Detections
Analytics
SUSE SLES15 Security Update : kernel (SUSE-SU-2025:0784-1)
high Nessus Plugin ID 232209
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0784-1 advisory.The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26708: mptcp: fastopen and PM-trigger subflow shutdown can race (bsc#1222672).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50185: mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-56568: iommu/arm-smmu: Defer probe of clients after smmu device bound (bsc#1235032).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1012628
https://bugzilla.suse.com/1215199
https://bugzilla.suse.com/1219367
https://bugzilla.suse.com/1222672
https://bugzilla.suse.com/1222803
https://bugzilla.suse.com/1225742
https://bugzilla.suse.com/1225981
https://bugzilla.suse.com/1228521
https://bugzilla.suse.com/1230235
https://bugzilla.suse.com/1230438
https://bugzilla.suse.com/1230439
https://bugzilla.suse.com/1231920
https://bugzilla.suse.com/1232159
https://bugzilla.suse.com/1232198
https://bugzilla.suse.com/1232201
https://bugzilla.suse.com/1232508
https://bugzilla.suse.com/1232520
https://bugzilla.suse.com/1232919
https://bugzilla.suse.com/1233109
https://bugzilla.suse.com/1234853
https://bugzilla.suse.com/1234857
https://bugzilla.suse.com/1234891
https://bugzilla.suse.com/1234963
https://bugzilla.suse.com/1235032
https://bugzilla.suse.com/1235054
https://bugzilla.suse.com/1235061
https://bugzilla.suse.com/1235073
https://bugzilla.suse.com/1235435
https://bugzilla.suse.com/1235592
https://bugzilla.suse.com/1235609
https://bugzilla.suse.com/1235932
https://bugzilla.suse.com/1235933
https://bugzilla.suse.com/1236113
https://bugzilla.suse.com/1236114
https://bugzilla.suse.com/1236115
https://bugzilla.suse.com/1236122
https://bugzilla.suse.com/1236123
https://bugzilla.suse.com/1236133
https://bugzilla.suse.com/1236138
https://bugzilla.suse.com/1236199
https://bugzilla.suse.com/1236200
https://bugzilla.suse.com/1236203
https://bugzilla.suse.com/1236205
https://bugzilla.suse.com/1236573
https://bugzilla.suse.com/1236575
https://bugzilla.suse.com/1236576
https://bugzilla.suse.com/1236591
https://bugzilla.suse.com/1236661
https://bugzilla.suse.com/1236677
https://bugzilla.suse.com/1236700
https://bugzilla.suse.com/1236752
https://bugzilla.suse.com/1236821
https://bugzilla.suse.com/1236822
https://bugzilla.suse.com/1236896
https://bugzilla.suse.com/1236897
https://bugzilla.suse.com/1236952
https://bugzilla.suse.com/1236967
https://bugzilla.suse.com/1236994
https://bugzilla.suse.com/1237007
https://bugzilla.suse.com/1237017
https://bugzilla.suse.com/1237025
https://bugzilla.suse.com/1237028
https://bugzilla.suse.com/1237045
https://bugzilla.suse.com/1237126
https://bugzilla.suse.com/1237132
https://bugzilla.suse.com/1237139
https://bugzilla.suse.com/1237155
https://bugzilla.suse.com/1237158
https://bugzilla.suse.com/1237159
https://bugzilla.suse.com/1237232
https://bugzilla.suse.com/1237234
https://bugzilla.suse.com/1237325
https://bugzilla.suse.com/1237415
https://bugzilla.suse.com/1237452
https://bugzilla.suse.com/1237558
https://bugzilla.suse.com/1237562
https://bugzilla.suse.com/1237563
http://www.nessus.org/u?f25d20ed
https://www.suse.com/security/cve/CVE-2023-52924
https://www.suse.com/security/cve/CVE-2023-52925
https://www.suse.com/security/cve/CVE-2024-26708
https://www.suse.com/security/cve/CVE-2024-26810
https://www.suse.com/security/cve/CVE-2024-41055
https://www.suse.com/security/cve/CVE-2024-44974
https://www.suse.com/security/cve/CVE-2024-45009
https://www.suse.com/security/cve/CVE-2024-45010
https://www.suse.com/security/cve/CVE-2024-47701
https://www.suse.com/security/cve/CVE-2024-49884
https://www.suse.com/security/cve/CVE-2024-49950
https://www.suse.com/security/cve/CVE-2024-50073
https://www.suse.com/security/cve/CVE-2024-50085
https://www.suse.com/security/cve/CVE-2024-50115
https://www.suse.com/security/cve/CVE-2024-50185
https://www.suse.com/security/cve/CVE-2024-53147
https://www.suse.com/security/cve/CVE-2024-53173
https://www.suse.com/security/cve/CVE-2024-53226
https://www.suse.com/security/cve/CVE-2024-53239
https://www.suse.com/security/cve/CVE-2024-56539
https://www.suse.com/security/cve/CVE-2024-56548
https://www.suse.com/security/cve/CVE-2024-56568
https://www.suse.com/security/cve/CVE-2024-56579
https://www.suse.com/security/cve/CVE-2024-56605
https://www.suse.com/security/cve/CVE-2024-56647
https://www.suse.com/security/cve/CVE-2024-56720
https://www.suse.com/security/cve/CVE-2024-57889
https://www.suse.com/security/cve/CVE-2024-57948
https://www.suse.com/security/cve/CVE-2025-21636
https://www.suse.com/security/cve/CVE-2025-21637
https://www.suse.com/security/cve/CVE-2025-21638
https://www.suse.com/security/cve/CVE-2025-21639
https://www.suse.com/security/cve/CVE-2025-21640
https://www.suse.com/security/cve/CVE-2025-21647
https://www.suse.com/security/cve/CVE-2025-21680
https://www.suse.com/security/cve/CVE-2025-21684
https://www.suse.com/security/cve/CVE-2025-21687
https://www.suse.com/security/cve/CVE-2025-21688
https://www.suse.com/security/cve/CVE-2025-21689
https://www.suse.com/security/cve/CVE-2025-21690
https://www.suse.com/security/cve/CVE-2025-21692
https://www.suse.com/security/cve/CVE-2025-21697
Plugin Details
Severity: High
ID: 232209
File Name: suse_SU-2025-0784-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 3/6/2025
Updated: 3/6/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2025-21692
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-coco_debug, p-cpe:/a:novell:suse_linux:kernel-syms-coco, p-cpe:/a:novell:suse_linux:kernel-coco, p-cpe:/a:novell:suse_linux:kernel-source-coco, p-cpe:/a:novell:suse_linux:kernel-coco_debug-devel, p-cpe:/a:novell:suse_linux:kernel-devel-coco, p-cpe:/a:novell:suse_linux:reiserfs-kmp-coco, p-cpe:/a:novell:suse_linux:kernel-coco-devel, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 3/5/2025
Vulnerability Publication Date: 4/3/2024
Reference Information
CVE: CVE-2023-52924, CVE-2023-52925, CVE-2024-26708, CVE-2024-26810, CVE-2024-41055, CVE-2024-44974, CVE-2024-45009, CVE-2024-45010, CVE-2024-47701, CVE-2024-49884, CVE-2024-49950, CVE-2024-50073, CVE-2024-50085, CVE-2024-50115, CVE-2024-50185, CVE-2024-53147, CVE-2024-53173, CVE-2024-53226, CVE-2024-53239, CVE-2024-56539, CVE-2024-56548, CVE-2024-56568, CVE-2024-56579, CVE-2024-56605, CVE-2024-56647, CVE-2024-56720, CVE-2024-57889, CVE-2024-57948, CVE-2025-21636, CVE-2025-21637, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21647, CVE-2025-21680, CVE-2025-21684, CVE-2025-21687, CVE-2025-21688, CVE-2025-21689, CVE-2025-21690, CVE-2025-21692, CVE-2025-21697, CVE-2025-21699, CVE-2025-21700
SuSE: SUSE-SU-2025:0784-1