The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0858-1 advisory.

    The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes.


    The following security bugs were fixed:

    - CVE-2019-25162: Fixed a potential use after free (bsc#1220409).
    - CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457).
    - CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459)
    - CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444)
    - CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
    - CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the     same transaction (bsc#1218216).
    - CVE-2023-52340: Fixed ICMPv6 Packet Too Big packets force a DoS of the Linux kernel by forcing     100% CPU (bsc#1219295).
    - CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827).
    - CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140).
    - CVE-2023-52443: Fixed crash when parsed profile name is empty  (bsc#1220240).
    - CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
    - CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround  (bsc#1220251).
    - CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump  (bsc#1220253).
    - CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier  (bsc#1220238).
    - CVE-2023-52451: Fixed access beyond end of drmem array  (bsc#1220250).
    - CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257).
    - CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364).
    - CVE-2023-52457: Fixed skipped resource freeing if  pm_runtime_resume_and_get() failed (bsc#1220350).
    - CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
    - CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
    - CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649)
    - CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796)
    - CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195).
    - CVE-2024-0607: Fixed 64-bit load issue in  nft_byteorder_eval() (bsc#1218915).
    - CVE-2024-1151: Fixed unlimited number of recursions from action  sets (bsc#1219835).
    - CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv  (bsc#1219127).
    - CVE-2024-23850: Fixed double free of anonymous device after snapshot  creation failure (bsc#1219126).
    - CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146).
    - CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927).
    - CVE-2024-26585: Fixed race between tx work scheduling and socket close  (bsc#1220187).
    - CVE-2024-26586: Fixed stack corruption (bsc#1220243).
    - CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255).
    - CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach  (bsc#1220254).
    - CVE-2024-26593: Fixed block process call transactions (bsc#1220009).
    - CVE-2024-26595: Fixed NULL pointer dereference in  error path (bsc#1220344).
    - CVE-2024-26598: Fixed potential UAF in LPI translation  cache (bsc#1220326).
    - CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
    - CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335).
    - CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:0858-1)

high Nessus Plugin ID 192011

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.1

Version 1.6 Sep 9, 2024, 8:42 AM CVSS metrics ("CVSSv3 score" set to 8.8) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H") CVSSv3 score source (set to "CVE-2024-25744") Plugin Feed: 202409090842
Version 1.5 Aug 28, 2024, 11:02 PM CVSS metrics ("Cvssv4 score" set to 0.0) CVSSv2 severity (based on None, severity decreased from "High" to "Low") Plugin metadata Plugin Feed: 202408282302
Version 1.4 Jul 10, 2024, 4:11 PM Plugin metadata Plugin Feed: 202407101611
Version 1.3 Apr 18, 2024, 3:14 PM CVSSv2 score source (changed from "CVE-2024-26589" to "CVE-2024-26598") Plugin Feed: 202404181514
Version 1.2 Mar 19, 2024, 2:37 PM CVSSv2 score source (changed from "CVE-2023-6817" to "CVE-2024-26589") Plugin Feed: 202403191437
Version 1.1 Mar 13, 2024, 4:23 PM Detection (updated detection logic) New Plugin metadata Plugin Feed: 202403131623
Version 1.1 Mar 19, 2024, 12:36 PM CVSSv2 score source (changed from "CVE-2023-6817" to "CVE-2024-26589") Plugin Feed: 202403191236