Detections
Analytics

SUSE SLES12 Security Update : kernel (SUSE-SU-2025:0565-1)

high Nessus Plugin ID 216454

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0565-1 advisory.

 The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.


 The following security bugs were fixed:

 - CVE-2021-47222: net: bridge: fix vlan tunnel dst refcnt when egressing (bsc#1224857).
 - CVE-2021-47223: net: bridge: fix vlan tunnel dst null pointer dereference (bsc#1224856).
 - CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1222072).
 - CVE-2024-47809: dlm: fix possible lkb_resource null dereference (bsc#1235714).
 - CVE-2024-48881: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (bsc#1235727).
 - CVE-2024-49948: net: add more sanity checks to qdisc_pkt_len_init() (bsc#1232161).
 - CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
 - CVE-2024-52332: igb: Fix potential invalid memory access in igb_init_module() (bsc#1235700).
 - CVE-2024-53155: ocfs2: fix uninitialized value in ocfs2_file_read_iter() (bsc#1234855).
 - CVE-2024-53185: smb: client: fix NULL ptr deref in crypto_aead_setkey() (bsc#1234901).
 - CVE-2024-53197: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (bsc#1235464).
 - CVE-2024-53227: scsi: bfa: Fix use-after-free in bfad_im_module_exit() (bsc#1235011).
 - CVE-2024-55916: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (bsc#1235747).
 - CVE-2024-56369: drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() (bsc#1235750).
 - CVE-2024-56532: ALSA: us122l: Use snd_card_free_when_closed() at disconnection (bsc#1235059).
 - CVE-2024-56533: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection (bsc#1235053).
 - CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).
 - CVE-2024-56574: media: ts2020: fix null-ptr-deref in ts2020_probe() (bsc#1235040).
 - CVE-2024-56593: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (bsc#1235252).
 - CVE-2024-56594: drm/amdgpu: set the right AMDGPU sg segment limitation (bsc#1235413).
 - CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235217).
 - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235230).
 - CVE-2024-56615: bpf: fix OOB devmap writes when deleting elements (bsc#1235426).
 - CVE-2024-56623: scsi: qla2xxx: Fix use after free on unload (bsc#1235466).
 - CVE-2024-56630: ocfs2: free inode when ocfs2_get_init_inode() fails (bsc#1235479).
 - CVE-2024-56637: netfilter: ipset: Hold module reference while requesting a module (bsc#1235523).
 - CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526).
 - CVE-2024-56643: dccp: Fix memory leak in dccp_feat_change_recv (bsc#1235132).
 - CVE-2024-56650: netfilter: x_tables: fix LED ID check in led_tg_check() (bsc#1235430).
 - CVE-2024-56662: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (bsc#1235533).
 - CVE-2024-56681: crypto: bcm - add error check in the ahash_hmac_init function (bsc#1235557).
 - CVE-2024-56700: media: wl128x: Fix atomicity violation in fmc_send_cmd() (bsc#1235500).
 - CVE-2024-56722: RDMA/hns: Fix cpu stuck caused by printings during reset (bsc#1235570).
 - CVE-2024-56739: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (bsc#1235611).
 - CVE-2024-56747: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (bsc#1234934).
 - CVE-2024-56748: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (bsc#1235627).
 - CVE-2024-56759: btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645).
 - CVE-2024-56763: tracing: Prevent bad count for tracing_cpumask_write (bsc#1235638).
 - CVE-2024-56769: media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (bsc#1235155).
 - CVE-2024-57884: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (bsc#1235948).
 - CVE-2024-57890: RDMA/uverbs: Prevent integer overflow issue (bsc#1235919).
 - CVE-2024-57896: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount (bsc#1235965).
 - CVE-2024-57899: wifi: mac80211: fix mbss changed flags corruption on 32 bit systems (bsc#1235924).
 - CVE-2024-57903: net: restrict SO_REUSEPORT to inet sockets (bsc#1235967).
 - CVE-2024-57922: drm/amd/display: Add check for granularity in dml ceil/floor helpers (bsc#1236080).
 - CVE-2024-57929: dm array: fix releasing a faulty array block twice in dm_array_cursor_end (bsc#1236096).
 - CVE-2024-57931: selinux: ignore unknown extended permissions (bsc#1236192).
 - CVE-2024-57932: gve: guard XDP xmit NDO on existence of xdp queues (bsc#1236190).
 - CVE-2024-57938: net/sctp: Prevent autoclose integer overflow in sctp_association_init() (bsc#1236182).
 - CVE-2025-21653: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (bsc#1236161).
 - CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first function (bsc#1236262).
 - CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
 - CVE-2025-21682: eth: bnxt: always recalculate features after XDP clearing, fix null-deref (bsc#1236703).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1221282

https://bugzilla.suse.com/1222072

https://bugzilla.suse.com/1222803

https://bugzilla.suse.com/1224856

https://bugzilla.suse.com/1224857

https://bugzilla.suse.com/1232161

https://bugzilla.suse.com/1233028

https://bugzilla.suse.com/1234855

https://bugzilla.suse.com/1234901

https://bugzilla.suse.com/1234931

https://bugzilla.suse.com/1234934

https://bugzilla.suse.com/1234963

https://bugzilla.suse.com/1235011

https://bugzilla.suse.com/1235040

https://bugzilla.suse.com/1235053

https://bugzilla.suse.com/1235059

https://bugzilla.suse.com/1235132

https://bugzilla.suse.com/1235155

https://bugzilla.suse.com/1235217

https://bugzilla.suse.com/1235230

https://bugzilla.suse.com/1235252

https://bugzilla.suse.com/1235413

https://bugzilla.suse.com/1235426

https://bugzilla.suse.com/1235430

https://bugzilla.suse.com/1235433

https://bugzilla.suse.com/1235464

https://bugzilla.suse.com/1235466

https://bugzilla.suse.com/1235479

https://bugzilla.suse.com/1235500

https://bugzilla.suse.com/1235523

https://bugzilla.suse.com/1235526

https://bugzilla.suse.com/1235533

https://bugzilla.suse.com/1235557

https://bugzilla.suse.com/1235570

https://bugzilla.suse.com/1235611

https://bugzilla.suse.com/1235627

https://bugzilla.suse.com/1235638

https://bugzilla.suse.com/1235645

https://bugzilla.suse.com/1235700

https://bugzilla.suse.com/1235714

https://bugzilla.suse.com/1235727

https://bugzilla.suse.com/1235747

https://bugzilla.suse.com/1235750

https://bugzilla.suse.com/1235919

https://bugzilla.suse.com/1235924

https://bugzilla.suse.com/1235948

https://bugzilla.suse.com/1235965

https://bugzilla.suse.com/1235967

https://bugzilla.suse.com/1236080

https://bugzilla.suse.com/1236096

https://bugzilla.suse.com/1236161

https://bugzilla.suse.com/1236182

https://bugzilla.suse.com/1236190

https://bugzilla.suse.com/1236192

https://bugzilla.suse.com/1236262

https://bugzilla.suse.com/1236698

https://bugzilla.suse.com/1236703

http://www.nessus.org/u?ee0d8a43

https://www.suse.com/security/cve/CVE-2021-47222

https://www.suse.com/security/cve/CVE-2021-47223

https://www.suse.com/security/cve/CVE-2024-26644

https://www.suse.com/security/cve/CVE-2024-47809

https://www.suse.com/security/cve/CVE-2024-48881

https://www.suse.com/security/cve/CVE-2024-49948

https://www.suse.com/security/cve/CVE-2024-50142

https://www.suse.com/security/cve/CVE-2024-52332

https://www.suse.com/security/cve/CVE-2024-53155

https://www.suse.com/security/cve/CVE-2024-53185

https://www.suse.com/security/cve/CVE-2024-53197

https://www.suse.com/security/cve/CVE-2024-53227

https://www.suse.com/security/cve/CVE-2024-55916

https://www.suse.com/security/cve/CVE-2024-56369

https://www.suse.com/security/cve/CVE-2024-56532

https://www.suse.com/security/cve/CVE-2024-56533

https://www.suse.com/security/cve/CVE-2024-56539

https://www.suse.com/security/cve/CVE-2024-56574

https://www.suse.com/security/cve/CVE-2024-56593

https://www.suse.com/security/cve/CVE-2024-56594

https://www.suse.com/security/cve/CVE-2024-56600

https://www.suse.com/security/cve/CVE-2024-56601

https://www.suse.com/security/cve/CVE-2024-56615

https://www.suse.com/security/cve/CVE-2024-56623

https://www.suse.com/security/cve/CVE-2024-56630

https://www.suse.com/security/cve/CVE-2024-56637

https://www.suse.com/security/cve/CVE-2024-56641

https://www.suse.com/security/cve/CVE-2024-56643

https://www.suse.com/security/cve/CVE-2024-56650

https://www.suse.com/security/cve/CVE-2024-56661

https://www.suse.com/security/cve/CVE-2024-56662

https://www.suse.com/security/cve/CVE-2024-56681

https://www.suse.com/security/cve/CVE-2024-56700

https://www.suse.com/security/cve/CVE-2024-56722

https://www.suse.com/security/cve/CVE-2024-56739

https://www.suse.com/security/cve/CVE-2024-56747

https://www.suse.com/security/cve/CVE-2024-56748

https://www.suse.com/security/cve/CVE-2024-56759

https://www.suse.com/security/cve/CVE-2024-56763

https://www.suse.com/security/cve/CVE-2024-56769

https://www.suse.com/security/cve/CVE-2024-57884

https://www.suse.com/security/cve/CVE-2024-57890

https://www.suse.com/security/cve/CVE-2024-57896

https://www.suse.com/security/cve/CVE-2024-57899

https://www.suse.com/security/cve/CVE-2024-57903

https://www.suse.com/security/cve/CVE-2024-57922

https://www.suse.com/security/cve/CVE-2024-57929

https://www.suse.com/security/cve/CVE-2024-57931

https://www.suse.com/security/cve/CVE-2024-57932

https://www.suse.com/security/cve/CVE-2024-57938

https://www.suse.com/security/cve/CVE-2025-21653

https://www.suse.com/security/cve/CVE-2025-21664

https://www.suse.com/security/cve/CVE-2025-21678

https://www.suse.com/security/cve/CVE-2025-21682

Plugin Details

Severity: High

ID: 216454

File Name: suse_SU-2025-0565-1.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2/19/2025

Updated: 2/19/2025

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-57896

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_247-default, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-kgraft, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-default-man

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2/17/2025

Vulnerability Publication Date: 7/21/2021

Reference Information

CVE: CVE-2021-47222, CVE-2021-47223, CVE-2024-26644, CVE-2024-47809, CVE-2024-48881, CVE-2024-49948, CVE-2024-50142, CVE-2024-52332, CVE-2024-53155, CVE-2024-53185, CVE-2024-53197, CVE-2024-53227, CVE-2024-55916, CVE-2024-56369, CVE-2024-56532, CVE-2024-56533, CVE-2024-56539, CVE-2024-56574, CVE-2024-56593, CVE-2024-56594, CVE-2024-56600, CVE-2024-56601, CVE-2024-56615, CVE-2024-56623, CVE-2024-56630, CVE-2024-56637, CVE-2024-56641, CVE-2024-56643, CVE-2024-56650, CVE-2024-56661, CVE-2024-56662, CVE-2024-56681, CVE-2024-56700, CVE-2024-56722, CVE-2024-56739, CVE-2024-56747, CVE-2024-56748, CVE-2024-56759, CVE-2024-56763, CVE-2024-56769, CVE-2024-57884, CVE-2024-57890, CVE-2024-57896, CVE-2024-57899, CVE-2024-57903, CVE-2024-57922, CVE-2024-57929, CVE-2024-57931, CVE-2024-57932, CVE-2024-57938, CVE-2025-21653, CVE-2025-21664, CVE-2025-21678, CVE-2025-21682

SuSE: SUSE-SU-2025:0565-1