SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:0117-1)

high Nessus Plugin ID 214250

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0117-1 advisory.

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-27397: netfilter: nf_tables: use timestamp to check for set element timeout (bsc#1224095).
- CVE-2024-35839: kABI fix for netfilter: bridge: replace physindev with physinif in nf_bridge_info (bsc#1224726).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526).
- CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809).
- CVE-2024-44996: vsock: fix recursive ->recvmsg calls (bsc#1230205).
- CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854).
- CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419).
- CVE-2024-50039: kABI: Restore deleted EXPORT_SYMBOL(__qdisc_calculate_pkt_len) (bsc#1231909).
- CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324).
- CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200).
- CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239).
- CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-53050: drm/i915/hdcp: Add encoder check in hdcp2_get_capability (bsc#1233546).
- CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558).
- CVE-2024-53090: afs: Fix lock recursion (bsc#1233637).
- CVE-2024-53099: bpf: Check validity of link->type in bpf_link_show_fdinfo() (bsc#1233772).
- CVE-2024-53105: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() (bsc#1234069).
- CVE-2024-53111: mm/mremap: fix address wraparound in move_page_tables() (bsc#1234086).
- CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077).
- CVE-2024-53117: virtio/vsock: Improve MSG_ZEROCOPY error handling (bsc#1234079).
- CVE-2024-53118: vsock: Fix sk_error_queue memory leak (bsc#1234071).
- CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073).
- CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219).
- CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220).
- CVE-2024-53133: drm/amd/display: Handle dml allocation failure to avoid crash (bsc#1234221)
- CVE-2024-53134: pmdomain: imx93-blk-ctrl: correct remove path (bsc#1234159).
- CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1234381).
- CVE-2024-53160: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810).
- CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856).
- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
- CVE-2024-53216: nfsd: fix UAF when access ex_uuid or ex_stats (bsc#1235003).
- CVE-2024-53222: zram: fix NULL pointer in comp_algorithm_show() (bsc#1234974).
- CVE-2024-53234: erofs: handle NONHEAD !delta[1] lclusters gracefully (bsc#1235045).
- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (bsc#1234282).
- CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912).
- CVE-2024-56566: mm/slub: Avoid list corruption when removing a slab from the full list (bsc#1235033).
- CVE-2024-56582: btrfs: fix use-after-free in btrfs_encoded_read_endio() (bsc#1235128).
- CVE-2024-56599: wifi: ath10k: avoid NULL pointer error during sdio remove (bsc#1235138).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 214250

File Name: suse_SU-2025-0117-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 1/16/2025

Updated: 1/16/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.1

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2024-8805

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-source-azure, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-devel-azure, p-cpe:/a:novell:suse_linux:kernel-azure, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/15/2025

Vulnerability Publication Date: 2/15/2024

Reference Information

CVE: CVE-2024-26924, CVE-2024-27397, CVE-2024-35839, CVE-2024-36908, CVE-2024-36915, CVE-2024-39480, CVE-2024-41042, CVE-2024-44934, CVE-2024-44996, CVE-2024-47678, CVE-2024-49854, CVE-2024-49884, CVE-2024-49915, CVE-2024-50016, CVE-2024-50018, CVE-2024-50039, CVE-2024-50047, CVE-2024-50143, CVE-2024-50154, CVE-2024-50202, CVE-2024-50203, CVE-2024-50211, CVE-2024-50228, CVE-2024-50256, CVE-2024-50262, CVE-2024-50272, CVE-2024-50278, CVE-2024-50279, CVE-2024-50280, CVE-2024-53050, CVE-2024-53064, CVE-2024-53090, CVE-2024-53099, CVE-2024-53103, CVE-2024-53105, CVE-2024-53111, CVE-2024-53113, CVE-2024-53117, CVE-2024-53118, CVE-2024-53119, CVE-2024-53120, CVE-2024-53122, CVE-2024-53125, CVE-2024-53126, CVE-2024-53127, CVE-2024-53129, CVE-2024-53130, CVE-2024-53131, CVE-2024-53133, CVE-2024-53134, CVE-2024-53136, CVE-2024-53141, CVE-2024-53142, CVE-2024-53144, CVE-2024-53146, CVE-2024-53148, CVE-2024-53150, CVE-2024-53151, CVE-2024-53154, CVE-2024-53155, CVE-2024-53156, CVE-2024-53157, CVE-2024-53158, CVE-2024-53159, CVE-2024-53160, CVE-2024-53161, CVE-2024-53162, CVE-2024-53166, CVE-2024-53169, CVE-2024-53171, CVE-2024-53173, CVE-2024-53174, CVE-2024-53179, CVE-2024-53180, CVE-2024-53188, CVE-2024-53190, CVE-2024-53191, CVE-2024-53200, CVE-2024-53201, CVE-2024-53202, CVE-2024-53206, CVE-2024-53207, CVE-2024-53208, CVE-2024-53209, CVE-2024-53210, CVE-2024-53213, CVE-2024-53214, CVE-2024-53215, CVE-2024-53216, CVE-2024-53217, CVE-2024-53222, CVE-2024-53224, CVE-2024-53229, CVE-2024-53234, CVE-2024-53237, CVE-2024-53240, CVE-2024-53241, CVE-2024-56536, CVE-2024-56539, CVE-2024-56549, CVE-2024-56551, CVE-2024-56562, CVE-2024-56566, CVE-2024-56567, CVE-2024-56576, CVE-2024-56582, CVE-2024-56599, CVE-2024-56604, CVE-2024-56605, CVE-2024-56645, CVE-2024-56667, CVE-2024-56752, CVE-2024-56754, CVE-2024-56755, CVE-2024-56756, CVE-2024-8805

SuSE: SUSE-SU-2025:0117-1

Detections

Analytics

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:0117-1)

high Nessus Plugin ID 214250

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

VPR

CVSS v2

CVSS v3

Vulnerability Information

Reference Information