of bound access for corrupted isofs image(CVE-2021-47478)

    kernel: scsi: core: Put LLD module refcnt after SCSI device is released(CVE-2021-47480)

    kernel:regmap: Fix possible double-free in regcache_rbtree_exit()(CVE-2021-47483)

    kernel:usbnet: sanity check for maxpacket(CVE-2021-47495)

    kernel:i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc(CVE-2021-47501)

    kernel:nfp: Fix memory leak in nfp_cpp_area_cache_add()(CVE-2021-47516)

    serial: core: fix transmit-buffer reset and memleak(CVE-2021-47527)

    kernel:net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()(CVE-2021-47541)

    tcp: fix page frag corruption on page fault(CVE-2021-47544)

    kernel:ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in     hns_dsaf_ge_srst_by_port()(CVE-2021-47548)

    kernel: scsi: mpt3sas: Fix kernel panic during drive powercycle test(CVE-2021-47565)

    proc/vmcore: fix clearing user buffer by properly using clear_user()(CVE-2021-47566)

    scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()(CVE-2021-47576)

    ovl: fix warning in ovl_create_real()(CVE-2021-47579)

    sit: do not call ipip6_dev_free() from sit_init_net()(CVE-2021-47588)

    igbvf: fix double free in `igbvf_probe`(CVE-2021-47589)

    kernel:inet_diag: fix kernel-infoleak for UDP sockets(CVE-2021-47597)

    net: netlink: af_netlink: Prevent empty skb by adding a check on len.(CVE-2021-47606)

    kernel:firmware: arm_scpi: Fix string overflow in SCPI genpd driver(CVE-2021-47609)

    kernel:i40e: Fix queues reservation for XDP(CVE-2021-47619)

    kernel: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe(CVE-2022-48715)

    rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()(CVE-2022-48742)

    kernel:net/mlx5e: Avoid field-overflowing memcpy()(CVE-2022-48744)

    phylib: fix potential use-after-free(CVE-2022-48754)

    vsock: remove vsock from connected table when connect is interrupted by a signal(CVE-2022-48786)

    perf: Fix list corruption in perf_cgroup_switch()(CVE-2022-48799)

    kernel:vt_ioctl: fix array_index_nospec in vt_setactivate(CVE-2022-48804)

    net: fix a memleak when uncloning an skb dst and its metadata(CVE-2022-48809)

    ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path(CVE-2022-48810)

    kernel:sctp: fix kernel-infoleak for SCTP sockets(CVE-2022-48855)

    kernel:of: Fix double free in of_parse_phandle_with_args_map(CVE-2023-52679)

    kernel:net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path(CVE-2023-52703)

    kernel: mmc: mmc_spi: fix error handling in mmc_spi_probe()(CVE-2023-52708)

    kernel: Fix page corruption caused by racy check in __free_pages(CVE-2023-52739)

    kernel:SUNRPC: Fix RPC client cleaned up the freed pipefs dentries(CVE-2023-52803)

    kernel: crypto: pcrypt - Fix hungtask for PADATA_RESET(CVE-2023-52813)

    kernel:tcp: do not accept ACK of bytes we never sent(CVE-2023-52881)

    kernel:nouveau: lock the client object tree. (CVE-2024-27062)

    kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes(CVE-2024-35789)

    kernel:fix lockup in dm_exception_table_exit  There was reported lockup(CVE-2024-35805)

    kernel: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion(CVE-2024-35815)

    kernel: fbmon: prevent division by zero in fb_videomode_from_videomode()(CVE-2024-35922)

    kernel:scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()  (CVE-2024-35930)

    kernel:kprobes: Fix possible use-after-free issue on kprobe registration(CVE-2024-35955)

    kernel:netfilter: complete validation of user input(CVE-2024-35962)

    kernel:ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr(CVE-2024-35969)

    kernel: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up(CVE-2024-36952)

    kernel:virtio: delete vq in vp_find_vqs_msix() when request_irq() fails(CVE-2024-37353)

    kernel:tcp: Fix shift-out-of-bounds in dctcp_update_alpha().(CVE-2024-37356)

    kernel:net: bridge: xmit: make sure we have at least eth header len bytes(CVE-2024-38538)

    kernel:of: module: add buffer overflow check in of_modalias()(CVE-2024-38541)

    kernel:scsi: qedf: Ensure the copied buf is NUL terminated(CVE-2024-38559)

    kernel:ftrace: Fix possible use-after-free issue in ftrace_location()(CVE-2024-38588)

    kernel:af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg(CVE-2024-38596)

    kernel: ext4: fix mb_cache_entry#39;s e_refcnt leak in ext4_xattr_block_cache_find()CVE-2024-39276)

    kernel:kdb: Fix buffer overflow during tab-complete(CVE-2024-39480)

    kernel:bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()(CVE-2024-39487)

    kernel:USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages(CVE-2024-40904)

    kernel:ipv6: prevent possible NULL dereference in rt6_probe()(CVE-2024-40960)

    kernel:ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.(CVE-2024-40984)

    kernel:net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()(CVE-2024-40995)

    kernel:ext4: fix uninitialized ratelimit_state-lock access in __ext4_fill_super()(CVE-2024-40998)

    kernel:netpoll: Fix race condition in netpoll_owner_active(CVE-2024-41005)

    kernel:tcp: avoid too many retransmit packets(CVE-2024-41007)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6160 advisory.

    The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with     extremely high determinism requirements.

    Security Fix(es):

    * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)

    * kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)

    * kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)

    * kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6156 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)

    * kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)

    * kernel: virtio-net: tap: mlx5_core short frame denial of service (CVE-2024-41090)

    * kernel: virtio-net: tun: mlx5_core short frame denial of service (CVE-2024-41091)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5692 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)

    * kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (CVE-2021-47069)

    * kernel: net/sched: act_ct: fix skb leak and crash on ooo frags (CVE-2023-52610)

    * kernel: wifi: iwlwifi: dbg-tlv: ensure NUL termination (CVE-2024-35845)

    * kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)

    * kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)

    * kernel: isdn: mISDN: Fix sleeping function called from invalid context (CVE-2021-47468)

    * kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)

    * kernel: wifi: nl80211: don't free NULL coalescing rule (CVE-2024-36941)

    * kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (CVE-2024-36904)

    * kernel: gfs2: Fix potential glock use-after-free on unmount (CVE-2024-38570)

    * kernel: KVM: x86: nSVM: fix potential NULL derefernce on nested migration (CVE-2022-48793)

    * kernel: perf: Fix list corruption in perf_cgroup_switch() (CVE-2022-48799)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2947-1 advisory.

    The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952).
    - CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
    - CVE-2021-47186: ipc: check for null after calling kmemdup (bsc#1222702).
    - CVE-2021-47546: Kabi fix for ipv6: fix memory leak in fib6_rule_suppress (bsc#1225504).
    - CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound     (bsc#1225505).
    - CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568).
    - CVE-2021-47590: mptcp: fix deadlock in __mptcp_push_pending() (bsc#1226565).
    - CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570).
    - CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets (bsc#1226551).
    - CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574).
    - CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571)
    - CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len (bsc#1226555).
    - CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919).
    - CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() (bsc#1227927)
    - CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path     (bsc#1227936).
    - CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071)
    - CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
    - CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
    - CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference (bsc#1220869)
    - CVE-2023-52580: net/core: Fix ETH_P_1588 flow dissector (bsc#1220876).
    - CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
    - CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
    - CVE-2023-52812: drm/amd: check num of link levels when update pcie param (bsc#1225564).
    - CVE-2023-52857: drm/mediatek: Fix coverity issue with unintentional integer overflow (bsc#1225581).
    - CVE-2023-52863: hwmon: (axi-fan-control) Fix possible NULL pointer dereference (bsc#1225586).
    - CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
    - CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
    - CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
    - CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
    - CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
    - CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
    - CVE-2024-26661: drm/amd/display: Add NULL test for 'timing generator' in (bsc#1222323)
    - CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
    - CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
    - CVE-2024-26802: stmmac: Clear variable when destroying workqueue (bsc#1222799).
    - CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
    - CVE-2024-26961: mac802154: fix llsec key resources release in mac802154_llsec_key_del (bsc#1223652).
    - CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
    - CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
    - CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
    - CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
    - CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
    - CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
    - CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
    - CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
    - CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
    - CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500).
    - CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
    - CVE-2024-35889: idpf: fix kernel panic on unknown packet types (bsc#1224517).
    - CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
    - CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
    - CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
    - CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
    - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700)
    - CVE-2024-35961: net/mlx5: Restore mistakenly dropped parts in register devlink flow (bsc#1224585).
    - CVE-2024-35995: ACPI: CPPC: Fix access width used for PCC registers (bsc#1224557).
    - CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
    - CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
    - CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
    - CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
    - CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted     (bsc#1225744).
    - CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
    - CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
    - CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
    - CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
    - CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
    - CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
    - CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
    - CVE-2024-36939: nfs: Handle error of rpc_proc_register() in nfs_net_init() (bsc#1225838).
    - CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
    - CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
    - CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
    - CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
    - CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
    - CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
    - CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
    - CVE-2024-38628: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind     (bsc#1226911).
    - CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
    - CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).
    - CVE-2024-39463: 9p: add missing locking around taking dentry fid list (bsc#1227090).
    - CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
    - CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
    - CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
    - CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
    - CVE-2024-39493: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (bsc#1227620).
    - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
    - CVE-2024-39497: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (bsc#1227722)
    - CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
    - CVE-2024-39506: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
    - CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
    - CVE-2024-39508: io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (bsc#1227732).
    - CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
    - CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
    - CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
    - CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
    - CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()     (bsc#1227779).
    - CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
    - CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
    - CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
    - CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
    - CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
    - CVE-2024-40943: ocfs2: fix races between hole punching and AIO+DIO (bsc#1227849).
    - CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
    - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
    - CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812).
    - CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
    - CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
    - CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
    - CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
    - CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891).
    - CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
    - CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
    - CVE-2024-40977: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (bsc#1227950).
    - CVE-2024-40982: ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (bsc#1227865).
    - CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
    - CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
    - CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()     (bsc#1227866).
    - CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
    - CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
    - CVE-2024-41009: selftests/bpf: Add more ring buffer test coverage (bsc#1228020).
    - CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
    - CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
    - CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
    - CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
    - CVE-2024-41016: ocfs2: add bounds checking to ocfs2_xattr_find_entry() (bsc#1228410).
    - CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
    - CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518)
    - CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520)
    - CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
    - CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565)
    - CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
    - CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
    - CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
    - CVE-2024-41063: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (bsc#1228580)
    - CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
    - CVE-2024-41066: ibmvnic: Add tx check to prevent skb leak (bsc#1228640).
    - CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
    - CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
    - CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing     (bsc#1228625).
    - CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
    - CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617)
    - CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
    - CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
    - CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers     (bsc#1228470)
    - CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
    - CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
    - CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
    - CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591)
    - CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705)
    - CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743)
    - CVE-2024-42161: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
    - CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723)
    - CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2929-1 advisory.

    The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
    - CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
    - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
    - CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743)
    - CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
    - CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
    - CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
    - CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
    - CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
    - CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810).
    - CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
    - CVE-2024-41011: drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (bsc#1228114).
    - CVE-2024-39463: 9p: add missing locking around taking dentry fid list (bsc#1227090).
    - CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574).
    - CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
    - CVE-2024-35901: net: mana: Fix Rx DMA datasize and skb_over_panic (bsc#1224495).
    - CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
    - CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
    - CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
    - CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2894-1 advisory.

    The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952).
    - CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
    - CVE-2021-47186: tipc: check for null after calling kmemdup (bsc#1222702).
    - CVE-2021-47546: Kabi fix for ipv6: fix memory leak in fib6_rule_suppress (bsc#1225504).
    - CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound     (bsc#1225505).
    - CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568).
    - CVE-2021-47590: mptcp: fix deadlock in __mptcp_push_pending() (bsc#1226565).
    - CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570).
    - CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets (bsc#1226551).
    - CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574).
    - CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571)
    - CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len (bsc#1226555).
    - CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919).
    - CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() (bsc#1227927)
    - CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path     (bsc#1227936).
    - CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071)
    - CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
    - CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
    - CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference (bsc#1220869)
    - CVE-2023-52580: net/core: Fix ETH_P_1588 flow dissector (bsc#1220876).
    - CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
    - CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
    - CVE-2023-52812: drm/amd: check num of link levels when update pcie param (bsc#1225564).
    - CVE-2023-52857: drm/mediatek: Fix coverity issue with unintentional integer overflow (bsc#1225581).
    - CVE-2023-52863: hwmon: (axi-fan-control) Fix possible NULL pointer dereference (bsc#1225586).
    - CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
    - CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
    - CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
    - CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
    - CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
    - CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
    - CVE-2024-26661: drm/amd/display: Add NULL test for 'timing generator' in (bsc#1222323)
    - CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
    - CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
    - CVE-2024-26802: stmmac: Clear variable when destroying workqueue (bsc#1222799).
    - CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
    - CVE-2024-26961: mac802154: fix llsec key resources release in mac802154_llsec_key_del (bsc#1223652).
    - CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
    - CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
    - CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
    - CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
    - CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
    - CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
    - CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
    - CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
    - CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
    - CVE-2024-35837: net: mvpp2: clear BM pool before initialization (bsc#1224500).
    - CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
    - CVE-2024-35889: idpf: fix kernel panic on unknown packet types (bsc#1224517).
    - CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
    - CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
    - CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
    - CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
    - CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700)
    - CVE-2024-35961: net/mlx5: Restore mistakenly dropped parts in register devlink flow (bsc#1224585).
    - CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
    - CVE-2024-35995: ACPI: CPPC: Fix access width used for PCC registers (bsc#1224557).
    - CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge (bsc#1224548).
    - CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
    - CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
    - CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
    - CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted     (bsc#1225744).
    - CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
    - CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
    - CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
    - CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
    - CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
    - CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
    - CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
    - CVE-2024-36939: nfs: Handle error of rpc_proc_register() in nfs_net_init() (bsc#1225838).
    - CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
    - CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
    - CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
    - CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
    - CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
    - CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
    - CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
    - CVE-2024-38628: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind     (bsc#1226911).
    - CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
    - CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).
    - CVE-2024-39463: 9p: add missing locking around taking dentry fid list (bsc#1227090).
    - CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
    - CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
    - CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
    - CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
    - CVE-2024-39493: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (bsc#1227620).
    - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
    - CVE-2024-39497: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (bsc#1227722)
    - CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
    - CVE-2024-39506: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
    - CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
    - CVE-2024-39508: io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (bsc#1227732).
    - CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
    - CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
    - CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
    - CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
    - CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()     (bsc#1227779).
    - CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
    - CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
    - CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
    - CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
    - CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
    - CVE-2024-40943: ocfs2: fix races between hole punching and AIO+DIO (bsc#1227849).
    - CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
    - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
    - CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812).
    - CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
    - CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
    - CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
    - CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
    - CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter empty (bsc#1227891).
    - CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
    - CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
    - CVE-2024-40977: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (bsc#1227950).
    - CVE-2024-40982: ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (bsc#1227865).
    - CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
    - CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
    - CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super()     (bsc#1227866).
    - CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
    - CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
    - CVE-2024-41009: selftests/bpf: Add more ring buffer test coverage (bsc#1228020).
    - CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
    - CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
    - CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
    - CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
    - CVE-2024-41016: ocfs2: add bounds checking to ocfs2_xattr_find_entry() (bsc#1228410).
    - CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
    - CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518)
    - CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520)
    - CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
    - CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565)
    - CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
    - CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
    - CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
    - CVE-2024-41063: Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (bsc#1228580)
    - CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
    - CVE-2024-41066: ibmvnic: Add tx check to prevent skb leak (bsc#1228640).
    - CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
    - CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
    - CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds array indexing     (bsc#1228625).
    - CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
    - CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617)
    - CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
    - CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
    - CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers     (bsc#1228470)
    - CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
    - CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
    - CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
    - CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591)
    - CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705)
    - CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743)
    - CVE-2024-42161: Avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
    - CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723)
    - CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
208717	SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3591-1)	Nessus	SuSE Local Security Checks	high
208672	SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3566-1)	Nessus	SuSE Local Security Checks	high
208665	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:3559-1)	Nessus	SuSE Local Security Checks	high
207658	RHEL 9 : kernel (RHSA-2024:6991)	Nessus	Red Hat Local Security Checks	high
207657	RHEL 8 : kernel (RHSA-2024:6992)	Nessus	Red Hat Local Security Checks	high
207649	RHEL 9 : kernel-rt (RHSA-2024:6990)	Nessus	Red Hat Local Security Checks	high
207170	EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2369)	Nessus	Huawei Local Security Checks	high
206459	RHEL 8 : kernel-rt (RHSA-2024:6160)	Nessus	Red Hat Local Security Checks	medium
206454	RHEL 8 : kernel (RHSA-2024:6156)	Nessus	Red Hat Local Security Checks	medium
206028	RHEL 8 : kernel (RHSA-2024:5692)	Nessus	Red Hat Local Security Checks	high
205747	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2947-1)	Nessus	SuSE Local Security Checks	high
205734	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2939-1)	Nessus	SuSE Local Security Checks	high
205650	SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2929-1)	Nessus	SuSE Local Security Checks	high
205493	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2894-1)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2022-48799

medium

Tenable Plugins

high

high

high

high

high

high

high

medium

medium

high

high

high

high

high