Detections
Analytics
SUSE SLES15 Security Update : kernel (SUSE-SU-2025:0201-1)
high Nessus Plugin ID 214457
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0201-1 advisory.The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver (bsc#1203332).
- CVE-2022-48742: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (bsc#1226694).
- CVE-2022-49033: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() (bsc#1232045).
- CVE-2023-1382: Fixed denial of service in tipc_conn_close (bsc#1209288).
- CVE-2023-33951: Fixed a race condition that could have led to an information disclosure inside the vmwgfx driver (bsc#1211593).
- CVE-2023-33952: Fixed a double free that could have led to a local privilege escalation inside the vmwgfx driver (bsc#1211595).
- CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking (bsc#1232823).
- CVE-2024-26886: Bluetooth: af_bluetooth: Fix deadlock (bsc#1223044).
- CVE-2024-26924: scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1225820).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-44934: net: bridge: mcast: wait for previous gc cycles when removing port (bsc#1229809).
- CVE-2024-47666: scsi: pm80xx: Set phy->enable_completion only when we wait for it (bsc#1231453).
- CVE-2024-47678: icmp: change the order of rate limits (bsc#1231854).
- CVE-2024-49944: sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start (bsc#1232166).
- CVE-2024-49952: netfilter: nf_tables: prevent nf_skb_duplicated corruption (bsc#1232157).
- CVE-2024-50018: net: napi: Prevent overflow of napi_defer_hard_irqs (bsc#1232419).
- CVE-2024-50143: udf: fix uninit-value use in udf_get_fileshortad (bsc#1233038).
- CVE-2024-50166: fsl/fman: Fix refcount handling of fman-related devices (bsc#1233050).
- CVE-2024-50181: clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (bsc#1233127).
- CVE-2024-50202: nilfs2: propagate directory read errors from nilfs_find_entry() (bsc#1233324).
- CVE-2024-50211: udf: refactor inode_bmap() to handle error (bsc#1233096).
- CVE-2024-50256: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (bsc#1233200).
- CVE-2024-50262: bpf: Fix out-of-bounds write in trie_get_next_key() (bsc#1233239).
- CVE-2024-50278, CVE-2024-50280: dm cache: fix flushing uninitialized delayed_work on cache_ctr error (bsc#1233467 bsc#1233469).
- CVE-2024-50278: dm cache: fix potential out-of-bounds access on the first resume (bsc#1233467).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50296: net: hns3: fix kernel crash when uninstalling driver (bsc#1233485).
- CVE-2024-53051: drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability (bsc#1233547).
- CVE-2024-53055: wifi: iwlwifi: mvm: fix 6 GHz scan construction (bsc#1233550).
- CVE-2024-53056: drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy() (bsc#1233568).
- CVE-2024-53064: idpf: fix idpf_vc_core_init error path (bsc#1233558 bsc#1234464).
- CVE-2024-53072: platform/x86/amd/pmc: Detect when STB is not available (bsc#1233564).
- CVE-2024-53090: afs: Fix lock recursion (bsc#1233637).
- CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642).
- CVE-2024-53101: fs: Fix uninitialized value issue in from_kuid and from_kgid (bsc#1233769).
- CVE-2024-53113: mm: fix NULL pointer dereference in alloc_pages_bulk_noprof (bsc#1234077).
- CVE-2024-53114: x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client (bsc#1234072).
- CVE-2024-53119: virtio/vsock: Fix accept_queue memory leak (bsc#1234073).
- CVE-2024-53122: mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (bsc#1234076).
- CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
- CVE-2024-53130: nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (bsc#1234219).
- CVE-2024-53131: nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (bsc#1234220).
- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
- CVE-2024-53150: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (bsc#1234834).
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).
- CVE-2024-53157: firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (bsc#1234827).
- CVE-2024-53158: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (bsc#1234811).
- CVE-2024-53161: EDAC/bluefield: Fix potential integer overflow (bsc#1234856).
- CVE-2024-53162: crypto: qat/qat_4xxx - fix off by one in uof_get_name() (bsc#1234843).
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).
- CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921).
- CVE-2024-53210: s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (bsc#1234971).
- CVE-2024-53213: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (bsc#1234973).
- CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004).
- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).
- CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281).
- CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282).
- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).
- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).
- CVE-2024-56549: cachefiles: Fix NULL pointer dereference in object->file (bsc#1234912).
- CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035).
- CVE-2024-56571: media: uvcvideo: Require entities to have a non-zero unique ID (bsc#1235037).
- CVE-2024-56575: media: imx-jpeg: Ensure power suppliers be suspended before detach them (bsc#1235039).
- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).
- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).
- CVE-2024-56755: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING (bsc#1234920).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1170891
https://bugzilla.suse.com/1173139
https://bugzilla.suse.com/1185010
https://bugzilla.suse.com/1190358
https://bugzilla.suse.com/1190428
https://bugzilla.suse.com/1203332
https://bugzilla.suse.com/1205521
https://bugzilla.suse.com/1209288
https://bugzilla.suse.com/1209798
https://bugzilla.suse.com/1211593
https://bugzilla.suse.com/1211595
https://bugzilla.suse.com/1214635
https://bugzilla.suse.com/1215304
https://bugzilla.suse.com/1215523
https://bugzilla.suse.com/1216813
https://bugzilla.suse.com/1216909
https://bugzilla.suse.com/1219608
https://bugzilla.suse.com/1222878
https://bugzilla.suse.com/1223044
https://bugzilla.suse.com/1225758
https://bugzilla.suse.com/1225820
https://bugzilla.suse.com/1226694
https://bugzilla.suse.com/1228190
https://www.suse.com/security/cve/CVE-2024-53156
https://www.suse.com/security/cve/CVE-2024-53157
https://www.suse.com/security/cve/CVE-2024-53158
https://www.suse.com/security/cve/CVE-2024-53161
https://www.suse.com/security/cve/CVE-2024-53162
https://www.suse.com/security/cve/CVE-2024-53173
https://www.suse.com/security/cve/CVE-2024-53179
https://www.suse.com/security/cve/CVE-2024-53206
https://www.suse.com/security/cve/CVE-2024-53210
https://www.suse.com/security/cve/CVE-2024-53213
https://www.suse.com/security/cve/CVE-2024-53214
https://www.suse.com/security/cve/CVE-2024-53239
https://www.suse.com/security/cve/CVE-2024-53240
https://www.suse.com/security/cve/CVE-2024-53241
https://www.suse.com/security/cve/CVE-2024-56539
https://www.suse.com/security/cve/CVE-2024-56548
https://www.suse.com/security/cve/CVE-2024-56549
https://www.suse.com/security/cve/CVE-2024-56570
https://www.suse.com/security/cve/CVE-2024-56571
https://www.suse.com/security/cve/CVE-2024-56575
https://www.suse.com/security/cve/CVE-2024-56598
https://www.suse.com/security/cve/CVE-2024-56604
https://www.suse.com/security/cve/CVE-2024-56605
https://www.suse.com/security/cve/CVE-2024-56619
https://www.suse.com/security/cve/CVE-2024-56755
https://www.suse.com/security/cve/CVE-2024-8805
https://bugzilla.suse.com/1229809
https://bugzilla.suse.com/1230422
https://bugzilla.suse.com/1230697
https://bugzilla.suse.com/1231388
https://bugzilla.suse.com/1231453
https://bugzilla.suse.com/1231854
https://bugzilla.suse.com/1232045
https://bugzilla.suse.com/1232157
https://bugzilla.suse.com/1232166
https://bugzilla.suse.com/1232419
https://bugzilla.suse.com/1232436
https://bugzilla.suse.com/1232472
https://bugzilla.suse.com/1232823
https://bugzilla.suse.com/1233038
https://bugzilla.suse.com/1233050
https://bugzilla.suse.com/1233070
https://bugzilla.suse.com/1233096
https://bugzilla.suse.com/1233127
https://bugzilla.suse.com/1233200
https://bugzilla.suse.com/1233239
https://bugzilla.suse.com/1233324
https://bugzilla.suse.com/1233467
https://bugzilla.suse.com/1233468
https://bugzilla.suse.com/1233469
https://bugzilla.suse.com/1233485
https://bugzilla.suse.com/1233547
https://bugzilla.suse.com/1233550
https://bugzilla.suse.com/1233558
https://bugzilla.suse.com/1233564
https://bugzilla.suse.com/1233568
https://bugzilla.suse.com/1233637
https://bugzilla.suse.com/1233642
https://bugzilla.suse.com/1233701
https://bugzilla.suse.com/1233769
https://bugzilla.suse.com/1233837
https://bugzilla.suse.com/1234072
https://bugzilla.suse.com/1234073
https://bugzilla.suse.com/1234075
https://bugzilla.suse.com/1234076
https://bugzilla.suse.com/1234077
https://bugzilla.suse.com/1234087
https://bugzilla.suse.com/1234120
https://bugzilla.suse.com/1234156
https://bugzilla.suse.com/1234219
https://bugzilla.suse.com/1234220
https://bugzilla.suse.com/1234240
https://bugzilla.suse.com/1234241
https://bugzilla.suse.com/1234281
https://bugzilla.suse.com/1234282
https://bugzilla.suse.com/1234294
https://bugzilla.suse.com/1234338
https://bugzilla.suse.com/1234357
https://bugzilla.suse.com/1234437
https://bugzilla.suse.com/1234464
https://bugzilla.suse.com/1234605
https://bugzilla.suse.com/1234639
https://bugzilla.suse.com/1234650
https://bugzilla.suse.com/1234727
https://bugzilla.suse.com/1234811
https://bugzilla.suse.com/1234827
https://bugzilla.suse.com/1234834
https://bugzilla.suse.com/1234843
https://bugzilla.suse.com/1234846
https://bugzilla.suse.com/1234853
https://bugzilla.suse.com/1234856
https://bugzilla.suse.com/1234891
https://bugzilla.suse.com/1234912
https://bugzilla.suse.com/1234920
https://bugzilla.suse.com/1234921
https://bugzilla.suse.com/1234960
https://bugzilla.suse.com/1234963
https://bugzilla.suse.com/1234971
https://bugzilla.suse.com/1234973
https://bugzilla.suse.com/1235004
https://bugzilla.suse.com/1235035
https://bugzilla.suse.com/1235037
https://bugzilla.suse.com/1235039
https://bugzilla.suse.com/1235054
https://bugzilla.suse.com/1235056
https://bugzilla.suse.com/1235061
https://bugzilla.suse.com/1235073
https://bugzilla.suse.com/1235220
https://bugzilla.suse.com/1235224
https://bugzilla.suse.com/1235246
https://bugzilla.suse.com/1235507
http://www.nessus.org/u?ba2f223b
https://www.suse.com/security/cve/CVE-2021-47202
https://www.suse.com/security/cve/CVE-2022-36280
https://www.suse.com/security/cve/CVE-2022-48742
https://www.suse.com/security/cve/CVE-2022-49033
https://www.suse.com/security/cve/CVE-2022-49035
https://www.suse.com/security/cve/CVE-2023-1382
https://www.suse.com/security/cve/CVE-2023-33951
https://www.suse.com/security/cve/CVE-2023-33952
https://www.suse.com/security/cve/CVE-2023-52920
https://www.suse.com/security/cve/CVE-2024-24860
https://www.suse.com/security/cve/CVE-2024-26886
https://www.suse.com/security/cve/CVE-2024-26924
https://www.suse.com/security/cve/CVE-2024-36915
https://www.suse.com/security/cve/CVE-2024-42232
https://www.suse.com/security/cve/CVE-2024-44934
https://www.suse.com/security/cve/CVE-2024-47666
https://www.suse.com/security/cve/CVE-2024-47678
https://www.suse.com/security/cve/CVE-2024-49944
https://www.suse.com/security/cve/CVE-2024-49952
https://www.suse.com/security/cve/CVE-2024-50018
https://www.suse.com/security/cve/CVE-2024-50143
https://www.suse.com/security/cve/CVE-2024-50154
https://www.suse.com/security/cve/CVE-2024-50166
https://www.suse.com/security/cve/CVE-2024-50181
https://www.suse.com/security/cve/CVE-2024-50202
https://www.suse.com/security/cve/CVE-2024-50211
https://www.suse.com/security/cve/CVE-2024-50256
https://www.suse.com/security/cve/CVE-2024-50262
https://www.suse.com/security/cve/CVE-2024-50278
https://www.suse.com/security/cve/CVE-2024-50279
https://www.suse.com/security/cve/CVE-2024-50280
https://www.suse.com/security/cve/CVE-2024-50296
https://www.suse.com/security/cve/CVE-2024-53051
https://www.suse.com/security/cve/CVE-2024-53055
https://www.suse.com/security/cve/CVE-2024-53056
https://www.suse.com/security/cve/CVE-2024-53064
https://www.suse.com/security/cve/CVE-2024-53072
https://www.suse.com/security/cve/CVE-2024-53090
https://www.suse.com/security/cve/CVE-2024-53095
https://www.suse.com/security/cve/CVE-2024-53101
https://www.suse.com/security/cve/CVE-2024-53113
https://www.suse.com/security/cve/CVE-2024-53114
https://www.suse.com/security/cve/CVE-2024-53119
https://www.suse.com/security/cve/CVE-2024-53120
https://www.suse.com/security/cve/CVE-2024-53122
https://www.suse.com/security/cve/CVE-2024-53125
https://www.suse.com/security/cve/CVE-2024-53130
https://www.suse.com/security/cve/CVE-2024-53131
https://www.suse.com/security/cve/CVE-2024-53142
Plugin Details
Severity: High
ID: 214457
File Name: suse_SU-2025-0201-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 1/22/2025
Updated: 1/22/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 8.3
Temporal Score: 6.1
Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2024-8805
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:kernel-64kb-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150500_55_91-default, p-cpe:/a:novell:suse_linux:kernel-64kb, p-cpe:/a:novell:suse_linux:kernel-default-livepatch, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 1/21/2025
Vulnerability Publication Date: 7/21/2021
Reference Information
CVE: CVE-2021-47202, CVE-2022-36280, CVE-2022-48742, CVE-2022-49033, CVE-2022-49035, CVE-2023-1382, CVE-2023-33951, CVE-2023-33952, CVE-2023-52920, CVE-2024-24860, CVE-2024-26886, CVE-2024-26924, CVE-2024-36915, CVE-2024-42232, CVE-2024-44934, CVE-2024-47666, CVE-2024-47678, CVE-2024-49944, CVE-2024-49952, CVE-2024-50018, CVE-2024-50143, CVE-2024-50154, CVE-2024-50166, CVE-2024-50181, CVE-2024-50202, CVE-2024-50211, CVE-2024-50256, CVE-2024-50262, CVE-2024-50278, CVE-2024-50279, CVE-2024-50280, CVE-2024-50296, CVE-2024-53051, CVE-2024-53055, CVE-2024-53056, CVE-2024-53064, CVE-2024-53072, CVE-2024-53090, CVE-2024-53095, CVE-2024-53101, CVE-2024-53113, CVE-2024-53114, CVE-2024-53119, CVE-2024-53120, CVE-2024-53122, CVE-2024-53125, CVE-2024-53130, CVE-2024-53131, CVE-2024-53142, CVE-2024-53146, CVE-2024-53150, CVE-2024-53156, CVE-2024-53157, CVE-2024-53158, CVE-2024-53161, CVE-2024-53162, CVE-2024-53173, CVE-2024-53179, CVE-2024-53206, CVE-2024-53210, CVE-2024-53213, CVE-2024-53214, CVE-2024-53239, CVE-2024-53240, CVE-2024-53241, CVE-2024-56539, CVE-2024-56548, CVE-2024-56549, CVE-2024-56570, CVE-2024-56571, CVE-2024-56575, CVE-2024-56598, CVE-2024-56604, CVE-2024-56605, CVE-2024-56619, CVE-2024-56755, CVE-2024-8805
SuSE: SUSE-SU-2025:0201-1