openSUSE 15 Security Update : kernel (SUSE-SU-2024:3983-1)

critical Nessus Plugin ID 210933

Synopsis

The remote openSUSE host is missing one or more security updates.

Description

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3983-1 advisory.

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556).
- CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893).
- CVE-2022-48957: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() (bsc#1231973).
- CVE-2022-48958: ethernet: aeroflex: fix potential skb leak in greth_init_rings() (bsc#1231889).
- CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976).
- CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979).
- CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286).
- CVE-2022-48966: net: mvneta: Fix an out of bounds check (bsc#1232191).
- CVE-2022-48980: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() (bsc#1232233).
- CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070 git-fix prerequisity).
- CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938).
- CVE-2022-49017: tipc: re-fetch skb cb after tipc_msg_validate (bsc#1232004).
- CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open (bsc#1232175).
- CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797).
- CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762).
- CVE-2024-39476: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (bsc#1227437).
- CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
- CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709).
- CVE-2024-42253: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (bsc#1229005 stable-fixes).
- CVE-2024-44931: gpio: prevent potential speculation leaks in gpio_device_get_desc() (bsc#1229837 stable- fixes).
- CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179).
- CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
- CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456).
- CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715).
- CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801).
- CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773).
- CVE-2024-46809: drm/amd/display: Check BIOS images before it is used (bsc#1231148).
- CVE-2024-46811: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (bsc#1231179).
- CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
- CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193).
- CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195).
- CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197).
- CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200).
- CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203).
- CVE-2024-46828: uprobes: fix kernel info leak via '[uprobes]' vma (bsc#1231114).
- CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096).
- CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105).
- CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094).
- CVE-2024-46848: perf/x86/intel: Limit the period on Haswell (bsc#1231072).
- CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073).
- CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439).
- CVE-2024-47661: drm/amd/display: Avoid overflow from uint32_t to uint8_t (bsc#1231496).
- CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442).
- CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502).
- CVE-2024-47672: wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (bsc#1231540).
- CVE-2024-47673: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (bsc#1231539).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
- CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987).
- CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998).
- CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857).
- CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944).
- CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872).
- CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
- CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935).
- CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049).
- CVE-2024-47720: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (bsc#1232043).
- CVE-2024-47727: x86/tdx: Fix 'in-kernel MMIO' check (bsc#1232116).
- CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075).
- CVE-2024-47738: wifi: mac80211: do not use rate mask for offchannel TX either (bsc#1232114).
- CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124).
- CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135).
- CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).
- CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174).
- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861).
- CVE-2024-49866: tracing/timerlat: Fix a race during cpuhp processing (bsc#1232259).
- CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201).
- CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200).
- CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199).
- CVE-2024-49886: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (bsc#1232196).
- CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217).
- CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220).
- CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221).
- CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355).
- CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358).
- CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305).
- CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332).
- CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337).
- CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366).
- CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369).
- CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965).
- CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967).
- CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968).
- CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313).
- CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374).
- CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361).
- CVE-2024-49929: wifi: iwlwifi: mvm: avoid NULL pointer dereference (bsc#1232253).
- CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260).
- CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368).
- CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424).
- CVE-2024-49939: wifi: rtw89: avoid to add interface to list twice when SER (bsc#1232381).
- CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164).
- CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160).
- CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155).
- CVE-2024-49955: ACPI: battery: Fix possible crash when unregistering a battery hook (bsc#1232154).
- CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151).
- CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149).
- CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395).
- CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140).
- CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).
- CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105).
- CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).
- CVE-2024-49975: uprobes: fix kernel info leak via '[uprobes]' vma (bsc#1232104).
- CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282).
- CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316).
- CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
- CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
- CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085).
- CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084).
- CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083).
- CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442).
- CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446).
- CVE-2024-50019: kthread: unpark only parked kthread (bsc#1231990).
- CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954).
- CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950).
- CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914).
- CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392).
- CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907).
- CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903).
- CVE-2024-50046: kabi fix for NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902).
- CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).
- CVE-2024-50048: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (bsc#1232310).
- CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329).
- CVE-2024-50058: serial: protect uart_port_dtr_rts() in uart_shutdown() too (bsc#1232285).
- CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345).
- CVE-2024-50061: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (bsc#1232263).
- CVE-2024-50063: kABI: bpf: struct bpf_map kABI workaround (bsc#1232435).
- CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1204171

https://www.suse.com/security/cve/CVE-2022-3435

https://www.suse.com/security/cve/CVE-2022-45934

https://bugzilla.suse.com/1205796

https://bugzilla.suse.com/1206188

https://bugzilla.suse.com/1206344

https://bugzilla.suse.com/1209290

https://www.suse.com/security/cve/CVE-2023-28327

https://bugzilla.suse.com/1210449

https://bugzilla.suse.com/1213034

https://bugzilla.suse.com/1210627

https://www.suse.com/security/cve/CVE-2023-2166

https://bugzilla.suse.com/1218562

https://www.suse.com/security/cve/CVE-2023-6270

https://bugzilla.suse.com/1223824

https://www.suse.com/security/cve/CVE-2024-27043

https://bugzilla.suse.com/1223384

https://bugzilla.suse.com/1225189

https://bugzilla.suse.com/1225336

https://www.suse.com/security/cve/CVE-2021-47416

https://www.suse.com/security/cve/CVE-2021-47534

https://www.suse.com/security/cve/CVE-2023-52766

https://www.suse.com/security/cve/CVE-2023-52800

https://bugzilla.suse.com/1225611

https://www.suse.com/security/cve/CVE-2023-52881

https://bugzilla.suse.com/1225762

https://www.suse.com/security/cve/CVE-2024-36957

https://bugzilla.suse.com/1228269

https://bugzilla.suse.com/1228743

https://www.suse.com/security/cve/CVE-2024-42145

https://bugzilla.suse.com/1228709

https://www.suse.com/security/cve/CVE-2024-42226

https://bugzilla.suse.com/1229454

https://www.suse.com/security/cve/CVE-2024-44947

https://bugzilla.suse.com/1227437

https://bugzilla.suse.com/1229005

https://bugzilla.suse.com/1229456

https://bugzilla.suse.com/1229837

https://www.suse.com/security/cve/CVE-2024-39476

https://www.suse.com/security/cve/CVE-2024-42253

https://www.suse.com/security/cve/CVE-2024-44931

https://bugzilla.suse.com/1231016

https://bugzilla.suse.com/1227885

https://bugzilla.suse.com/1229019

https://bugzilla.suse.com/1230715

https://bugzilla.suse.com/1230722

https://www.suse.com/security/cve/CVE-2024-40965

https://www.suse.com/security/cve/CVE-2024-46716

https://www.suse.com/security/cve/CVE-2024-46719

https://bugzilla.suse.com/1230620

https://bugzilla.suse.com/1216813

https://bugzilla.suse.com/1223524

https://bugzilla.suse.com/1226498

https://bugzilla.suse.com/1226797

https://bugzilla.suse.com/1228119

https://bugzilla.suse.com/1229450

https://bugzilla.suse.com/1229556

https://bugzilla.suse.com/1229769

https://bugzilla.suse.com/1230179

https://bugzilla.suse.com/1230405

https://bugzilla.suse.com/1230414

https://bugzilla.suse.com/1230429

https://bugzilla.suse.com/1230456

https://bugzilla.suse.com/1230600

https://bugzilla.suse.com/1230773

https://bugzilla.suse.com/1230801

https://bugzilla.suse.com/1230903

https://bugzilla.suse.com/1230918

https://bugzilla.suse.com/1231072

https://bugzilla.suse.com/1231073

https://bugzilla.suse.com/1231094

https://bugzilla.suse.com/1231096

https://bugzilla.suse.com/1231105

https://bugzilla.suse.com/1231114

https://bugzilla.suse.com/1231148

https://bugzilla.suse.com/1231179

https://bugzilla.suse.com/1231191

https://bugzilla.suse.com/1231193

https://bugzilla.suse.com/1231195

https://bugzilla.suse.com/1231197

https://bugzilla.suse.com/1231200

https://bugzilla.suse.com/1231203

https://bugzilla.suse.com/1231293

https://bugzilla.suse.com/1231344

https://bugzilla.suse.com/1231375

https://bugzilla.suse.com/1231383

https://bugzilla.suse.com/1231439

https://bugzilla.suse.com/1231442

https://bugzilla.suse.com/1231496

https://bugzilla.suse.com/1231502

https://bugzilla.suse.com/1231539

https://bugzilla.suse.com/1231540

https://bugzilla.suse.com/1231578

https://bugzilla.suse.com/1231673

https://bugzilla.suse.com/1231857

https://bugzilla.suse.com/1231861

https://bugzilla.suse.com/1231872

https://bugzilla.suse.com/1231883

https://bugzilla.suse.com/1231885

https://bugzilla.suse.com/1231887

https://bugzilla.suse.com/1231888

https://bugzilla.suse.com/1231889

https://bugzilla.suse.com/1231890

https://bugzilla.suse.com/1231892

https://bugzilla.suse.com/1231893

https://bugzilla.suse.com/1231895

https://bugzilla.suse.com/1231896

https://bugzilla.suse.com/1231897

https://bugzilla.suse.com/1231902

https://bugzilla.suse.com/1231903

https://bugzilla.suse.com/1231907

https://bugzilla.suse.com/1231914

https://bugzilla.suse.com/1231929

https://bugzilla.suse.com/1231935

https://bugzilla.suse.com/1231936

https://bugzilla.suse.com/1231937

https://bugzilla.suse.com/1231938

https://bugzilla.suse.com/1231939

https://bugzilla.suse.com/1231940

https://bugzilla.suse.com/1231941

https://bugzilla.suse.com/1231942

https://bugzilla.suse.com/1231944

https://bugzilla.suse.com/1231950

https://bugzilla.suse.com/1231954

https://bugzilla.suse.com/1231958

https://bugzilla.suse.com/1231960

https://bugzilla.suse.com/1231961

https://bugzilla.suse.com/1231962

https://bugzilla.suse.com/1231965

https://bugzilla.suse.com/1231967

https://bugzilla.suse.com/1231968

https://bugzilla.suse.com/1231972

https://bugzilla.suse.com/1231973

https://bugzilla.suse.com/1231976

https://bugzilla.suse.com/1231979

https://bugzilla.suse.com/1231987

https://bugzilla.suse.com/1231988

https://bugzilla.suse.com/1231990

https://bugzilla.suse.com/1231992

https://bugzilla.suse.com/1231995

https://bugzilla.suse.com/1231996

https://bugzilla.suse.com/1231997

https://bugzilla.suse.com/1231998

https://bugzilla.suse.com/1232001

https://bugzilla.suse.com/1232004

https://bugzilla.suse.com/1232005

https://bugzilla.suse.com/1232006

https://bugzilla.suse.com/1232007

https://bugzilla.suse.com/1232025

https://bugzilla.suse.com/1232026

https://bugzilla.suse.com/1232033

https://bugzilla.suse.com/1232034

https://bugzilla.suse.com/1232035

https://bugzilla.suse.com/1232036

https://bugzilla.suse.com/1232037

https://bugzilla.suse.com/1232038

https://bugzilla.suse.com/1232039

https://bugzilla.suse.com/1232043

https://bugzilla.suse.com/1232049

https://bugzilla.suse.com/1232067

https://bugzilla.suse.com/1232069

https://bugzilla.suse.com/1232070

https://bugzilla.suse.com/1232071

https://bugzilla.suse.com/1232075

https://bugzilla.suse.com/1232083

https://bugzilla.suse.com/1232084

https://bugzilla.suse.com/1232085

https://bugzilla.suse.com/1232089

https://bugzilla.suse.com/1232097

https://bugzilla.suse.com/1232104

https://bugzilla.suse.com/1232105

https://bugzilla.suse.com/1232108

https://bugzilla.suse.com/1232114

https://bugzilla.suse.com/1232116

https://bugzilla.suse.com/1232119

https://bugzilla.suse.com/1232120

https://bugzilla.suse.com/1232123

https://bugzilla.suse.com/1232124

https://bugzilla.suse.com/1232133

https://bugzilla.suse.com/1232135

https://bugzilla.suse.com/1232136

https://bugzilla.suse.com/1232140

https://bugzilla.suse.com/1232145

https://bugzilla.suse.com/1232149

https://bugzilla.suse.com/1232150

https://bugzilla.suse.com/1232151

https://bugzilla.suse.com/1232154

https://bugzilla.suse.com/1232155

https://bugzilla.suse.com/1232160

https://bugzilla.suse.com/1232163

https://bugzilla.suse.com/1232164

https://bugzilla.suse.com/1232170

https://bugzilla.suse.com/1232172

https://bugzilla.suse.com/1232174

https://bugzilla.suse.com/1232175

https://bugzilla.suse.com/1232191

https://bugzilla.suse.com/1232196

https://bugzilla.suse.com/1232199

https://bugzilla.suse.com/1232200

https://bugzilla.suse.com/1232201

https://bugzilla.suse.com/1232217

https://bugzilla.suse.com/1232220

https://bugzilla.suse.com/1232221

https://bugzilla.suse.com/1232229

https://bugzilla.suse.com/1232233

https://bugzilla.suse.com/1232237

https://bugzilla.suse.com/1232251

https://bugzilla.suse.com/1232253

https://bugzilla.suse.com/1232259

https://bugzilla.suse.com/1232260

https://bugzilla.suse.com/1232262

https://bugzilla.suse.com/1232263

https://bugzilla.suse.com/1232282

https://bugzilla.suse.com/1232285

https://bugzilla.suse.com/1232286

https://bugzilla.suse.com/1232304

https://bugzilla.suse.com/1232305

https://bugzilla.suse.com/1232307

https://bugzilla.suse.com/1232309

https://bugzilla.suse.com/1232310

https://bugzilla.suse.com/1232313

https://bugzilla.suse.com/1232314

https://bugzilla.suse.com/1232316

https://bugzilla.suse.com/1232329

https://bugzilla.suse.com/1232332

https://bugzilla.suse.com/1232335

https://bugzilla.suse.com/1232337

https://bugzilla.suse.com/1232342

https://bugzilla.suse.com/1232345

https://bugzilla.suse.com/1232352

https://bugzilla.suse.com/1232354

https://bugzilla.suse.com/1232355

https://bugzilla.suse.com/1232358

https://bugzilla.suse.com/1232361

https://bugzilla.suse.com/1232366

https://bugzilla.suse.com/1232367

https://bugzilla.suse.com/1232368

https://bugzilla.suse.com/1232369

https://bugzilla.suse.com/1232374

https://bugzilla.suse.com/1232381

https://bugzilla.suse.com/1232383

https://bugzilla.suse.com/1232392

https://bugzilla.suse.com/1232395

https://bugzilla.suse.com/1232418

https://bugzilla.suse.com/1232424

https://bugzilla.suse.com/1232432

https://bugzilla.suse.com/1232435

https://bugzilla.suse.com/1232442

https://bugzilla.suse.com/1232446

https://bugzilla.suse.com/1232501

https://bugzilla.suse.com/1232519

https://bugzilla.suse.com/1232630

https://bugzilla.suse.com/1232631

https://bugzilla.suse.com/1232632

https://bugzilla.suse.com/1232757

http://www.nessus.org/u?9f7ca52a

https://www.suse.com/security/cve/CVE-2022-48664

https://www.suse.com/security/cve/CVE-2022-48879

https://www.suse.com/security/cve/CVE-2022-48946

https://www.suse.com/security/cve/CVE-2022-48947

https://www.suse.com/security/cve/CVE-2022-48948

https://www.suse.com/security/cve/CVE-2022-48949

https://www.suse.com/security/cve/CVE-2022-48951

https://www.suse.com/security/cve/CVE-2022-48953

https://www.suse.com/security/cve/CVE-2022-48954

https://www.suse.com/security/cve/CVE-2022-48955

https://www.suse.com/security/cve/CVE-2022-48956

https://www.suse.com/security/cve/CVE-2022-48957

https://www.suse.com/security/cve/CVE-2022-48958

https://www.suse.com/security/cve/CVE-2022-48959

https://www.suse.com/security/cve/CVE-2022-48960

https://www.suse.com/security/cve/CVE-2022-48961

https://www.suse.com/security/cve/CVE-2022-48962

https://www.suse.com/security/cve/CVE-2022-48966

https://www.suse.com/security/cve/CVE-2022-48967

https://www.suse.com/security/cve/CVE-2022-48968

https://www.suse.com/security/cve/CVE-2022-48969

https://www.suse.com/security/cve/CVE-2022-48970

https://www.suse.com/security/cve/CVE-2022-48971

https://www.suse.com/security/cve/CVE-2022-48972

https://www.suse.com/security/cve/CVE-2022-48973

https://www.suse.com/security/cve/CVE-2022-48975

https://www.suse.com/security/cve/CVE-2022-48977

https://www.suse.com/security/cve/CVE-2022-48978

https://www.suse.com/security/cve/CVE-2022-48980

https://www.suse.com/security/cve/CVE-2022-48981

https://www.suse.com/security/cve/CVE-2022-48985

https://www.suse.com/security/cve/CVE-2022-48987

https://www.suse.com/security/cve/CVE-2022-48988

https://www.suse.com/security/cve/CVE-2022-48991

https://www.suse.com/security/cve/CVE-2022-48992

https://www.suse.com/security/cve/CVE-2022-48994

https://www.suse.com/security/cve/CVE-2022-48995

https://www.suse.com/security/cve/CVE-2022-48997

https://www.suse.com/security/cve/CVE-2022-48999

https://www.suse.com/security/cve/CVE-2022-49000

https://www.suse.com/security/cve/CVE-2022-49002

https://www.suse.com/security/cve/CVE-2022-49003

https://www.suse.com/security/cve/CVE-2022-49005

https://www.suse.com/security/cve/CVE-2022-49006

https://www.suse.com/security/cve/CVE-2022-49007

https://www.suse.com/security/cve/CVE-2022-49010

https://www.suse.com/security/cve/CVE-2022-49011

https://www.suse.com/security/cve/CVE-2022-49012

https://www.suse.com/security/cve/CVE-2022-49014

https://www.suse.com/security/cve/CVE-2022-49015

https://www.suse.com/security/cve/CVE-2022-49016

https://www.suse.com/security/cve/CVE-2022-49017

https://www.suse.com/security/cve/CVE-2022-49019

https://www.suse.com/security/cve/CVE-2022-49020

https://www.suse.com/security/cve/CVE-2022-49021

https://www.suse.com/security/cve/CVE-2022-49022

https://www.suse.com/security/cve/CVE-2022-49023

https://www.suse.com/security/cve/CVE-2022-49024

https://www.suse.com/security/cve/CVE-2022-49025

https://www.suse.com/security/cve/CVE-2022-49026

https://www.suse.com/security/cve/CVE-2022-49027

https://www.suse.com/security/cve/CVE-2022-49028

https://www.suse.com/security/cve/CVE-2022-49029

https://www.suse.com/security/cve/CVE-2022-49031

https://www.suse.com/security/cve/CVE-2022-49032

https://www.suse.com/security/cve/CVE-2023-52919

https://www.suse.com/security/cve/CVE-2024-36244

https://www.suse.com/security/cve/CVE-2024-44958

https://www.suse.com/security/cve/CVE-2024-45016

https://www.suse.com/security/cve/CVE-2024-45025

https://www.suse.com/security/cve/CVE-2024-46754

https://www.suse.com/security/cve/CVE-2024-46777

https://www.suse.com/security/cve/CVE-2024-46809

https://www.suse.com/security/cve/CVE-2024-46811

https://www.suse.com/security/cve/CVE-2024-46813

https://www.suse.com/security/cve/CVE-2024-46814

https://www.suse.com/security/cve/CVE-2024-46815

https://www.suse.com/security/cve/CVE-2024-46816

https://www.suse.com/security/cve/CVE-2024-46817

https://www.suse.com/security/cve/CVE-2024-46818

https://www.suse.com/security/cve/CVE-2024-46828

https://www.suse.com/security/cve/CVE-2024-46834

https://www.suse.com/security/cve/CVE-2024-46840

https://www.suse.com/security/cve/CVE-2024-46841

https://www.suse.com/security/cve/CVE-2024-46848

https://www.suse.com/security/cve/CVE-2024-46849

https://www.suse.com/security/cve/CVE-2024-47660

https://www.suse.com/security/cve/CVE-2024-47661

https://www.suse.com/security/cve/CVE-2024-47664

https://www.suse.com/security/cve/CVE-2024-47668

https://www.suse.com/security/cve/CVE-2024-47672

https://www.suse.com/security/cve/CVE-2024-47673

https://www.suse.com/security/cve/CVE-2024-47674

https://www.suse.com/security/cve/CVE-2024-47684

https://www.suse.com/security/cve/CVE-2024-47685

https://www.suse.com/security/cve/CVE-2024-47692

https://www.suse.com/security/cve/CVE-2024-47704

https://www.suse.com/security/cve/CVE-2024-47705

https://www.suse.com/security/cve/CVE-2024-47706

https://www.suse.com/security/cve/CVE-2024-47707

https://www.suse.com/security/cve/CVE-2024-47710

https://www.suse.com/security/cve/CVE-2024-47720

https://www.suse.com/security/cve/CVE-2024-47727

https://www.suse.com/security/cve/CVE-2024-47730

https://www.suse.com/security/cve/CVE-2024-47738

https://www.suse.com/security/cve/CVE-2024-47739

https://www.suse.com/security/cve/CVE-2024-47745

https://www.suse.com/security/cve/CVE-2024-47747

https://www.suse.com/security/cve/CVE-2024-47748

https://www.suse.com/security/cve/CVE-2024-49858

https://www.suse.com/security/cve/CVE-2024-49860

https://www.suse.com/security/cve/CVE-2024-49866

https://www.suse.com/security/cve/CVE-2024-49867

https://www.suse.com/security/cve/CVE-2024-49881

https://www.suse.com/security/cve/CVE-2024-49882

https://www.suse.com/security/cve/CVE-2024-49883

https://www.suse.com/security/cve/CVE-2024-49886

https://www.suse.com/security/cve/CVE-2024-49890

https://www.suse.com/security/cve/CVE-2024-49892

https://www.suse.com/security/cve/CVE-2024-49894

https://www.suse.com/security/cve/CVE-2024-49895

https://www.suse.com/security/cve/CVE-2024-49896

https://www.suse.com/security/cve/CVE-2024-49897

https://www.suse.com/security/cve/CVE-2024-49899

https://www.suse.com/security/cve/CVE-2024-49901

https://www.suse.com/security/cve/CVE-2024-49906

https://www.suse.com/security/cve/CVE-2024-49908

https://www.suse.com/security/cve/CVE-2024-49909

https://www.suse.com/security/cve/CVE-2024-49911

https://www.suse.com/security/cve/CVE-2024-49912

https://www.suse.com/security/cve/CVE-2024-49913

https://www.suse.com/security/cve/CVE-2024-49914

https://www.suse.com/security/cve/CVE-2024-49917

https://www.suse.com/security/cve/CVE-2024-49918

https://www.suse.com/security/cve/CVE-2024-49919

https://www.suse.com/security/cve/CVE-2024-49920

https://www.suse.com/security/cve/CVE-2024-49922

https://www.suse.com/security/cve/CVE-2024-49923

https://www.suse.com/security/cve/CVE-2024-49929

https://www.suse.com/security/cve/CVE-2024-49930

https://www.suse.com/security/cve/CVE-2024-49933

https://www.suse.com/security/cve/CVE-2024-49936

https://www.suse.com/security/cve/CVE-2024-49939

https://www.suse.com/security/cve/CVE-2024-49946

https://www.suse.com/security/cve/CVE-2024-49949

https://www.suse.com/security/cve/CVE-2024-49954

https://www.suse.com/security/cve/CVE-2024-49955

https://www.suse.com/security/cve/CVE-2024-49958

https://www.suse.com/security/cve/CVE-2024-49959

https://www.suse.com/security/cve/CVE-2024-49960

https://www.suse.com/security/cve/CVE-2024-49962

https://www.suse.com/security/cve/CVE-2024-49967

https://www.suse.com/security/cve/CVE-2024-49969

https://www.suse.com/security/cve/CVE-2024-49973

https://www.suse.com/security/cve/CVE-2024-49974

https://www.suse.com/security/cve/CVE-2024-49975

https://www.suse.com/security/cve/CVE-2024-49982

https://www.suse.com/security/cve/CVE-2024-49991

https://www.suse.com/security/cve/CVE-2024-49993

https://www.suse.com/security/cve/CVE-2024-49995

https://www.suse.com/security/cve/CVE-2024-49996

https://www.suse.com/security/cve/CVE-2024-50000

https://www.suse.com/security/cve/CVE-2024-50001

https://www.suse.com/security/cve/CVE-2024-50002

https://www.suse.com/security/cve/CVE-2024-50006

https://www.suse.com/security/cve/CVE-2024-50014

https://www.suse.com/security/cve/CVE-2024-50019

https://www.suse.com/security/cve/CVE-2024-50024

https://www.suse.com/security/cve/CVE-2024-50028

https://www.suse.com/security/cve/CVE-2024-50033

https://www.suse.com/security/cve/CVE-2024-50035

https://www.suse.com/security/cve/CVE-2024-50041

https://www.suse.com/security/cve/CVE-2024-50045

https://www.suse.com/security/cve/CVE-2024-50046

https://www.suse.com/security/cve/CVE-2024-50047

https://www.suse.com/security/cve/CVE-2024-50048

https://www.suse.com/security/cve/CVE-2024-50049

https://www.suse.com/security/cve/CVE-2024-50055

https://www.suse.com/security/cve/CVE-2024-50058

https://www.suse.com/security/cve/CVE-2024-50059

https://www.suse.com/security/cve/CVE-2024-50061

https://www.suse.com/security/cve/CVE-2024-50063

https://www.suse.com/security/cve/CVE-2024-50081

Plugin Details

Severity: Critical

ID: 210933

File Name: suse_SU-2024-3983-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 11/14/2024

Updated: 11/14/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.4

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C

CVSS Score Source: CVE-2024-47685

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/13/2024

Vulnerability Publication Date: 10/8/2022

Reference Information

CVE: CVE-2021-47416, CVE-2021-47534, CVE-2022-3435, CVE-2022-45934, CVE-2022-48664, CVE-2022-48879, CVE-2022-48946, CVE-2022-48947, CVE-2022-48948, CVE-2022-48949, CVE-2022-48951, CVE-2022-48953, CVE-2022-48954, CVE-2022-48955, CVE-2022-48956, CVE-2022-48957, CVE-2022-48958, CVE-2022-48959, CVE-2022-48960, CVE-2022-48961, CVE-2022-48962, CVE-2022-48966, CVE-2022-48967, CVE-2022-48968, CVE-2022-48969, CVE-2022-48970, CVE-2022-48971, CVE-2022-48972, CVE-2022-48973, CVE-2022-48975, CVE-2022-48977, CVE-2022-48978, CVE-2022-48980, CVE-2022-48981, CVE-2022-48985, CVE-2022-48987, CVE-2022-48988, CVE-2022-48991, CVE-2022-48992, CVE-2022-48994, CVE-2022-48995, CVE-2022-48997, CVE-2022-48999, CVE-2022-49000, CVE-2022-49002, CVE-2022-49003, CVE-2022-49005, CVE-2022-49006, CVE-2022-49007, CVE-2022-49010, CVE-2022-49011, CVE-2022-49012, CVE-2022-49014, CVE-2022-49015, CVE-2022-49016, CVE-2022-49017, CVE-2022-49019, CVE-2022-49020, CVE-2022-49021, CVE-2022-49022, CVE-2022-49023, CVE-2022-49024, CVE-2022-49025, CVE-2022-49026, CVE-2022-49027, CVE-2022-49028, CVE-2022-49029, CVE-2022-49031, CVE-2022-49032, CVE-2023-2166, CVE-2023-28327, CVE-2023-52766, CVE-2023-52800, CVE-2023-52881, CVE-2023-52919, CVE-2023-6270, CVE-2024-27043, CVE-2024-36244, CVE-2024-36957, CVE-2024-39476, CVE-2024-40965, CVE-2024-42145, CVE-2024-42226, CVE-2024-42253, CVE-2024-44931, CVE-2024-44947, CVE-2024-44958, CVE-2024-45016, CVE-2024-45025, CVE-2024-46716, CVE-2024-46719, CVE-2024-46754, CVE-2024-46777, CVE-2024-46809, CVE-2024-46811, CVE-2024-46813, CVE-2024-46814, CVE-2024-46815, CVE-2024-46816, CVE-2024-46817, CVE-2024-46818, CVE-2024-46828, CVE-2024-46834, CVE-2024-46840, CVE-2024-46841, CVE-2024-46848, CVE-2024-46849, CVE-2024-47660, CVE-2024-47661, CVE-2024-47664, CVE-2024-47668, CVE-2024-47672, CVE-2024-47673, CVE-2024-47674, CVE-2024-47684, CVE-2024-47685, CVE-2024-47692, CVE-2024-47704, CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47710, CVE-2024-47720, CVE-2024-47727, CVE-2024-47730, CVE-2024-47738, CVE-2024-47739, CVE-2024-47745, CVE-2024-47747, CVE-2024-47748, CVE-2024-49858, CVE-2024-49860, CVE-2024-49866, CVE-2024-49867, CVE-2024-49881, CVE-2024-49882, CVE-2024-49883, CVE-2024-49886, CVE-2024-49890, CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896, CVE-2024-49897, CVE-2024-49899, CVE-2024-49901, CVE-2024-49906, CVE-2024-49908, CVE-2024-49909, CVE-2024-49911, CVE-2024-49912, CVE-2024-49913, CVE-2024-49914, CVE-2024-49917, CVE-2024-49918, CVE-2024-49919, CVE-2024-49920, CVE-2024-49922, CVE-2024-49923, CVE-2024-49929, CVE-2024-49930, CVE-2024-49933, CVE-2024-49936, CVE-2024-49939, CVE-2024-49946, CVE-2024-49949, CVE-2024-49954, CVE-2024-49955, CVE-2024-49958, CVE-2024-49959, CVE-2024-49960, CVE-2024-49962, CVE-2024-49967, CVE-2024-49969, CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49982, CVE-2024-49991, CVE-2024-49993, CVE-2024-49995, CVE-2024-49996, CVE-2024-50000, CVE-2024-50001, CVE-2024-50002, CVE-2024-50006, CVE-2024-50014, CVE-2024-50019, CVE-2024-50024, CVE-2024-50028, CVE-2024-50033, CVE-2024-50035, CVE-2024-50041, CVE-2024-50045, CVE-2024-50046, CVE-2024-50047, CVE-2024-50048, CVE-2024-50049, CVE-2024-50055, CVE-2024-50058, CVE-2024-50059, CVE-2024-50061, CVE-2024-50063, CVE-2024-50081

SuSE: SUSE-SU-2024:3983-1