In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Mark XDomain as unplugged when router is removed I noticed that when we do discrete host router NVM upgrade and it gets hot-removed from the PCIe side as a result of NVM firmware authentication, if there is another host connected with enabled paths we hang in tearing them down. This is due to fact that the Thunderbolt networking driver also tries to cleanup the paths and ends up blocking in tb_disconnect_xdomain_paths() waiting for the domain lock. However, at this point we already cleaned the paths in tb_stop() so there is really no need for tb_disconnect_xdomain_paths() to do that anymore. Furthermore it already checks if the XDomain is unplugged and bails out early so take advantage of that and mark the XDomain as unplugged when we remove the parent router.

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7123-1 advisory.

    It was discovered that the CIFS network file system implementation in the Linux kernel did not properly     validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this     to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6610)

    Supraja Sridhara, Benedict Schlter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the     Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit     emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service     (guest crash) or possibly execute arbitrary code. (CVE-2024-25744)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - MIPS architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - Null block device driver;

    - Character device driver;

    - ARM SCMI message protocol;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I3C subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - QCOM SoC drivers;

    - Direct Digital Synthesis drivers;

    - Thunderbolt and USB4 drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - USB Type-C Connector System Software Interface driver;

    - USB over IP driver;

    - VHOST drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - NILFS2 file system;

    - NTFS3 file system;

    - Proc file system;

    - SMB network file system;

    - Core kernel;

    - DMA mapping infrastructure;

    - RCU subsystem;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - Objagg library;

    - Memory management;

    - Amateur Radio drivers;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - Wireless networking;

    - AppArmor security module;

    - Landlock security;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - SoC audio core drivers;

    - USB sound devices; (CVE-2023-52751, CVE-2024-43902, CVE-2024-46791, CVE-2024-45018, CVE-2024-44987,     CVE-2024-46763, CVE-2024-46724, CVE-2024-26893, CVE-2024-42283, CVE-2024-46738, CVE-2024-46819,     CVE-2024-44982, CVE-2023-52889, CVE-2024-45025, CVE-2023-52918, CVE-2024-46800, CVE-2024-46756,     CVE-2024-46719, CVE-2024-39472, CVE-2024-42292, CVE-2024-45006, CVE-2024-46675, CVE-2024-44971,     CVE-2024-46731, CVE-2024-42286, CVE-2024-44954, CVE-2024-42274, CVE-2024-46746, CVE-2024-42276,     CVE-2024-43869, CVE-2024-43830, CVE-2024-42288, CVE-2024-41042, CVE-2024-42126, CVE-2024-43870,     CVE-2024-46805, CVE-2024-41078, CVE-2024-44966, CVE-2024-44989, CVE-2024-46795, CVE-2024-44988,     CVE-2024-38577, CVE-2024-43839, CVE-2024-43909, CVE-2024-46745, CVE-2024-42285, CVE-2024-43871,     CVE-2024-41081, CVE-2024-42289, CVE-2024-44965, CVE-2024-42271, CVE-2024-42284, CVE-2024-45009,     CVE-2024-41068, CVE-2024-44958, CVE-2024-46759, CVE-2024-42304, CVE-2024-43890, CVE-2024-41019,     CVE-2024-43846, CVE-2024-41012, CVE-2024-44983, CVE-2024-41072, CVE-2024-46702, CVE-2024-26800,     CVE-2024-42302, CVE-2023-52572, CVE-2024-46783, CVE-2024-43892, CVE-2024-45028, CVE-2024-44999,     CVE-2024-46814, CVE-2024-41022, CVE-2024-42281, CVE-2024-46679, CVE-2024-42290, CVE-2024-44960,     CVE-2024-41071, CVE-2024-41091, CVE-2024-44990, CVE-2024-46757, CVE-2024-38611, CVE-2024-47668,     CVE-2024-45008, CVE-2024-46707, CVE-2024-44935, CVE-2024-42299, CVE-2024-46771, CVE-2024-42265,     CVE-2024-43883, CVE-2024-46673, CVE-2024-46747, CVE-2024-43875, CVE-2024-44985, CVE-2024-42311,     CVE-2024-46798, CVE-2024-43884, CVE-2024-46725, CVE-2024-42318, CVE-2024-43873, CVE-2024-42296,     CVE-2024-43907, CVE-2024-43834, CVE-2024-46721, CVE-2024-47659, CVE-2024-45026, CVE-2024-47667,     CVE-2024-44986, CVE-2024-41020, CVE-2024-43849, CVE-2024-46744, CVE-2024-44946, CVE-2024-43861,     CVE-2024-42269, CVE-2024-46822, CVE-2024-46739, CVE-2024-44948, CVE-2024-46804, CVE-2024-41064,     CVE-2024-44995, CVE-2024-26669, CVE-2024-46781, CVE-2024-46732, CVE-2024-42246, CVE-2024-46780,     CVE-2024-46743, CVE-2024-44947, CVE-2024-47663, CVE-2024-46752, CVE-2024-43893, CVE-2024-45021,     CVE-2024-43856, CVE-2024-46714, CVE-2024-41011, CVE-2024-41070, CVE-2024-46832, CVE-2024-46737,     CVE-2024-43867, CVE-2024-42277, CVE-2024-44934, CVE-2024-46723, CVE-2024-43880, CVE-2024-43860,     CVE-2024-42297, CVE-2024-45003, CVE-2024-46810, CVE-2024-43889, CVE-2024-42287, CVE-2024-43854,     CVE-2024-42313, CVE-2024-42305, CVE-2024-41077, CVE-2024-38602, CVE-2024-46758, CVE-2024-46807,     CVE-2024-43853, CVE-2024-45007, CVE-2024-41090, CVE-2024-42280, CVE-2024-46844, CVE-2024-45011,     CVE-2024-47660, CVE-2024-47665, CVE-2024-46829, CVE-2024-44944, CVE-2024-41015, CVE-2024-42259,     CVE-2024-43914, CVE-2024-43829, CVE-2022-48666, CVE-2024-43828, CVE-2024-46755, CVE-2024-43858,     CVE-2024-46740, CVE-2024-46689, CVE-2024-42309, CVE-2024-42295, CVE-2024-41098, CVE-2023-52757,     CVE-2024-46782, CVE-2024-46777, CVE-2024-46685, CVE-2024-44969, CVE-2024-47669, CVE-2024-43882,     CVE-2024-42310, CVE-2024-43905, CVE-2024-44998, CVE-2024-42306, CVE-2024-40915, CVE-2024-46713,     CVE-2024-41059, CVE-2024-41017, CVE-2024-43879, CVE-2024-46677, CVE-2024-42312, CVE-2024-43908,     CVE-2024-46750, CVE-2024-46722, CVE-2024-42267, CVE-2024-46818, CVE-2024-26661, CVE-2024-43817,     CVE-2024-42272, CVE-2024-41065, CVE-2024-46828, CVE-2024-46840, CVE-2024-46676, CVE-2024-43841,     CVE-2024-46815, CVE-2024-26607, CVE-2023-52434, CVE-2024-46761, CVE-2024-42114, CVE-2024-41073,     CVE-2024-43894, CVE-2024-43835, CVE-2024-46817, CVE-2024-41060, CVE-2024-36484, CVE-2024-42301,     CVE-2024-44974, CVE-2024-43863, CVE-2024-41063)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7100-2 advisory.

    Supraja Sridhara, Benedict Schlter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the     Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit     emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service     (guest crash) or possibly execute arbitrary code. (CVE-2024-25744)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - MIPS architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - Null block device driver;

    - Character device driver;

    - ARM SCMI message protocol;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I3C subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - QCOM SoC drivers;

    - Direct Digital Synthesis drivers;

    - Thunderbolt and USB4 drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - USB Type-C Connector System Software Interface driver;

    - USB over IP driver;

    - VHOST drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - NILFS2 file system;

    - NTFS3 file system;

    - Proc file system;

    - SMB network file system;

    - Core kernel;

    - DMA mapping infrastructure;

    - RCU subsystem;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - Objagg library;

    - Memory management;

    - Amateur Radio drivers;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - Wireless networking;

    - AppArmor security module;

    - Landlock security;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - SoC audio core drivers;

    - USB sound devices; (CVE-2024-42288, CVE-2024-41098, CVE-2024-43849, CVE-2024-46689, CVE-2024-44987,     CVE-2024-40915, CVE-2024-46844, CVE-2024-45009, CVE-2024-46780, CVE-2024-41081, CVE-2024-43817,     CVE-2024-44965, CVE-2024-46832, CVE-2024-41072, CVE-2024-45011, CVE-2024-46814, CVE-2024-45026,     CVE-2024-44982, CVE-2024-46723, CVE-2024-46771, CVE-2024-46759, CVE-2024-41063, CVE-2024-46673,     CVE-2023-52889, CVE-2024-41020, CVE-2024-46677, CVE-2024-46798, CVE-2024-45021, CVE-2024-46676,     CVE-2024-47668, CVE-2024-42289, CVE-2024-45018, CVE-2024-46724, CVE-2024-41090, CVE-2024-43853,     CVE-2024-42272, CVE-2024-43828, CVE-2024-42292, CVE-2024-26800, CVE-2024-43871, CVE-2024-46758,     CVE-2024-36484, CVE-2024-46755, CVE-2024-46782, CVE-2024-43889, CVE-2024-46763, CVE-2024-41015,     CVE-2024-43858, CVE-2024-41012, CVE-2024-44960, CVE-2024-46747, CVE-2024-42311, CVE-2024-47660,     CVE-2024-42267, CVE-2024-44998, CVE-2024-43839, CVE-2024-43914, CVE-2024-46783, CVE-2024-47659,     CVE-2024-46725, CVE-2024-46840, CVE-2024-43873, CVE-2024-46737, CVE-2024-44946, CVE-2024-43841,     CVE-2024-26669, CVE-2024-42306, CVE-2024-26661, CVE-2024-42259, CVE-2024-41011, CVE-2024-46822,     CVE-2024-42287, CVE-2024-46746, CVE-2024-43860, CVE-2024-42246, CVE-2024-46800, CVE-2024-45007,     CVE-2024-42296, CVE-2024-47669, CVE-2024-44983, CVE-2024-43880, CVE-2024-42284, CVE-2022-48666,     CVE-2024-44990, CVE-2024-43894, CVE-2024-44989, CVE-2023-52918, CVE-2024-42295, CVE-2024-43869,     CVE-2024-42277, CVE-2024-46818, CVE-2024-42270, CVE-2024-45025, CVE-2024-42301, CVE-2024-43883,     CVE-2024-46714, CVE-2024-46815, CVE-2024-41073, CVE-2024-43905, CVE-2024-43882, CVE-2024-46719,     CVE-2024-42286, CVE-2024-44952, CVE-2024-42297, CVE-2024-41022, CVE-2024-46743, CVE-2024-43829,     CVE-2024-43909, CVE-2024-42265, CVE-2024-44944, CVE-2024-46807, CVE-2024-46739, CVE-2024-43867,     CVE-2024-44958, CVE-2024-44969, CVE-2024-42271, CVE-2024-46745, CVE-2024-42299, CVE-2024-45006,     CVE-2024-43908, CVE-2024-44966, CVE-2024-41065, CVE-2024-46777, CVE-2024-42309, CVE-2024-38602,     CVE-2024-44947, CVE-2024-43884, CVE-2024-43902, CVE-2024-47667, CVE-2024-46750, CVE-2024-41070,     CVE-2024-26893, CVE-2024-41017, CVE-2024-46810, CVE-2024-46828, CVE-2024-43893, CVE-2024-41077,     CVE-2024-46756, CVE-2024-46740, CVE-2024-42269, CVE-2024-43890, CVE-2024-45008, CVE-2024-46795,     CVE-2024-43854, CVE-2024-46713, CVE-2024-47663, CVE-2024-46702, CVE-2024-46781, CVE-2024-46722,     CVE-2024-42114, CVE-2024-44948, CVE-2024-44988, CVE-2024-42302, CVE-2024-41019, CVE-2024-46731,     CVE-2024-46819, CVE-2024-44995, CVE-2024-41059, CVE-2024-43856, CVE-2024-44954, CVE-2024-43863,     CVE-2024-38577, CVE-2024-43870, CVE-2024-41068, CVE-2024-41071, CVE-2024-38611, CVE-2024-46761,     CVE-2024-42304, CVE-2024-42310, CVE-2024-46707, CVE-2024-42290, CVE-2024-42276, CVE-2024-44935,     CVE-2024-46721, CVE-2024-46817, CVE-2024-46791, CVE-2024-44934, CVE-2024-45028, CVE-2024-46757,     CVE-2024-43879, CVE-2024-43907, CVE-2024-43846, CVE-2024-42280, CVE-2024-44999, CVE-2024-43861,     CVE-2024-42126, CVE-2024-26607, CVE-2024-46752, CVE-2024-42305, CVE-2024-43835, CVE-2024-41042,     CVE-2024-46675, CVE-2024-46804, CVE-2024-41091, CVE-2024-41060, CVE-2024-46744, CVE-2024-47665,     CVE-2024-39472, CVE-2024-46829, CVE-2024-42285, CVE-2024-42281, CVE-2024-43830, CVE-2024-42274,     CVE-2024-46679, CVE-2024-44985, CVE-2024-46805, CVE-2024-42312, CVE-2024-42283, CVE-2024-45003,     CVE-2024-44971, CVE-2024-42313, CVE-2024-46685, CVE-2024-46738, CVE-2024-44986, CVE-2024-43834,     CVE-2024-46732, CVE-2024-43875, CVE-2024-42318, CVE-2024-41064, CVE-2024-44974, CVE-2024-43892,     CVE-2024-41078)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7100-1 advisory.

    Supraja Sridhara, Benedict Schlter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the     Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit     emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service     (guest crash) or possibly execute arbitrary code. (CVE-2024-25744)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - MIPS architecture;

    - PowerPC architecture;

    - RISC-V architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - Null block device driver;

    - Character device driver;

    - ARM SCMI message protocol;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - I3C subsystem;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - QCOM SoC drivers;

    - Direct Digital Synthesis drivers;

    - Thunderbolt and USB4 drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Host Controller drivers;

    - USB Type-C Connector System Software Interface driver;

    - USB over IP driver;

    - VHOST drivers;

    - File systems infrastructure;

    - BTRFS file system;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - NILFS2 file system;

    - NTFS3 file system;

    - Proc file system;

    - SMB network file system;

    - Core kernel;

    - DMA mapping infrastructure;

    - RCU subsystem;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - Objagg library;

    - Memory management;

    - Amateur Radio drivers;

    - Bluetooth subsystem;

    - Ethernet bridge;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - MAC80211 subsystem;

    - Multipath TCP;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - Wireless networking;

    - AppArmor security module;

    - Landlock security;

    - Simplified Mandatory Access Control Kernel framework;

    - FireWire sound drivers;

    - SoC audio core drivers;

    - USB sound devices; (CVE-2024-43817, CVE-2024-42304, CVE-2024-46756, CVE-2024-42318, CVE-2024-41090,     CVE-2024-41063, CVE-2024-44987, CVE-2024-46844, CVE-2024-46677, CVE-2024-44988, CVE-2024-42297,     CVE-2024-26893, CVE-2024-46673, CVE-2024-26800, CVE-2024-42305, CVE-2024-46731, CVE-2024-41091,     CVE-2024-46810, CVE-2024-41072, CVE-2022-48666, CVE-2024-38602, CVE-2024-46780, CVE-2024-46750,     CVE-2024-43858, CVE-2024-41020, CVE-2024-46755, CVE-2024-46829, CVE-2024-41068, CVE-2024-45003,     CVE-2024-42280, CVE-2024-42283, CVE-2024-43873, CVE-2024-46746, CVE-2024-44969, CVE-2024-46807,     CVE-2024-41081, CVE-2024-44971, CVE-2024-26607, CVE-2024-43880, CVE-2024-42281, CVE-2024-42274,     CVE-2024-43908, CVE-2024-42267, CVE-2024-47665, CVE-2024-45011, CVE-2024-46707, CVE-2024-42310,     CVE-2024-42309, CVE-2024-44965, CVE-2024-46747, CVE-2024-42259, CVE-2024-46804, CVE-2024-46679,     CVE-2024-45007, CVE-2024-45009, CVE-2024-46771, CVE-2024-46739, CVE-2024-41060, CVE-2024-46676,     CVE-2024-46822, CVE-2024-42272, CVE-2024-41059, CVE-2024-43839, CVE-2024-46817, CVE-2024-47669,     CVE-2024-44999, CVE-2024-42285, CVE-2024-44986, CVE-2024-43828, CVE-2024-43879, CVE-2024-44998,     CVE-2024-46724, CVE-2024-41015, CVE-2024-45025, CVE-2024-43849, CVE-2024-46818, CVE-2024-43830,     CVE-2024-46725, CVE-2024-43834, CVE-2024-42302, CVE-2024-36484, CVE-2024-43853, CVE-2024-46782,     CVE-2024-46740, CVE-2024-46732, CVE-2024-43869, CVE-2024-42312, CVE-2024-42292, CVE-2024-43884,     CVE-2024-44934, CVE-2024-44995, CVE-2024-43894, CVE-2024-46675, CVE-2024-43870, CVE-2024-44990,     CVE-2024-42287, CVE-2024-41065, CVE-2024-42301, CVE-2024-42290, CVE-2024-46702, CVE-2024-46719,     CVE-2024-46745, CVE-2024-46758, CVE-2024-46757, CVE-2024-44935, CVE-2024-42276, CVE-2024-43890,     CVE-2023-52918, CVE-2024-41077, CVE-2024-43905, CVE-2024-38611, CVE-2024-42269, CVE-2024-42284,     CVE-2024-41073, CVE-2024-46722, CVE-2024-41017, CVE-2024-47667, CVE-2024-45021, CVE-2024-43867,     CVE-2024-41098, CVE-2024-43909, CVE-2024-46723, CVE-2024-45026, CVE-2024-42114, CVE-2024-44944,     CVE-2024-43835, CVE-2024-44982, CVE-2024-43907, CVE-2024-46828, CVE-2024-43856, CVE-2024-46832,     CVE-2024-44954, CVE-2024-43846, CVE-2024-41070, CVE-2024-43892, CVE-2024-44985, CVE-2024-42306,     CVE-2024-43889, CVE-2024-44958, CVE-2024-46798, CVE-2024-44989, CVE-2024-42313, CVE-2024-46737,     CVE-2024-42289, CVE-2024-43829, CVE-2024-46744, CVE-2023-52889, CVE-2024-46689, CVE-2024-47663,     CVE-2024-46791, CVE-2024-43863, CVE-2024-43893, CVE-2024-43841, CVE-2024-46777, CVE-2024-46800,     CVE-2024-45028, CVE-2024-44952, CVE-2024-43883, CVE-2024-44946, CVE-2024-43882, CVE-2024-44960,     CVE-2024-38577, CVE-2024-46814, CVE-2024-42288, CVE-2024-44947, CVE-2024-41071, CVE-2024-41042,     CVE-2024-41064, CVE-2024-42311, CVE-2024-42270, CVE-2024-43861, CVE-2024-46752, CVE-2024-42296,     CVE-2024-41022, CVE-2024-42246, CVE-2024-43871, CVE-2024-42265, CVE-2024-43854, CVE-2024-41019,     CVE-2024-46815, CVE-2024-46743, CVE-2024-42126, CVE-2024-26661, CVE-2024-41012, CVE-2024-46761,     CVE-2024-45008, CVE-2024-46805, CVE-2024-45006, CVE-2024-42295, CVE-2024-46783, CVE-2024-42286,     CVE-2024-46714, CVE-2024-42299, CVE-2024-46781, CVE-2024-43914, CVE-2024-44966, CVE-2024-44974,     CVE-2024-45018, CVE-2024-46840, CVE-2024-46819, CVE-2024-40915, CVE-2024-46759, CVE-2024-43860,     CVE-2024-47668, CVE-2024-39472, CVE-2024-47660, CVE-2024-47659, CVE-2024-46795, CVE-2024-43875,     CVE-2024-46738, CVE-2024-42271, CVE-2024-26669, CVE-2024-44983, CVE-2024-41078, CVE-2024-46685,     CVE-2024-46713, CVE-2024-46721, CVE-2024-46763, CVE-2024-41011, CVE-2024-43902, CVE-2024-42277,     CVE-2024-44948)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46702 advisory.

  - In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Mark XDomain as unplugged     when router is removed I noticed that when we do discrete host router NVM upgrade and it gets hot-removed     from the PCIe side as a result of NVM firmware authentication, if there is another host connected with     enabled paths we hang in tearing them down. This is due to fact that the Thunderbolt networking driver     also tries to cleanup the paths and ends up blocking in tb_disconnect_xdomain_paths() waiting for the     domain lock. However, at this point we already cleaned the paths in tb_stop() so there is really no need     for tb_disconnect_xdomain_paths() to do that anymore. Furthermore it already checks if the XDomain is     unplugged and bails out early so take advantage of that and mark the XDomain as unplugged when we remove     the parent router. (CVE-2024-46702)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3587-1 advisory.

    The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done  (bsc#1229607).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
    - CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26767: drm/amd/display: fixed integer types and null check locations  (bsc#1230339).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of     the list of MDB events to replay (bsc#1222973).
    - CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230)
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444)
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe  error path (bsc#1230507).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524)
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703)
    - CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701)
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
    - CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115).
    - CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS  (bsc#1231116).
    - CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
    - CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085).
    - CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3591-1 advisory.

    The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2021-47387: cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (bsc#1225316).
    - CVE-2022-48788: nvme-rdma: fix possible use-after-free in transport error_recovery work (bsc#1227952).
    - CVE-2022-48789: nvme-tcp: fix possible use-after-free in transport error_recovery work (bsc#1228000).
    - CVE-2022-48790: nvme: fix a possible use-after-free in controller reset during load (bsc#1227941).
    - CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
    - CVE-2022-48799: perf: Fix list corruption in perf_cgroup_switch() (bsc#1227953).
    - CVE-2022-48844: Bluetooth: hci_core: Fix leaking sent_cmd skb (bsc#1228068).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2022-48943: KVM: x86/mmu: make apf token non-zero to fix bug (bsc#1229645).
    - CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
    - CVE-2023-52915: media: dvb-usb-v2: af9035: fix missing unlock (bsc#1230270).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-41073: nvme: avoid double free special payload (bsc#1228635).
    - CVE-2024-41079: nvmet: always initialize cqe.result (bsc#1228615).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44948: x86/mtrr: Check if fixed MTRRs exist before saving them (bsc#1230174).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
    - CVE-2024-44969: s390/sclp: Prevent release of buffer in I/O (bsc#1230200).
    - CVE-2024-44982: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (bsc#1230204).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46675: usb: dwc3: core: Prevent USB core invalid event buffer address access (bsc#1230533).
    - CVE-2024-46676: nfc: pn533: Add poll mod list filling check (bsc#1230535).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46722: drm/amdgpu: fix mc_data out-of-bounds read warning (bsc#1230712).
    - CVE-2024-46723: drm/amdgpu: fix ucode out-of-bounds read warning (bsc#1230702).
    - CVE-2024-46731: drm/amd/pm: fix the Out-of-bounds read warning (bsc#1230709).
    - CVE-2024-46738: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (bsc#1230731).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46744: Squashfs: sanity check symbolic link size (bsc#1230747).
    - CVE-2024-46745: Input: uinput - reject requests with unreasonable number of slots (bsc#1230748).
    - CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46759: hwmon: (adc128d818) Fix underflows seen when writing limit attributes (bsc#1230814).
    - CVE-2024-46761: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (bsc#1230761).
    - CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-46853: spi: nxp-fspi: fix the KASAN report out-of-bounds bug (bsc#1231083).
    - CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
    - CVE-2024-46859: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (bsc#1231089).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3592-1 advisory.

    The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done  (bsc#1229607).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
    - CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26767: drm/amd/display: fixed integer types and null check locations  (bsc#1230339).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of     the list of MDB events to replay (bsc#1222973).
    - CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230)
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444)
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe  error path (bsc#1230507).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524)
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703)
    - CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701)
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS  (bsc#1231116).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3566-1 advisory.

    The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
    - CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
    - CVE-2024-41073: nvme: avoid double free special payload (bsc#1228635).
    - CVE-2024-41079: nvmet: always initialize cqe.result (bsc#1228615).
    - CVE-2024-46859: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (bsc#1231089).
    - CVE-2024-46853: spi: nxp-fspi: fix the KASAN report out-of-bounds bug (bsc#1231083).
    - CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-46731: drm/amd/pm: fix the Out-of-bounds read warning (bsc#1230709).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46722: drm/amdgpu: fix mc_data out-of-bounds read warning (bsc#1230712).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46761: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (bsc#1230761).
    - CVE-2024-46759: hwmon: (adc128d818) Fix underflows seen when writing limit attributes (bsc#1230814).
    - CVE-2024-46745: Input: uinput - reject requests with unreasonable number of slots (bsc#1230748).
    - CVE-2024-46738: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (bsc#1230731).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-44982: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (bsc#1230204).
    - CVE-2024-46723: drm/amdgpu: fix ucode out-of-bounds read warning (bsc#1230702).
    - CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-46744: Squashfs: sanity check symbolic link size (bsc#1230747).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46675: usb: dwc3: core: Prevent USB core invalid event buffer address access (bsc#1230533).
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46676: nfc: pn533: Add poll mod list filling check (bsc#1230535).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2022-48799: perf: Fix list corruption in perf_cgroup_switch() (bsc#1227953).
    - CVE-2022-48789: nvme-tcp: fix possible use-after-free in transport error_recovery work (bsc#1228000).
    - CVE-2022-48790: nvme: fix a possible use-after-free in controller reset during load (bsc#1227941).
    - CVE-2024-41000: block/ioctl: prefer different overflow check (bsc#1227867).
    - CVE-2024-44948: x86/mtrr: Check if fixed MTRRs exist before saving them (bsc#1230174).
    - CVE-2022-48788: nvme-rdma: fix possible use-after-free in transport error_recovery work (bsc#1227952).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2022-48943: KVM: x86/mmu: make apf token non-zero to fix bug (bsc#1229645).
    - CVE-2023-52915: media: dvb-usb-v2: af9035: fix missing unlock (bsc#1230270).
    - CVE-2022-48844: Bluetooth: hci_core: Fix leaking sent_cmd skb (bsc#1228068).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-27024: net/rds: fix WARNING in rds_conn_connect_if_down (bsc#1223777).
    - CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2021-47387: cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (bsc#1225316).
    - CVE-2024-44969: s390/sclp: Prevent release of buffer in I/O (bsc#1230200).
    - CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768)
    - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3569-1 advisory.

    The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done  (bsc#1229607).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
    - CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26767: drm/amd/display: fixed integer types and null check locations  (bsc#1230339).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of     the list of MDB events to replay (bsc#1222973).
    - CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230)
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444)
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe  error path (bsc#1230507).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524)
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703)
    - CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701)
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS  (bsc#1231116).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3561-1 advisory.

    The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001).
    - CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
    - CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
    - CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order     0 (bsc#1230435).
    - CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()     (bsc#1230518).
    - CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
    - CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
    - CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
    - CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
    - CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3564-1 advisory.

    The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001).
    - CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
    - CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
    - CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order     0 (bsc#1230435).
    - CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()     (bsc#1230518).
    - CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
    - CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
    - CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
    - CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
    - CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED12 / SLED_SAP12 / SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3559-1 advisory.

    The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2021-47387: cpufreq: schedutil: Destroy mutex before kobject_put() frees the memory (bsc#1225316).
    - CVE-2022-48788: nvme-rdma: fix possible use-after-free in transport error_recovery work (bsc#1227952).
    - CVE-2022-48789: nvme-tcp: fix possible use-after-free in transport error_recovery work (bsc#1228000).
    - CVE-2022-48790: nvme: fix a possible use-after-free in controller reset during load (bsc#1227941).
    - CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002)
    - CVE-2022-48799: perf: Fix list corruption in perf_cgroup_switch() (bsc#1227953).
    - CVE-2022-48844: Bluetooth: hci_core: Fix leaking sent_cmd skb (bsc#1228068).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2022-48943: KVM: x86/mmu: make apf token non-zero to fix bug (bsc#1229645).
    - CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398).
    - CVE-2023-52915: media: dvb-usb-v2: af9035: fix missing unlock (bsc#1230270).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-41073: nvme: avoid double free special payload (bsc#1228635).
    - CVE-2024-41079: nvmet: always initialize cqe.result (bsc#1228615).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43884: Add error handling to pair_device() (bsc#1229739)
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44948: x86/mtrr: Check if fixed MTRRs exist before saving them (bsc#1230174).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2024-44954: ALSA: line6: Fix racy access to midibuf (bsc#1230176).
    - CVE-2024-44969: s390/sclp: Prevent release of buffer in I/O (bsc#1230200).
    - CVE-2024-44982: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (bsc#1230204).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46675: usb: dwc3: core: Prevent USB core invalid event buffer address access (bsc#1230533).
    - CVE-2024-46676: nfc: pn533: Add poll mod list filling check (bsc#1230535).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46722: drm/amdgpu: fix mc_data out-of-bounds read warning (bsc#1230712).
    - CVE-2024-46723: drm/amdgpu: fix ucode out-of-bounds read warning (bsc#1230702).
    - CVE-2024-46731: drm/amd/pm: fix the Out-of-bounds read warning (bsc#1230709).
    - CVE-2024-46738: VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (bsc#1230731).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46744: Squashfs: sanity check symbolic link size (bsc#1230747).
    - CVE-2024-46745: Input: uinput - reject requests with unreasonable number of slots (bsc#1230748).
    - CVE-2024-46750: PCI: Add missing bridge lock to pci_bus_lock() (bsc#1230783).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46759: hwmon: (adc128d818) Fix underflows seen when writing limit attributes (bsc#1230814).
    - CVE-2024-46761: pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (bsc#1230761).
    - CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-46853: spi: nxp-fspi: fix the KASAN report out-of-bounds bug (bsc#1231083).
    - CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084).
    - CVE-2024-46859: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (bsc#1231089).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3553-1 advisory.

    The SUSE Linux Enterprise 15 SP6 CoCo kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
    - CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order     0 (bsc#1230435).
    - CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()     (bsc#1230518).
    - CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
    - CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
    - CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
    - CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46727: Fixed NULL pointer dereference in resource_log_pipe_topology_update (bsc#1230707).
    - CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
    - CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3551-1 advisory.

    The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001).
    - CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
    - CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
    - CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order     0 (bsc#1230435).
    - CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()     (bsc#1230518).
    - CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
    - CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
    - CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
    - CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
    - CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3912 advisory.

    -------------------------------------------------------------------------     Debian LTS Advisory DLA-3912-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                        Ben Hutchings     October 07, 2024                              https://wiki.debian.org/LTS
    -------------------------------------------------------------------------

    Package        : linux     Version        : 5.10.226-1     CVE ID         : CVE-2021-3669 CVE-2022-48733 CVE-2023-31083 CVE-2023-52889                      CVE-2024-27397 CVE-2024-38577 CVE-2024-41011 CVE-2024-41042                      CVE-2024-41098 CVE-2024-42114 CVE-2024-42228 CVE-2024-42246                      CVE-2024-42259 CVE-2024-42265 CVE-2024-42272 CVE-2024-42276                      CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284                      CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288                      CVE-2024-42289 CVE-2024-42290 CVE-2024-42292 CVE-2024-42295                      CVE-2024-42297 CVE-2024-42301 CVE-2024-42302 CVE-2024-42304                      CVE-2024-42305 CVE-2024-42306 CVE-2024-42308 CVE-2024-42309                      CVE-2024-42310 CVE-2024-42311 CVE-2024-42312 CVE-2024-42313                      CVE-2024-43828 CVE-2024-43829 CVE-2024-43830 CVE-2024-43834                      CVE-2024-43835 CVE-2024-43839 CVE-2024-43841 CVE-2024-43846                      CVE-2024-43849 CVE-2024-43853 CVE-2024-43854 CVE-2024-43856                      CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43867                      CVE-2024-43871 CVE-2024-43879 CVE-2024-43880 CVE-2024-43882                      CVE-2024-43883 CVE-2024-43884 CVE-2024-43889 CVE-2024-43890                      CVE-2024-43892 CVE-2024-43893 CVE-2024-43894 CVE-2024-43905                      CVE-2024-43907 CVE-2024-43908 CVE-2024-43914 CVE-2024-44935                      CVE-2024-44944 CVE-2024-44946 CVE-2024-44947 CVE-2024-44948                      CVE-2024-44952 CVE-2024-44954 CVE-2024-44960 CVE-2024-44965                      CVE-2024-44968 CVE-2024-44971 CVE-2024-44974 CVE-2024-44987                      CVE-2024-44988 CVE-2024-44989 CVE-2024-44990 CVE-2024-44995                      CVE-2024-44998 CVE-2024-44999 CVE-2024-45003 CVE-2024-45006                      CVE-2024-45008 CVE-2024-45016 CVE-2024-45018 CVE-2024-45021                      CVE-2024-45025 CVE-2024-45028 CVE-2024-46673 CVE-2024-46674                      CVE-2024-46675 CVE-2024-46676 CVE-2024-46677 CVE-2024-46679                      CVE-2024-46685 CVE-2024-46689 CVE-2024-46702 CVE-2024-46707                      CVE-2024-46713 CVE-2024-46714 CVE-2024-46719 CVE-2024-46721                      CVE-2024-46722 CVE-2024-46723 CVE-2024-46724 CVE-2024-46725                      CVE-2024-46731 CVE-2024-46737 CVE-2024-46738 CVE-2024-46739                      CVE-2024-46740 CVE-2024-46743 CVE-2024-46744 CVE-2024-46745                      CVE-2024-46747 CVE-2024-46750 CVE-2024-46755 CVE-2024-46756                      CVE-2024-46757 CVE-2024-46758 CVE-2024-46759 CVE-2024-46763                      CVE-2024-46771 CVE-2024-46777 CVE-2024-46780 CVE-2024-46781                      CVE-2024-46782 CVE-2024-46783 CVE-2024-46791 CVE-2024-46798                      CVE-2024-46800 CVE-2024-46804 CVE-2024-46814 CVE-2024-46815                      CVE-2024-46817 CVE-2024-46818 CVE-2024-46819 CVE-2024-46822                      CVE-2024-46828 CVE-2024-46829 CVE-2024-46840 CVE-2024-46844

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For Debian 11 bullseye, these problems have been fixed in version     5.10.226-1.  This additionally includes many more bug fixes from     stable updates 5.10.224-5.10.226 inclusive.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS     Attachment:
    signature.asc     Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5782 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5782-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     October 03, 2024                      https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : linux     CVE ID         : CVE-2023-31083 CVE-2024-27017 CVE-2024-35937 CVE-2024-35943                      CVE-2024-35966 CVE-2024-40972 CVE-2024-41016 CVE-2024-41096                      CVE-2024-41098 CVE-2024-42228 CVE-2024-42314 CVE-2024-43835                      CVE-2024-43859 CVE-2024-43884 CVE-2024-43892 CVE-2024-44931                      CVE-2024-44938 CVE-2024-44939 CVE-2024-44940 CVE-2024-44946                      CVE-2024-44947 CVE-2024-44974 CVE-2024-44977 CVE-2024-44982                      CVE-2024-44983 CVE-2024-44985 CVE-2024-44986 CVE-2024-44987                      CVE-2024-44988 CVE-2024-44989 CVE-2024-44990 CVE-2024-44991                      CVE-2024-44995 CVE-2024-44998 CVE-2024-44999 CVE-2024-45000                      CVE-2024-45002 CVE-2024-45003 CVE-2024-45006 CVE-2024-45007                      CVE-2024-45008 CVE-2024-45009 CVE-2024-45010 CVE-2024-45011                      CVE-2024-45016 CVE-2024-45018 CVE-2024-45019 CVE-2024-45021                      CVE-2024-45022 CVE-2024-45025 CVE-2024-45026 CVE-2024-45028                      CVE-2024-45029 CVE-2024-46673 CVE-2024-46674 CVE-2024-46675                      CVE-2024-46676 CVE-2024-46677 CVE-2024-46679 CVE-2024-46685                      CVE-2024-46686 CVE-2024-46689 CVE-2024-46694 CVE-2024-46702                      CVE-2024-46707 CVE-2024-46711 CVE-2024-46713 CVE-2024-46714                      CVE-2024-46715 CVE-2024-46716 CVE-2024-46717 CVE-2024-46719                      CVE-2024-46720 CVE-2024-46721 CVE-2024-46722 CVE-2024-46723                      CVE-2024-46724 CVE-2024-46725 CVE-2024-46726 CVE-2024-46731                      CVE-2024-46732 CVE-2024-46734 CVE-2024-46735 CVE-2024-46737                      CVE-2024-46738 CVE-2024-46739 CVE-2024-46740 CVE-2024-46743                      CVE-2024-46744 CVE-2024-46745 CVE-2024-46746 CVE-2024-46747                      CVE-2024-46750 CVE-2024-46752 CVE-2024-46755 CVE-2024-46756                      CVE-2024-46757 CVE-2024-46758 CVE-2024-46759 CVE-2024-46761                      CVE-2024-46763 CVE-2024-46770 CVE-2024-46771 CVE-2024-46773                      CVE-2024-46777 CVE-2024-46780 CVE-2024-46781 CVE-2024-46782                      CVE-2024-46783 CVE-2024-46784 CVE-2024-46791 CVE-2024-46794                      CVE-2024-46795 CVE-2024-46798 CVE-2024-46800 CVE-2024-46802                      CVE-2024-46804 CVE-2024-46805 CVE-2024-46807 CVE-2024-46810                      CVE-2024-46812 CVE-2024-46814 CVE-2024-46815 CVE-2024-46817                      CVE-2024-46818 CVE-2024-46819 CVE-2024-46821 CVE-2024-46822                      CVE-2024-46826 CVE-2024-46828 CVE-2024-46829 CVE-2024-46830                      CVE-2024-46832 CVE-2024-46835 CVE-2024-46836 CVE-2024-46840                      CVE-2024-46844 CVE-2024-46846 CVE-2024-46848 CVE-2024-46849                      CVE-2024-46852 CVE-2024-46853 CVE-2024-46854 CVE-2024-46855                      CVE-2024-46857 CVE-2024-46858 CVE-2024-46859 CVE-2024-46865

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For the stable distribution (bookworm), these problems have been fixed in     version 6.1.112-1.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security     tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
211654	Ubuntu 22.04 LTS : Linux kernel (Azure) vulnerabilities (USN-7123-1)	Nessus	Ubuntu Local Security Checks	high
210893	Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12815)	Nessus	Oracle Linux Local Security Checks	high
210775	Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-7100-2)	Nessus	Ubuntu Local Security Checks	high
210741	Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7100-1)	Nessus	Ubuntu Local Security Checks	high
208897	CBL Mariner 2.0 Security Update: kernel (CVE-2024-46702)	Nessus	MarinerOS Local Security Checks	medium
208720	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3587-1)	Nessus	SuSE Local Security Checks	high
208717	SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3591-1)	Nessus	SuSE Local Security Checks	high
208715	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3592-1)	Nessus	SuSE Local Security Checks	high
208672	SUSE SLES12 Security Update : kernel (SUSE-SU-2024:3566-1)	Nessus	SuSE Local Security Checks	high
208671	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2024:3569-1)	Nessus	SuSE Local Security Checks	high
208668	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3561-1)	Nessus	SuSE Local Security Checks	high
208667	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3564-1)	Nessus	SuSE Local Security Checks	high
208665	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:3559-1)	Nessus	SuSE Local Security Checks	high
208425	SUSE SLES15 Security Update : kernel (SUSE-SU-2024:3553-1)	Nessus	SuSE Local Security Checks	high
208423	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3551-1)	Nessus	SuSE Local Security Checks	high
208245	Debian dla-3912 : ata-modules-5.10.0-29-armmp-di - security update	Nessus	Debian Local Security Checks	high
208099	Debian dsa-5782 : affs-modules-6.1.0-21-4kc-malta-di - security update	Nessus	Debian Local Security Checks	high

Detections

Analytics

CVE-2024-46702

medium

Tenable Plugins

high

high

high

high

medium

high

high

high

high

high

high

high

high

high

high

high

high