In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback() There is a deadlock in rtw_surveydone_event_callback(), which is shown below: (Thread 1) | (Thread 2) | _set_timer() rtw_surveydone_event_callback()| mod_timer() spin_lock_bh() //(1) | (wait a time) ... | rtw_scan_timeout_handler() del_timer_sync() | spin_lock_bh() //(2) (wait timer to stop) | ... We hold pmlmepriv->lock in position (1) of thread 1 and use del_timer_sync() to wait timer to stop, but timer handler also need pmlmepriv->lock in position (2) of thread 2. As a result, rtw_surveydone_event_callback() will block forever. This patch extracts del_timer_sync() from the protection of spin_lock_bh(), which could let timer handler to obtain the needed lock. What`s more, we change spin_lock_bh() in rtw_scan_timeout_handler() to spin_lock_irq(). Otherwise, spin_lock_bh() will also cause deadlock() in timer handler.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4178 advisory.

    -------------------------------------------------------------------------     Debian LTS Advisory DLA-4178-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                        Ben Hutchings     May 25, 2025                                  https://wiki.debian.org/LTS
    -------------------------------------------------------------------------

    Package        : linux     Version        : 5.10.237-1     CVE ID         : CVE-2021-47247 CVE-2021-47489 CVE-2022-48893 CVE-2022-49046                      CVE-2022-49190 CVE-2022-49219 CVE-2022-49309 CVE-2022-49546                      CVE-2022-49728 CVE-2023-52572 CVE-2023-52621 CVE-2023-52752                      CVE-2023-52757 CVE-2023-53034 CVE-2024-26686 CVE-2024-26928                      CVE-2024-26982 CVE-2024-35867 CVE-2024-35943 CVE-2024-36908                      CVE-2024-38611 CVE-2024-39494 CVE-2024-41073 CVE-2024-42322                      CVE-2024-44938 CVE-2024-46753 CVE-2024-46812 CVE-2024-46816                      CVE-2024-46821 CVE-2024-47726 CVE-2024-47730 CVE-2024-49960                      CVE-2024-50047 CVE-2024-50154 CVE-2024-50280 CVE-2024-53144                      CVE-2024-54458 CVE-2024-56599 CVE-2024-56608 CVE-2024-56658                      CVE-2024-56664 CVE-2024-57834 CVE-2024-57973 CVE-2024-57977                      CVE-2024-57979 CVE-2024-57980 CVE-2024-57981 CVE-2024-57986                      CVE-2024-58001 CVE-2024-58002 CVE-2024-58005 CVE-2024-58007                      CVE-2024-58010 CVE-2024-58014 CVE-2024-58016 CVE-2024-58017                      CVE-2024-58020 CVE-2024-58051 CVE-2024-58052 CVE-2024-58055                      CVE-2024-58058 CVE-2024-58063 CVE-2024-58069 CVE-2024-58071                      CVE-2024-58072 CVE-2024-58083 CVE-2024-58085 CVE-2024-58090                      CVE-2025-21647 CVE-2025-21700 CVE-2025-21702 CVE-2025-21704                      CVE-2025-21708 CVE-2025-21711 CVE-2025-21715 CVE-2025-21718                      CVE-2025-21719 CVE-2025-21721 CVE-2025-21722 CVE-2025-21726                      CVE-2025-21727 CVE-2025-21728 CVE-2025-21731 CVE-2025-21735                      CVE-2025-21736 CVE-2025-21744 CVE-2025-21745 CVE-2025-21749                      CVE-2025-21753 CVE-2025-21756 CVE-2025-21760 CVE-2025-21761                      CVE-2025-21762 CVE-2025-21763 CVE-2025-21764 CVE-2025-21765                      CVE-2025-21767 CVE-2025-21772 CVE-2025-21776 CVE-2025-21779                      CVE-2025-21781 CVE-2025-21782 CVE-2025-21785 CVE-2025-21787                      CVE-2025-21791 CVE-2025-21795 CVE-2025-21796 CVE-2025-21799                      CVE-2025-21802 CVE-2025-21804 CVE-2025-21806 CVE-2025-21811                      CVE-2025-21814 CVE-2025-21823 CVE-2025-21826 CVE-2025-21835                      CVE-2025-21844 CVE-2025-21846 CVE-2025-21848 CVE-2025-21853                      CVE-2025-21858 CVE-2025-21859 CVE-2025-21862 CVE-2025-21871                      CVE-2025-21872 CVE-2025-21875 CVE-2025-21877 CVE-2025-21878                      CVE-2025-21898 CVE-2025-21904 CVE-2025-21905 CVE-2025-21909                      CVE-2025-21910 CVE-2025-21914 CVE-2025-21916 CVE-2025-21917                      CVE-2025-21920 CVE-2025-21922 CVE-2025-21925 CVE-2025-21926                      CVE-2025-21928 CVE-2025-21934 CVE-2025-21935 CVE-2025-21941                      CVE-2025-21943 CVE-2025-21948 CVE-2025-21956 CVE-2025-21957                      CVE-2025-21959 CVE-2025-21968 CVE-2025-21971 CVE-2025-21975                      CVE-2025-21981 CVE-2025-21991 CVE-2025-21992 CVE-2025-21993                      CVE-2025-21996 CVE-2025-21999 CVE-2025-22004 CVE-2025-22005                      CVE-2025-22007 CVE-2025-22008 CVE-2025-22010 CVE-2025-22014                      CVE-2025-22018 CVE-2025-22020 CVE-2025-22021 CVE-2025-22025                      CVE-2025-22027 CVE-2025-22035 CVE-2025-22044 CVE-2025-22045                      CVE-2025-22054 CVE-2025-22055 CVE-2025-22056 CVE-2025-22063                      CVE-2025-22075 CVE-2025-22079 CVE-2025-22086 CVE-2025-23136                      CVE-2025-23138 CVE-2025-23140 CVE-2025-23142 CVE-2025-23144                      CVE-2025-23145 CVE-2025-23146 CVE-2025-23147 CVE-2025-23148                      CVE-2025-23150 CVE-2025-23156 CVE-2025-23157 CVE-2025-23158                      CVE-2025-23159 CVE-2025-23163 CVE-2025-37738 CVE-2025-37739                      CVE-2025-37740 CVE-2025-37741 CVE-2025-37749 CVE-2025-37756                      CVE-2025-37757 CVE-2025-37765 CVE-2025-37766 CVE-2025-37768                      CVE-2025-37770 CVE-2025-37773 CVE-2025-37780 CVE-2025-37781                      CVE-2025-37782 CVE-2025-37785 CVE-2025-37788 CVE-2025-37789                      CVE-2025-37792 CVE-2025-37794 CVE-2025-37796 CVE-2025-37797                      CVE-2025-37803 CVE-2025-37808 CVE-2025-37810 CVE-2025-37812                      CVE-2025-37817 CVE-2025-37823 CVE-2025-37824 CVE-2025-37829                      CVE-2025-37836 CVE-2025-37838 CVE-2025-37839 CVE-2025-37840                      CVE-2025-37841 CVE-2025-37844 CVE-2025-37850 CVE-2025-37851                      CVE-2025-37857 CVE-2025-37858 CVE-2025-37859 CVE-2025-37862                      CVE-2025-37867 CVE-2025-37871 CVE-2025-37881 CVE-2025-37885                      CVE-2025-38637 CVE-2025-39728 CVE-2025-39735

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For Debian 11 bullseye, these problems have been fixed in version     5.10.237-1.  This additionally includes many more bug fixes from     stable updates 5.10.235-5.10.237.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS     Attachment:
    signature.asc     Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the linux package has been released.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1241-1 advisory.

    The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.

    The following security bugs were fixed:

    - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918).
    - CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
    - CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207).
    - CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276).
    - CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
    - CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
    - CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
    - CVE-2024-56651: can: hi311x: hi3110_can_ist(): fix potential use-after-free (bsc#1235528).
    - CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
    - CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync     (bsc#1239095).
    - CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (bsc#1239109).
    - CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
    - CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073).
    - CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
    - CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (bsc#1239115).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1027-1 advisory.

    The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
    - CVE-2024-41092: drm/i915/gt: Fix potential UAF by revoke of fence registers (bsc#1228483).
    - CVE-2024-42098: crypto: ecdh - explicitly zeroize private_key (bsc#1228779).
    - CVE-2024-42229: crypto: aead,cipher - zeroize key buffer after use (bsc#1228708).
    - CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
    - CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (bsc#1239109).
    - CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073).
    - CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (bsc#1239115).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - drivers: staging: rtl8723bs: Fix deadlock in rtw_surveydone_event_callback() There is a deadlock in     rtw_surveydone_event_callback(), which is shown below: (Thread 1) | (Thread 2) | _set_timer()     rtw_surveydone_event_callback()| mod_timer() spin_lock_bh() //(1) | (wait a time) ... |     rtw_scan_timeout_handler() del_timer_sync() | spin_lock_bh() //(2) (wait timer to stop) | ... We hold     pmlmepriv->lock in position (1) of thread 1 and use del_timer_sync() to wait timer to stop, but timer     handler also need pmlmepriv->lock in position (2) of thread 2. As a result,     rtw_surveydone_event_callback() will block forever. This patch extracts del_timer_sync() from the     protection of spin_lock_bh(), which could let timer handler to obtain the needed lock. What`s more, we     change spin_lock_bh() in rtw_scan_timeout_handler() to spin_lock_irq(). Otherwise, spin_lock_bh() will     also cause deadlock() in timer handler. (CVE-2022-49309)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
276284	TencentOS Server 4: kernel (TSSA-2025:0347)	Nessus	Tencent Local Security Checks	high
237255	Debian dla-4178 : ata-modules-5.10.0-34-armmp-di - security update	Nessus	Debian Local Security Checks	high
236993	Photon OS 4.0: Linux PHSA-2025-4.0-0801	Nessus	PhotonOS Local Security Checks	high
234407	SUSE SLES15 Security Update : kernel (SUSE-SU-2025:1241-1)	Nessus	SuSE Local Security Checks	high
233410	SUSE SLES15 Security Update : kernel (SUSE-SU-2025:1027-1)	Nessus	SuSE Local Security Checks	high
225555	Linux Distros Unpatched Vulnerability : CVE-2022-49309	Nessus	Misc.	medium

Detections

Analytics

CVE-2022-49309

medium

Tenable Plugins

high

high

high

high

high

medium