In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroup_get_from_id() must check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused, especially cgroup id is provide from userspace.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - In the Linux kernel, the following vulnerability has been resolved: cgroup: cgroup_get_from_id() must     check the looked-up kn is a directory cgroup has to be one kernfs dir, otherwise kernel panic is caused,     especially cgroup id is provide from userspace. (CVE-2022-48638)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6998 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522)

    * kernel: fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats (CVE-2024-26686)

    * kernel: cgroup: cgroup_get_from_id() must check the looked-up kn is a directory (CVE-2022-48638)

    * kernel: nvme-tcp: fix UAF when detecting digest errors (CVE-2022-48686)

    * kernel: mptcp: ensure snd_nxt is properly initialized on connect (CVE-2024-36889)

    * kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6993 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: uio: Fix use-after-free in uio_open (CVE-2023-52439)

    * kernel: smb: client: fix potential OOBs in smb2_parse_contexts() (CVE-2023-52434)

    * kernel: net: fix possible store tearing in neigh_periodic_work() (CVE-2023-52522)

    * kernel: tunnels: fix out of bounds access when building IPv6 PMTU error (CVE-2024-26665)

    * kernel: hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (CVE-2024-26698)

    * kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (CVE-2024-26772)

    * kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)

    * kernel: x86/xen: Add some null pointer checking to smp.c (CVE-2024-26908)

    * kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)

    * kernel: af_unix: Fix garbage collector racing against connect() (CVE-2024-26923)

    * kernel: cgroup: cgroup_get_from_id() must check the looked-up kn is a directory (CVE-2022-48638)

    * kernel: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (CVE-2024-27020)

    * kernel: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (CVE-2024-27019)

    * kernel: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (CVE-2024-27399)

    * kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (CVE-2024-35898)

    * kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (CVE-2024-35969)

    * kernel: netfilter: nf_tables: honor table dormant flag from netdev release event path (CVE-2024-36005)

    * kernel: hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field     (CVE-2021-47384)

    * kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)

    * kernel: virtio-net: Add validation for used length (CVE-2021-47352)

    * kernel: platform/x86: wmi: Fix opening of char device (CVE-2023-52864)

    * kernel: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (CVE-2023-52811)

    * kernel: bonding: stop the device in bond_setup_by_slave() (CVE-2023-52784)

    * kernel: isdn: mISDN: Fix sleeping function called from invalid context (CVE-2021-47468)

    * kernel: proc/vmcore: fix clearing user buffer by properly using clear_user() (CVE-2021-47566)

    * kernel: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (CVE-2024-36016)

    * kernel: net: core: reject skb_copy(_expand) for fraglist GSO skbs (CVE-2024-36929)

    * kernel: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (CVE-2024-36978)

    * kernel: cpufreq: exit() callback is optional (CVE-2024-38615)

    * kernel: md: fix resync softlockup when bitmap size is less than array size (CVE-2024-38598)

    * kernel: cppc_cpufreq: Fix possible null pointer dereference (CVE-2024-38573)

    * kernel: netfilter: tproxy: bail out if IP has been disabled on the device (CVE-2024-36270)

    * kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (CVE-2024-40995)

    * kernel: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (CVE-2024-41041)

    * kernel: ppp: reject claimed-as-LCP but actually malformed packets (CVE-2024-41044)

    * kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing (CVE-2024-41071)

    * kernel: drm/amdgpu: avoid using null object of framebuffer (CVE-2024-41093)

    * kernel: tcp_metrics: validate source addr length (CVE-2024-42154)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1659-1 advisory.

    The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case (bsc#1222596).
    - CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
    - CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
    - CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
    - CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
    - CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
    - CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714).
    - CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821).
    - CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).
    - CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).
    - CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
    - CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
    - CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
    - CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
    - CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644).
    - CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645).
    - CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646).
    - CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648).
    - CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
    - CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list     (bsc#1223660).
    - CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).
    - CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
    - CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525).
    - CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
    - CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
    - CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path     (bsc#1223196).
    - CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
    - CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
    - CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
    - CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
    - CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).
    - CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066).
    - CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
    - CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024).
    - CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
    - CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter     (bsc#1223076).
    - CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
    - CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052).
    - CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
    - CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).
    - CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
    - CVE-2024-26848: Fixed afs endless loop in directory parsing (bsc#1223030).
    - CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
    - CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
    - CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
    - CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them     (bsc#1222624).
    - CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).
    - CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink  (bsc#1222630).
    - CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp  (bsc#1222428).
    - CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
    - CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found()     (bsc#1222618).
    - CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()     (bsc#1222613).
    - CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma  (bsc#1222610)
    - CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726).
    - CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
    - CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt     (bsc#1222720).
    - CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp  (bsc#1222632).
    - CVE-2024-26751: Fixed ARM/ep93xx terminator to gpiod_lookup_table (bsc#1222724).
    - CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt     (bsc#1222449).
    - CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677).
    - CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel     (bsc#1222557).
    - CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
    - CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already gets read (bsc#1222536).
    - CVE-2024-26718: Fixed dm-crypt/dm-verity disable tasklets (bsc#1222416).
    - CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
    - CVE-2024-26696: Fixed nilfs2 hang in nilfs_lookup_dirty_data_buffers() (bsc#1222549).
    - CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
    - CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
    - CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write (bsc#1222437).
    - CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).
    - CVE-2024-26681: Fixed netdevsim to avoid potential loop in nsim_dev_trap_report_work() (bsc#1222431).
    - CVE-2024-26680: Fixed net/atlantic DMA mapping for PTP hwts ring (bsc#1222427).
    - CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
    - CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
    - CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
    - CVE-2024-26660: Fixed drm/amd/display bounds check for stream encoder creation (bsc#1222266).
    - CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
    - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
    - CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
    - CVE-2024-23850: Fixed double free of anonymous device after snapshot  creation failure (bsc#1219126).
    - CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
    - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5     modules (bsc#1219169).
    - CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
    - CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs     (HugeTLB pages) functionality (bsc#1219264).
    - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init     in net/sctp/socket.c (bsc#1218917).
    - CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
    - CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
    - CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
    - CVE-2023-52636: Fixed libceph cursor init when preparing sparse read in msgr2 (bsc#1222247).
    - CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
    - CVE-2023-52627: Fixed iio:adc:ad7091r exports into IIO_AD7091R namespace (bsc#1222051).
    - CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from     userspace (bsc#1221825).
    - CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612).
    - CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
    - CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042).
    - CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
    - CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
    - CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
    - CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in     amdgpu_ras_query_error_status_helper() (bsc#1221080).
    - CVE-2023-52561: Fixed arm64/dts/qcom/sdm845-db845c to mark cont splash memory region (bsc#1220935).
    - CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).
    - CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO     (bsc#1221162).
    - CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505).
    - CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498).
    - CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context     (bsc#1223496).
    - CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
    - CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478).
    - CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id     (bsc#1223499).
    - CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0     (bsc#1223475).
    - CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte()     (bsc#1222710).
    - CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)
    - CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and     drm_gem_ttm_mmap() (bsc#1222838).
    - CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).
    - CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work     functions in btrfs (bsc#1222706).
    - CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
    - CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145,     bsc#1222664).
    - CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).
    - CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource()     (bsc#1222660).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1644-1 advisory.

    The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
    - CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
    - CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
    - CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
    - CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
    - CVE-2024-27042: Fixed drm/amdgpu for potential out-of-bounds access in amdgpu_discovery_reg_base_init()     (bsc#1223823).
    - CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714).
    - CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821).
    - CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).
    - CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).
    - CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
    - CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
    - CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
    - CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
    - CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644).
    - CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645).
    - CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646).
    - CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648).
    - CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
    - CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list     (bsc#1223660).
    - CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).
    - CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
    - CVE-2024-26939: Fixed drm/i915/vma UAF on destroy against retire race (bsc#1223679).
    - CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525).
    - CVE-2024-26915: Fixed drm/amdgpu reset IH OVERFLOW_CLEAR bit (bsc#1223207).
    - CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
    - CVE-2024-26898: Fixed aoe potential use-after-free problem in aoecmd_cfg_pkts (bsc#1223016).
    - CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
    - CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path     (bsc#1223196).
    - CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
    - CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
    - CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
    - CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
    - CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).
    - CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066).
    - CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
    - CVE-2024-26876: Fixed drm/bridge/adv7511 crash on irq during probe (bsc#1223119).
    - CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024).
    - CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
    - CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter     (bsc#1223076).
    - CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
    - CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052).
    - CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
    - CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).
    - CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
    - CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
    - CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
    - CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012).
    - CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
    - CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them     (bsc#1222624).
    - CVE-2024-26791: Fixed btrfs/dev-replace properly validate device names (bsc#1222793).
    - CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
    - CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found()     (bsc#1222618).
    - CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()     (bsc#1222613).
    - CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726).
    - CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
    - CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
    - CVE-2024-26700: Fixed drm/amd/display MST Null pointer dereference  for RV (bsc#1222870).
    - CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
    - CVE-2024-26679: Fixed inet read sk->sk_family once in inet_recv_error() (bsc#1222385).
    - CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
    - CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
    - CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
    - CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
    - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
    - CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
    - CVE-2024-23850: Fixed double free of anonymous device after snapshot  creation failure (bsc#1219126).
    - CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
    - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5     modules (bsc#1219169).
    - CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
    - CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
    - CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs     (HugeTLB pages) functionality (bsc#1219264).
    - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init     in net/sctp/socket.c (bsc#1218917).
    - CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
    - CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
    - CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
    - CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
    - CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from     userspace (bsc#1221825).
    - CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612).
    - CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
    - CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042).
    - CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
    - CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
    - CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
    - CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in     amdgpu_ras_query_error_status_helper() (bsc#1221080).
    - CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505).
    - CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498).
    - CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context     (bsc#1223496).
    - CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
    - CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478).
    - CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id     (bsc#1223499).
    - CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0     (bsc#1223475).
    - CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte()     (bsc#1222710).
    - CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
    - CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
    - CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
    - CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)
    - CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and     drm_gem_ttm_mmap() (bsc#1222838).
    - CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).
    - CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
    - CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1641-1 advisory.

    The SUSE Linux Enterprise 15 SP4 LTSS kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
    - CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
    - CVE-2024-26816: Ignore relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).
    - CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found()     (bsc#1222618).
    - CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726).
    - CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
    - CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
    - CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already gets read (bsc#1222536).
    - CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
    - CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
    - CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
    - CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
    - CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
    - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
    - CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
    - CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725).
    - CVE-2024-23850: Fixed double free of anonymous device after snapshot  creation failure (bsc#1219126).
    - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5     modules (bsc#1219169).
    - CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
    - CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs     (HugeTLB pages) functionality (bsc#1219264).
    - CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in     net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
    - CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev()     (bsc#1218336).
    - CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
    - CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
    - CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612).
    - CVE-2023-52607: Fixed NULL pointer dereference in pgtable_cache_add kasprintf() (bsc#1221061).
    - CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
    - CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
    - CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command     (bsc#1220883).
    - CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
    - CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential     information disclosure or a denial of service (bsc#1215221).
    - CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system     (bsc#1209657).
    - CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505).
    - CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
    - CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878)
    - CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832).
    - CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work     functions in btrfs (bsc#1222706).
    - CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
    - CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145,     bsc#1222664).
    - CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).
    - CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource()     (bsc#1222660).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1642-1 advisory.

    The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
    - CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).
    - CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).
    - CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
    - CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets     (bsc#1220513).
    - CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
    - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init     in net/sctp/socket.c (bsc#1218917).
    - CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
    - CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0     (bsc#1223475).
    - CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5     modules (bsc#1219169).
    - CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
    - CVE-2024-26906: Disallowed vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
    - CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them     (bsc#1222624).
    - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
    - CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
    - CVE-2021-47041: Don't set sk_user_data without write_lock (bsc#1220755).
    - CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).
    - CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt     (bsc#1222449).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of kernel installed on the remote host is prior to 5.15.73-48.135. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2022-009 advisory.

    A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root     (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD     CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)

    A flaw was found in the Linux kernel in vDPA with VDUSE backend. There were no checks in VDUSE kernel     driver to ensure the size of the device config space was in line with the features advertised by the VDUSE     userspace application. In case of a mismatch, Virtio drivers config read helpers did not initialize the     memory indirectly passed to vduse_vdpa_get_config() returning uninitialized memory from the stack. Such     memory was not directly propagated to userspace, although under some circumstances it could be printed in     the kernel logs. (CVE-2022-2308)

    A use-after-free flaw was found in the Linux kernel's Unix socket Garbage Collection and io_uring. This     flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-2602)

    A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function     security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use     this flaw to crash the system or potentially escalate their privileges on the system. (CVE-2022-2978)

    Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver     through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by     zero error. (CVE-2022-3061)

    An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in     drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an     integer overflow and bypassing the size check. After that, because it is used as the third argument to     copy_from_user(), a heap overflow may occur. (CVE-2022-39842)

    This vulnerability allows local attackers to disclose sensitive information on affected installations of     the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the     target system in order to exploit this vulnerability. The specific flaw exists within the nft_osf_eval     function. The issue results from the lack of proper initialization of memory prior to accessing it. An     attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the     context of the kernel. Was ZDI-CAN-18540. (CVE-2022-42432)

    drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-     space client to corrupt the monitor's internal memory. (CVE-2022-43750)

    In the Linux kernel, the following vulnerability has been resolved:

    ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 (CVE-2022-48631)

    In the Linux kernel, the following vulnerability has been resolved:

    cgroup: cgroup_get_from_id() must check the looked-up kn is a directory (CVE-2022-48638)

    In the Linux kernel, the following vulnerability has been resolved:

    net: sched: fix possible refcount leak in tc_new_tfilter() (CVE-2022-48639)

    In the Linux kernel, the following vulnerability has been resolved:

    bonding: fix NULL deref in bond_rr_gen_slave_id (CVE-2022-48640)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: ebtables: fix memory leak when blob is malformed (CVE-2022-48641)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain() (CVE-2022-48642)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain() (CVE-2022-48643)

    In the Linux kernel, the following vulnerability has been resolved:

    net/sched: taprio: avoid disabling offload when it was never enabled (CVE-2022-48644)

    In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused     by unset skb->mac_header If an AF_PACKET socket is used to send packets through ipvlan and the default     xmit function of the AF_PACKET socket is changed from dev_queue_xmit() to packet_direct_xmit() via     setsockopt() with the option name of PACKET_QDISC_BYPASS, the skb->mac_header may not be reset and remains     as the initial value of 65535, this may trigger slab-out-of-bounds bugs as following: (CVE-2022-48651)

    In the Linux kernel, the following vulnerability has been resolved:

    netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() (CVE-2022-48654)

    In the Linux kernel, the following vulnerability has been resolved:

    arm64: topology: fix possible overflow in amu_fie_setup() (CVE-2022-48657)

    In the Linux kernel, the following vulnerability has been resolved: mm: slub: fix     flush_cpu_slab()/__free_slab() invocations in task context. Commit 5a836bf6b09f (mm: slub: move     flush_cpu_slab() invocations __free_slab() invocations out of IRQ context) moved all flush_cpu_slab()     invocations to the global workqueue to avoid a problem related with deactivate_slab()/__free_slab() being     called from an IRQ context on PREEMPT_RT kernels. (CVE-2022-48658)

    In the Linux kernel, the following vulnerability has been resolved:

    mm/slub: fix to return errno if kmalloc() fails (CVE-2022-48659)

    In the Linux kernel, the following vulnerability has been resolved:

    gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully (CVE-2022-48660)

    In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Really move     i915_gem_context.link under ref protection i915_perf assumes that it can use the i915_gem_context     reference to protect its i915->gem.contexts.list iteration. However, this requires that we do not remove     the context from the list until after we drop the final reference and release the struct. If, as     currently, we remove the context from the list during context_close(), the link.next pointer may be     poisoned while we are holding the context reference and cause a GPF (CVE-2022-48662)

    In the Linux kernel, the following vulnerability has been resolved:

    btrfs: fix hang during unmount when stopping a space reclaim worker (CVE-2022-48664)

    In the Linux kernel, the following vulnerability has been resolved:

    cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() (CVE-2022-48671)

    In the Linux kernel, the following vulnerability has been resolved:

    of: fdt: fix off-by-one error in unflatten_dt_nodes() (CVE-2022-48672)

    In the Linux kernel, the following vulnerability has been resolved:

    io_uring/af_unix: defer registered files gc to io_uring release (CVE-2022-50234)

    In the Linux kernel, the following vulnerability has been resolved:

    fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-50367)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
225276	Linux Distros Unpatched Vulnerability : CVE-2022-48638	Nessus	Misc.	medium
207693	RHEL 8 : kernel (RHSA-2024:6998)	Nessus	Red Hat Local Security Checks	high
207689	RHEL 8 : kernel (RHSA-2024:6993)	Nessus	Red Hat Local Security Checks	high
197174	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1659-1)	Nessus	SuSE Local Security Checks	high
197056	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1644-1)	Nessus	SuSE Local Security Checks	high
197051	SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1641-1)	Nessus	SuSE Local Security Checks	high
197045	SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1642-1)	Nessus	SuSE Local Security Checks	high
166501	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2022-009 (ALASKERNEL-5.15-2022-009)	Nessus	Amazon Linux Local Security Checks	high

Detections

Analytics

CVE-2022-48638

medium

Tenable Plugins

medium

high

high

high

high

high

high

high