In the Linux kernel, the following vulnerability has been resolved: ACPI: pfr_update: Fix the driver update version check The security-version-number check should be used rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when the update binary had a lower runtime version number than the current one. [ rjw: Changelog edits ]

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03600-1 advisory.

    The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
    - CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
    - CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
    - CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
    - CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
    - CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
    - CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
    - CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
    - CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
    - CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
    - CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in     rproc_attach() (bsc#1247136).
    - CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
    - CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
    - CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
    - CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
    - CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
    - CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
    - CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
    - CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
    - CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
    - CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
    - CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
    - CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
    - CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
    - CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
    - CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port     (bsc#1248378).
    - CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
    - CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
    - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
    - CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
    - CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
    - CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
    - CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
    - CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
    - CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
    - CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
    - CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
    - CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
    - CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data     (bsc#1248647).
    - CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
    - CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
    - CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
    - CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
    - CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
    - CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
    - CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
    - CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
    - CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
    - CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
    - CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
    - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
    - CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
    - CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
    - CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
    - CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
    - CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
    - CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
    - CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
    - CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
    - CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
    - CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
    - CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
    - CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
    - CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
    - CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
    - CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
    - CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
    - CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
    - CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
    - CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
    - CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
    - CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
    - CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
    - CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
    - CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
    - CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).
    - CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
    - CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
    - CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
    - CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
    - CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
    - CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
    - CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
    - CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
    - CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
    - CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
    - CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20081-1 advisory.

    The SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel was updated to receive various     security bugfixes.

    The following security bugs were fixed:

    - CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
    - CVE-2024-57891: sched_ext: Fix invalid irq restore in scx_ops_bypass() (bsc#1235953).
    - CVE-2024-57951: hrtimers: Handle CPU state correctly on hotplug (bsc#1237108).
    - CVE-2024-57952: Revert libfs: fix infinite directory reads for offset dir (bsc#1237131).
    - CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
    - CVE-2025-22034: mm/rmap: avoid -EBUSY from make_device_exclusive() (bsc#1241435).
    - CVE-2025-22077: Revert smb: client: fix TCP timers deadlock after rmmod (bsc#1241403).
    - CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses     (bsc#1242782).
    - CVE-2025-37821: sched/eevdf: Fix se->slice being set to U64_MAX and resulting (bsc#1242864).
    - CVE-2025-37849: KVM: arm64: Tear down vGIC on failed vCPU creation (bsc#1243000).
    - CVE-2025-37856: btrfs: harden block_group::bg_list against list_del() races (bsc#1243068).
    - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055).
    - CVE-2025-37864: net: dsa: clean up FDB, MDB, VLAN entries on unbind (bsc#1242965).
    - CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
    - CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
    - CVE-2025-38019: mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices (bsc#1245000).
    - CVE-2025-38034: btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (bsc#1244792).
    - CVE-2025-38038: cpufreq: amd-pstate: Remove unnecessary driver_lock in set_boost (bsc#1244812).
    - CVE-2025-38058: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151).
    - CVE-2025-38062: kABI: restore layout of struct msi_desc (bsc#1245216).
    - CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
    - CVE-2025-38101: ring-buffer: Fix buffer locking in ring_buffer_subbuf_order_set() (bsc#1245659).
    - CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
    - CVE-2025-38106: io_uring/sqpoll: do not put task_struct on tctx setup failure (bsc#1245664).
    - CVE-2025-38117: hci_dev centralize extra lock (bsc#1245695).
    - CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
    - CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
    - CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
    - CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
    - CVE-2025-38168: perf: arm-ni: Unregister PMUs on probe failure (bsc#1245763).
    - CVE-2025-38180: net: atm: fix /proc/net/atm/lec handling (bsc#1245970).
    - CVE-2025-38182: ublk: santizize the arguments from userspace when adding a device (bsc#1245937).
    - CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
    - CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
    - CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
    - CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
    - CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
    - CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
    - CVE-2025-38216: iommu/vt-d: Restore context entry setup order for aliased devices (bsc#1245963).
    - CVE-2025-38220: ext4: only dirty folios when data journaling regular files (bsc#1245966).
    - CVE-2025-38222: ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976).
    - CVE-2025-38242: mm: userfaultfd: fix race of userfaultfd_move and swap cache (bsc#1246176).
    - CVE-2025-38244: smb: client: fix potential deadlock when reconnecting channels (bsc#1246183).
    - CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
    - CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
    - CVE-2025-38256: io_uring/rsrc: fix folio unpinning (bsc#1246188).
    - CVE-2025-38258: mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write     (bsc#1246185).
    - CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
    - CVE-2025-38267: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun (bsc#1246245).
    - CVE-2025-38270: net: drv: netdevsim: do not napi_complete() from netpoll (bsc#1246252).
    - CVE-2025-38272: net: dsa: b53: do not enable EEE on bcm63xx (bsc#1246268).
    - CVE-2025-38301: nvmem: zynqmp_nvmem: unbreak driver after cleanup (bsc#1246351).
    - CVE-2025-38306: fs/fhandle.c: fix a race in call of has_locked_children() (bsc#1246366).
    - CVE-2025-38311: iavf: get rid of the crit lock (bsc#1246376).
    - CVE-2025-38318: perf: arm-ni: Fix missing platform_set_drvdata() (bsc#1246444).
    - CVE-2025-38322: perf/x86/intel: Fix crash in icl_update_topdown_event() (bsc#1246447).
    - CVE-2025-38323: net: atm: add lec_mutex (bsc#1246473).
    - CVE-2025-38337: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253).
    - CVE-2025-38341: eth: fbnic: avoid double free when failing to DMA-map FW msg (bsc#1246260).
    - CVE-2025-38349: eventpoll: do not decrement ep refcount while still holding the ep mutex (bsc#1246777).
    - CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
    - CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
    - CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()     (bsc#1246911).
    - CVE-2025-38359: s390/mm: Fix in_atomic() handling in do_secure_storage_access() (bsc#1247076).
    - CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
    - CVE-2025-38365: btrfs: fix a race between renames and directory logging (bsc#1247023).
    - CVE-2025-38374: optee: ffa: fix sleep in atomic context (bsc#1247024).
    - CVE-2025-38382: btrfs: fix iteration of extrefs during log replay (bsc#1247031).
    - CVE-2025-38383: mm/vmalloc: fix data race in show_numa_info() (bsc#1247250).
    - CVE-2025-38392: idpf: convert control queue mutex to a spinlock (bsc#1247169).
    - CVE-2025-38396: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247156).
    - CVE-2025-38399: scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()     (bsc#1247097).
    - CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
    - CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
    - CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
    - CVE-2025-38419: remoteproc: core: Cleanup acquired resources when       rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
    - CVE-2025-38426: drm/amdgpu: Add basic validation for RAS header (bsc#1247252).
    - CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
    - CVE-2025-38440: net/mlx5e: Fix race between DIM disable and net_dim() (bsc#1247290).
    - CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()     (bsc#1247167).
    - CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
    - CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
    - CVE-2025-38451: md/md-bitmap: fix GPF in bitmap_get_stats() (bsc#1247102).
    - CVE-2025-38453: kABI: io_uring: msg_ring ensure io_kiocb freeing is deferred (bsc#1247234).
    - CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
    - CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
    - CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
    - CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
    - CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
    - CVE-2025-38463: tcp: Correct signedness in skb remaining space calculation (bsc#1247113).
    - CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
    - CVE-2025-38470: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime     (bsc#1247288).
    - CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
    - CVE-2025-38475: smc: Fix various oops due to inet_sock type confusion (bsc#1247308).
    - CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
    - CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
    - CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
    - CVE-2025-38493: tracing/osnoise: Fix crash in timerlat_dump_stack() (bsc#1247283).
    - CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).
    - CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns     (bsc#1247976).
    - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface     (bsc#1248088).
    - CVE-2025-38508: x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation (bsc#1248190).
    - CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
    - CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
    - CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
    - CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
    - CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
    - CVE-2025-38539: tracing: Add down_write(trace_event_sem) when adding trace event (bsc#1248211).
    - CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
    - CVE-2025-38545: net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info     (bsc#1248224).
    - CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
    - CVE-2025-38549: efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths (bsc#1248235).
    - CVE-2025-38554: mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped (bsc#1248299).
    - CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
    - CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
    - CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248374).
    - CVE-2025-38571: sunrpc: fix client side handling of tls alerts (bsc#1248401).
    - CVE-2025-38572: ipv6: reject malicious packets in ipv6_gso_segment() (bsc#1248399).
    - CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
    - CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
    - CVE-2025-38588: ipv6: prevent infinite loop in rt6_nlmsg_size() (bsc#1248368).
    - CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
    - CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port     (bsc#1248378).
    - CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
    - CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
    - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
    - CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
    - CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
    - CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
    - CVE-2025-38628: vdpa/mlx5: Fix release of uninitialized resources on error path (bsc#1248616).
    - CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
    - CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
    - CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
    - CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248748).
    - CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
    - CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
    - CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
    - CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
    - CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
    - CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
    - CVE-2025-38686: userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry (bsc#1249160).
    - CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated     (bsc#1249182).
    - CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
    - CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
    - CVE-2025-38710: gfs2: Validate i_depth for exhash directories (bsc#1249201).
    - CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
    - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
    - CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
    - CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
    - CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
    - CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
    - CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
    - CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
    - CVE-2025-39698: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1249322).
    - CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
    - CVE-2025-39723: kABI: netfs: handle new netfs_io_stream flag (bsc#1249314).
    - CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
    - CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
    - CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
    - CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
    - CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
    - CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
    - CVE-2025-39775: mm/mremap: fix WARN with uffd that has remap events disabled (bsc#1249500).
    - CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
    - CVE-2025-39791: dm: dm-crypt: Do not partially accept write BIOs with zoned targets (bsc#1249550).
    - CVE-2025-39792: dm: Always split write BIOs to zoned device limits (bsc#1249618).
    - CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
    - CVE-2025-39813: ftrace: Also allocate and copy hash for reading of filter files (bsc#1250032).
    - CVE-2025-39816: io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths     (bsc#1249906).
    - CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
    - CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
    - CVE-2025-39828: kABI workaround for struct atmdev_ops extension (bsc#1250205).
    - CVE-2025-39830: net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path (bsc#1249974).
    - CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
    - CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
    - CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
    - CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
    - CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
    - CVE-2025-39852: net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 (bsc#1250258).
    - CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
    - CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
    - CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
    - CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
    - CVE-2025-39875: igb: Fix NULL pointer dereference in ethtool loopback test (bsc#1250398).
    - CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
    - CVE-2025-39898: e1000e: fix heap overflow in e1000_set_eeprom (bsc#1250742).
    - CVE-2025-39900: net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y (bsc#1250758).
    - CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
    - CVE-2025-39922: ixgbe: fix incorrect map used in eee linkmode (bsc#1250722).
    - CVE-2025-39926: genetlink: fix genl_bind() invoking bind() after -EPERM (bsc#1250737).
    - CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
    - CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
    - CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
    - CVE-2025-38264: nvme-tcp: sanitize request list handling (bsc#1246387).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4141-1 advisory.

    The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues

    The following security issues were fixed:

    - CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
    - CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
    - CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
    - CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al     (bsc#1248630).
    - CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
    - CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated     (bsc#1249182).
    - CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
    - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
    - CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
    - CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
    - CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
    - CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
    - CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
    - CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
    - CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
    - CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
    - CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
    - CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
    - CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
    - CVE-2025-39828: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (bsc#1250205).
    - CVE-2025-39832: net/mlx5: Add sync reset drop mode support (bsc#1249901).
    - CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
    - CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
    - CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
    - CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
    - CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
    - CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
    - CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
    - CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
    - CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
    - CVE-2025-39900: net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y (bsc#1250758).
    - CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
    - CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
    - CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
    - CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
    - CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
    - CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
    - CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
    - CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
    - CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
    - CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
    - CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
    - CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
    - CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
    - CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
    - CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
    - CVE-2025-39984: net: tun: Update napi->skb after XDP process (bsc#1252081).
    - CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
    - CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
    - CVE-2025-40012: net/smc: fix warning in smc_rx_splice() when calling get_page() (bsc#1252330).
    - CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
    - CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
    - CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
    - CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
    - CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
    - CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree     (bsc#1252918).

    The following non security issues were fixed:

    - ACPI/processor_idle: Add FFH state handling (jsc#PED-13815).
    - ACPI/processor_idle: Export acpi_processor_ffh_play_dead() (jsc#PED-13815).
    - ACPI: battery: Add synchronization between interface updates (git-fixes).
    - ACPI: processor: Rescan 'dead' SMT siblings during initialization (jsc#PED-13815).
    - KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
    - KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
    - KVM: x86: Process 'guest stopped request' once per guest time update (git-fixes).
    - PM: hibernate: Add pm_hibernation_mode_is_suspend() (bsc#1243112).
    - PM: hibernate: Add stub for pm_hibernate_is_recovering() (bsc#1243112).
    - PM: hibernate: Fix pm_hibernation_mode_is_suspend() build breakage (bsc#1243112).
    - PM: hibernate: add new api pm_hibernate_is_recovering() (bsc#1243112).
    - Reapply 'x86/smp: Eliminate mwait_play_dead_cpuid_hint()' (jsc#PED-13815).
    - bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
    - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
    - cpuidle: Do not return from cpuidle_play_dead() on callback failures (jsc#PED-13815).
    - dpll: Make ZL3073X invisible (bsc#1252253).
    - dpll: zl3073x: Add firmware loading functionality (bsc#1252253).
    - dpll: zl3073x: Add functions to access hardware registers (bsc#1252253).
    - dpll: zl3073x: Add low-level flash functions (bsc#1252253).
    - dpll: zl3073x: Add support to get fractional frequency offset (bsc#1252253).
    - dpll: zl3073x: Add support to get phase offset on connected input pin (bsc#1252253).
    - dpll: zl3073x: Add support to get/set esync on pins (bsc#1252253).
    - dpll: zl3073x: Fix build failure (bsc#1252253).
    - dpll: zl3073x: Fix double free in zl3073x_devlink_flash_update() (bsc#1252253).
    - dpll: zl3073x: Handle missing or corrupted flash configuration (bsc#1252253).
    - dpll: zl3073x: Implement devlink flash callback (bsc#1252253).
    - dpll: zl3073x: Increase maximum size of flash utility (bsc#1252253).
    - dpll: zl3073x: Refactor DPLL initialization (bsc#1252253).
    - dpll: zl3073x: ZL3073X_I2C and ZL3073X_SPI should depend on NET (bsc#1252253).
    - drm/amd : Update MES API header file for v11 & v12 (stable-fixes).
    - drm/amd/amdgpu: Implement MES suspend/resume gang functionality for v12 (bsc#1243112).
    - drm/amd/display: Add NULL check for stream before dereference in 'dm_vupdate_high_irq' (bsc#1243112).
    - drm/amd/display: Enable Dynamic DTBCLK Switch (bsc#1243112).
    - drm/amd/display: Fix vupdate_offload_work doc (bsc#1243112).
    - drm/amd/display: fix dmub access race condition (bsc#1243112).
    - drm/amd/display: more liberal vmin/vmax update for freesync (bsc#1243112).
    - drm/amd/include : MES v11 and v12 API header update (stable-fixes).
    - drm/amd/include : Update MES v12 API for fence update (stable-fixes).
    - drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
    - drm/amd: Avoid evicting resources at S5 (bsc#1243112).
    - drm/amd: Check whether secure display TA loaded successfully (bsc#1243112).
    - drm/amd: Fix hybrid sleep (bsc#1243112).
    - drm/amd: Only restore cached manual clock settings in restore if OD enabled (bsc#1243112).
    - drm/amd: Restore cached manual clock settings during resume (bsc#1243112).
    - drm/amdgpu/mes11: implement detect and reset callback (bsc#1243112).
    - drm/amdgpu/mes12: implement detect and reset callback (bsc#1243112).
    - drm/amdgpu/mes: add front end for detect and reset hung queue (bsc#1243112).
    - drm/amdgpu/vpe: cancel delayed work in hw_fini (bsc#1243112).
    - drm/amdgpu: Avoid rma causes GPU duplicate reset (bsc#1243112).
    - drm/amdgpu: Fix for GPU reset being blocked by KIQ I/O (bsc#1243112).
    - drm/amdgpu: Report individual reset error (bsc#1243112).
    - drm/amdgpu: do not resume device in thaw for normal hibernation (bsc#1243112).
    - drm/amdgpu: fix link error for !PM_SLEEP (bsc#1243112).
    - drm/amdkfd: Fix mmap write lock not release (bsc#1243112).
    - drm/xe/guc: Prepare GuC register list and update ADS size for error capture (stable-fixes).
    - ext4: fix checks for orphan inodes (bsc#1250119).
    - hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
    - intel_idle: Provide the default enter_dead() handler (jsc#PED-13815).
    - intel_idle: Rescan 'dead' SMT siblings during initialization (jsc#PED-13815).
    - intel_idle: Use subsys_initcall_sync() for initialization (jsc#PED-13815).
    - ixgbe: handle IXGBE_VF_FEATURES_NEGOTIATE mbox cmd (bsc#1247222).
    - ixgbe: handle IXGBE_VF_GET_PF_LINK_STATE mailbox operation (bsc#1247222).
    - ixgbevf: fix getting link speed data for E610 devices (bsc#1247222).
    - ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1247222).
    - kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
    - module: Prevent silent truncation of module name in delete_module(2) (git-fixes).
    - net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency     (bsc#1248754).
    - netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
    - nvme-auth: update bi_directional flag (git-fixes bsc#1249735).
    - nvme-auth: update sc_c in host response (git-fixes bsc#1249397).
    - nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
    - nvme-tcp: send only permitted commands for secure concat (git-fixes bsc#1247683).
    - nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
    - nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
    - nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
    - perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
    - perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
    - phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
    - platform/x86/amd/pmc: Add 1Ah family series to STB support list (bsc#1243112).
    - platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (bsc#1243112).
    - platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (bsc#1243112).
    - platform/x86/amd/pmc: Add VPE information for AMDI000A platform (bsc#1243112).
    - platform/x86/amd/pmc: Add idlemask support for 1Ah family (bsc#1243112).
    - platform/x86/amd/pmc: Extend support for PMC features on new AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Fix SMU command submission path on new AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Modify SMU message port for latest AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Notify user when platform does not support s0ix transition (bsc#1243112).
    - platform/x86/amd/pmc: Remove unnecessary line breaks (bsc#1243112).
    - platform/x86/amd/pmc: Send OS_HINT command for AMDI000A platform (bsc#1243112).
    - platform/x86/amd/pmc: Send OS_HINT command for new AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Update IP information structure for newer SoCs (bsc#1243112).
    - platform/x86/amd/pmc: Use ARRAY_SIZE() to fill num_ips information (bsc#1243112).
    - platform/x86/amd/pmc: call amd_pmc_get_ip_info() during driver probe (bsc#1243112).
    - platform/x86/amd: pmc: Add new ACPI ID AMDI000B (bsc#1243112).
    - platform/x86/amd: pmc: Drop SMU F/W match for Cezanne (bsc#1243112).
    - platform/x86/amd: pmc: Use guard(mutex) (bsc#1243112).
    - powerpc/boot: Fix build with gcc 15 (bsc#1215199).
    - powerpc/fadump: skip parameter area allocation when fadump is disabled (jsc#PED-9891 git-fixes).
    - powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
    - powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
    - powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
    - powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
    - proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
    - proc: fix type confusion in pde_set_flags() (bsc#1248630)
    - sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
    - scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
    - scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
    - scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
    - scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
    - scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
    - scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
    - scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
    - scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
    - scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
    - scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
    - scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
    - scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
    - scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
    - scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
    - scsi: lpfc: use min() to improve code (bsc#1250519).
    - serial: sc16is7xx: rename Kconfig CONFIG_SERIAL_SC16IS7XX_CORE (bsc#1252469)
    - skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
    - smb: client: fix crypto buffers in non-linear memory (bsc#1250491, bsc#1239206).
    - smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
    - tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
    - tracing: Remove unneeded goto out logic (bsc#1249286).
    - x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
    - x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID     (bsc#1252734).
    - x86/resctrl: Refactor resctrl_arch_rmid_read() (bsc#1252734).
    - x86/smp: Allow calling mwait_play_dead with an arbitrary hint (jsc#PED-13815).
    - x86/smp: Fix mwait_play_dead() and acpi_processor_ffh_play_dead() noreturn behavior (jsc#PED-13815).
    - x86/smp: PM/hibernate: Split arch_resume_nosmt() (jsc#PED-13815).
    - x86/topology: Implement topology_is_core_online() to address SMT regression (jsc#PED-13815).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4132-1 advisory.

    The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues

    The following security issues were fixed:

    - CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
    - CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
    - CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
    - CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al     (bsc#1248630).
    - CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
    - CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated     (bsc#1249182).
    - CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
    - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
    - CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
    - CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
    - CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
    - CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
    - CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
    - CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
    - CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
    - CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
    - CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
    - CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
    - CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
    - CVE-2025-39828: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (bsc#1250205).
    - CVE-2025-39832: net/mlx5: Add sync reset drop mode support (bsc#1249901).
    - CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
    - CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
    - CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
    - CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
    - CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
    - CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
    - CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
    - CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
    - CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
    - CVE-2025-39900: net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y (bsc#1250758).
    - CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
    - CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
    - CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
    - CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
    - CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
    - CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
    - CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
    - CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
    - CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
    - CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
    - CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
    - CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
    - CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
    - CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
    - CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
    - CVE-2025-39984: net: tun: Update napi->skb after XDP process (bsc#1252081).
    - CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
    - CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
    - CVE-2025-40012: net/smc: fix warning in smc_rx_splice() when calling get_page() (bsc#1252330).
    - CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
    - CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
    - CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
    - CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
    - CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
    - CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
    - CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree     (bsc#1252918).

    The following non security issues were fixed:

    - ACPI/processor_idle: Add FFH state handling (jsc#PED-13815).
    - ACPI/processor_idle: Export acpi_processor_ffh_play_dead() (jsc#PED-13815).
    - ACPI: battery: Add synchronization between interface updates (git-fixes).
    - ACPI: processor: Rescan 'dead' SMT siblings during initialization (jsc#PED-13815).
    - KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
    - KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
    - KVM: x86: Process 'guest stopped request' once per guest time update (git-fixes).
    - PM: hibernate: Add pm_hibernation_mode_is_suspend() (bsc#1243112).
    - PM: hibernate: Add stub for pm_hibernate_is_recovering() (bsc#1243112).
    - PM: hibernate: Fix pm_hibernation_mode_is_suspend() build breakage (bsc#1243112).
    - PM: hibernate: add new api pm_hibernate_is_recovering() (bsc#1243112).
    - bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
    - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
    - cpuidle: Do not return from cpuidle_play_dead() on callback failures (jsc#PED-13815).
    - dpll: Make ZL3073X invisible (bsc#1252253).
    - dpll: zl3073x: Add firmware loading functionality (bsc#1252253).
    - dpll: zl3073x: Add functions to access hardware registers (bsc#1252253).
    - dpll: zl3073x: Add low-level flash functions (bsc#1252253).
    - dpll: zl3073x: Add support to get fractional frequency offset (bsc#1252253).
    - dpll: zl3073x: Add support to get phase offset on connected input pin (bsc#1252253).
    - dpll: zl3073x: Add support to get/set esync on pins (bsc#1252253).
    - dpll: zl3073x: Fix build failure (bsc#1252253).
    - dpll: zl3073x: Fix double free in zl3073x_devlink_flash_update() (bsc#1252253).
    - dpll: zl3073x: Handle missing or corrupted flash configuration (bsc#1252253).
    - dpll: zl3073x: Implement devlink flash callback (bsc#1252253).
    - dpll: zl3073x: Increase maximum size of flash utility (bsc#1252253).
    - dpll: zl3073x: Refactor DPLL initialization (bsc#1252253).
    - dpll: zl3073x: ZL3073X_I2C and ZL3073X_SPI should depend on NET (bsc#1252253).
    - drm/amd : Update MES API header file for v11 & v12 (stable-fixes).
    - drm/amd/amdgpu: Implement MES suspend/resume gang functionality for v12 (bsc#1243112).
    - drm/amd/display: Add NULL check for stream before dereference in 'dm_vupdate_high_irq' (bsc#1243112).
    - drm/amd/display: Enable Dynamic DTBCLK Switch (bsc#1243112).
    - drm/amd/display: Fix vupdate_offload_work doc (bsc#1243112).
    - drm/amd/display: fix dmub access race condition (bsc#1243112).
    - drm/amd/display: more liberal vmin/vmax update for freesync (bsc#1243112).
    - drm/amd/include : MES v11 and v12 API header update (stable-fixes).
    - drm/amd/include : Update MES v12 API for fence update (stable-fixes).
    - drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
    - drm/amd: Avoid evicting resources at S5 (bsc#1243112).
    - drm/amd: Check whether secure display TA loaded successfully (bsc#1243112).
    - drm/amd: Fix hybrid sleep (bsc#1243112).
    - drm/amd: Only restore cached manual clock settings in restore if OD enabled (bsc#1243112).
    - drm/amd: Restore cached manual clock settings during resume (bsc#1243112).
    - drm/amdgpu/mes11: implement detect and reset callback (bsc#1243112).
    - drm/amdgpu/mes12: implement detect and reset callback (bsc#1243112).
    - drm/amdgpu/mes: add front end for detect and reset hung queue (bsc#1243112).
    - drm/amdgpu/vpe: cancel delayed work in hw_fini (bsc#1243112).
    - drm/amdgpu: Avoid rma causes GPU duplicate reset (bsc#1243112).
    - drm/amdgpu: Fix for GPU reset being blocked by KIQ I/O (bsc#1243112).
    - drm/amdgpu: Report individual reset error (bsc#1243112).
    - drm/amdgpu: do not resume device in thaw for normal hibernation (bsc#1243112).
    - drm/amdgpu: fix link error for !PM_SLEEP (bsc#1243112).
    - drm/amdkfd: Fix mmap write lock not release (bsc#1243112).
    - drm/xe/guc: Prepare GuC register list and update ADS size for error capture (stable-fixes).
    - ext4: fix checks for orphan inodes (bsc#1250119).
    - hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
    - intel_idle: Provide the default enter_dead() handler (jsc#PED-13815).
    - intel_idle: Rescan 'dead' SMT siblings during initialization (jsc#PED-13815).
    - intel_idle: Use subsys_initcall_sync() for initialization (jsc#PED-13815).
    - ixgbe: handle IXGBE_VF_FEATURES_NEGOTIATE mbox cmd (bsc#1247222).
    - ixgbe: handle IXGBE_VF_GET_PF_LINK_STATE mailbox operation (bsc#1247222).
    - ixgbevf: fix getting link speed data for E610 devices (bsc#1247222).
    - ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1247222).
    - kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
    - module: Prevent silent truncation of module name in delete_module(2) (git-fixes).
    - net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency     (bsc#1248754).
    - netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
    - nvme-auth: update bi_directional flag (git-fixes bsc#1249735).
    - nvme-auth: update sc_c in host response (git-fixes bsc#1249397).
    - nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
    - nvme-tcp: send only permitted commands for secure concat (git-fixes bsc#1247683).
    - nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
    - nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
    - nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
    - perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
    - perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
    - phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
    - platform/x86/amd/pmc: Add 1Ah family series to STB support list (bsc#1243112).
    - platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (bsc#1243112).
    - platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (bsc#1243112).
    - platform/x86/amd/pmc: Add VPE information for AMDI000A platform (bsc#1243112).
    - platform/x86/amd/pmc: Add idlemask support for 1Ah family (bsc#1243112).
    - platform/x86/amd/pmc: Extend support for PMC features on new AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Fix SMU command submission path on new AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Modify SMU message port for latest AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Notify user when platform does not support s0ix transition (bsc#1243112).
    - platform/x86/amd/pmc: Remove unnecessary line breaks (bsc#1243112).
    - platform/x86/amd/pmc: Send OS_HINT command for AMDI000A platform (bsc#1243112).
    - platform/x86/amd/pmc: Send OS_HINT command for new AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Update IP information structure for newer SoCs (bsc#1243112).
    - platform/x86/amd/pmc: Use ARRAY_SIZE() to fill num_ips information (bsc#1243112).
    - platform/x86/amd/pmc: call amd_pmc_get_ip_info() during driver probe (bsc#1243112).
    - platform/x86/amd: pmc: Add new ACPI ID AMDI000B (bsc#1243112).
    - platform/x86/amd: pmc: Drop SMU F/W match for Cezanne (bsc#1243112).
    - platform/x86/amd: pmc: Use guard(mutex) (bsc#1243112).
    - powerpc/boot: Fix build with gcc 15 (bsc#1215199).
    - powerpc/fadump: skip parameter area allocation when fadump is disabled (jsc#PED-9891 git-fixes).
    - powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
    - powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
    - powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
    - powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
    - proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
    - proc: fix type confusion in pde_set_flags() (bsc#1248630)
    - sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
    - scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
    - scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
    - scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
    - scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
    - scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
    - scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
    - scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
    - scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
    - scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
    - scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
    - scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
    - scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
    - scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
    - scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
    - scsi: lpfc: use min() to improve code (bsc#1250519).
    - serial: sc16is7xx: rename Kconfig CONFIG_SERIAL_SC16IS7XX_CORE (bsc#1252469).
    - skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
    - smb: client: fix crypto buffers in non-linear memory (bsc#1250491, bsc#1239206).
    - smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
    - tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
    - tracing: Remove unneeded goto out logic (bsc#1249286).
    - x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
    - x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID     (bsc#1252734).
    - x86/resctrl: Refactor resctrl_arch_rmid_read() (bsc#1252734).
    - x86/smp: Allow calling mwait_play_dead with an arbitrary hint (jsc#PED-13815).
    - x86/smp: Fix mwait_play_dead() and acpi_processor_ffh_play_dead() noreturn behavior (jsc#PED-13815).
    - x86/smp: PM/hibernate: Split arch_resume_nosmt() (jsc#PED-13815).
    - x86/topology: Implement topology_is_core_online() to address SMT regression (jsc#PED-13815).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4057-1 advisory.

    The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues

    The following security issues were fixed:

    - CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
    - CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
    - CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
    - CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al     (bsc#1248630).
    - CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
    - CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated     (bsc#1249182).
    - CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
    - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
    - CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
    - CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
    - CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
    - CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
    - CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
    - CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
    - CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
    - CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
    - CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
    - CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
    - CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
    - CVE-2025-39828: atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (bsc#1250205).
    - CVE-2025-39832: net/mlx5: Add sync reset drop mode support (bsc#1249901).
    - CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
    - CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
    - CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
    - CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
    - CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
    - CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
    - CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
    - CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
    - CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
    - CVE-2025-39898: e1000e: fix heap overflow in e1000_set_eeprom (bsc#1250742).
    - CVE-2025-39900: net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y (bsc#1250758).
    - CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
    - CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
    - CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
    - CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
    - CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
    - CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
    - CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
    - CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
    - CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
    - CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
    - CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
    - CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
    - CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
    - CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
    - CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
    - CVE-2025-39984: net: tun: Update napi->skb after XDP process (bsc#1252081).
    - CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
    - CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
    - CVE-2025-40012: net/smc: fix warning in smc_rx_splice() when calling get_page() (bsc#1252330).
    - CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
    - CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
    - CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
    - CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
    - CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
    - CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree     (bsc#1252918).

    The following non security issues were fixed:

    - ACPI/processor_idle: Add FFH state handling (jsc#PED-13815).
    - ACPI/processor_idle: Export acpi_processor_ffh_play_dead() (jsc#PED-13815).
    - ACPI: battery: Add synchronization between interface updates (git-fixes).
    - ACPI: processor: Rescan 'dead' SMT siblings during initialization (jsc#PED-13815).
    - KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
    - KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
    - KVM: x86: Process 'guest stopped request' once per guest time update (git-fixes).
    - PM: hibernate: Add pm_hibernation_mode_is_suspend() (bsc#1243112).
    - PM: hibernate: Add stub for pm_hibernate_is_recovering() (bsc#1243112).
    - PM: hibernate: Fix pm_hibernation_mode_is_suspend() build breakage (bsc#1243112).
    - PM: hibernate: add new api pm_hibernate_is_recovering() (bsc#1243112).
    - bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
    - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
    - cpuidle: Do not return from cpuidle_play_dead() on callback failures (jsc#PED-13815).
    - dpll: Make ZL3073X invisible (bsc#1252253).
    - dpll: zl3073x: Add firmware loading functionality (bsc#1252253).
    - dpll: zl3073x: Add functions to access hardware registers (bsc#1252253).
    - dpll: zl3073x: Add low-level flash functions (bsc#1252253).
    - dpll: zl3073x: Add support to get fractional frequency offset (bsc#1252253).
    - dpll: zl3073x: Add support to get phase offset on connected input pin (bsc#1252253).
    - dpll: zl3073x: Add support to get/set esync on pins (bsc#1252253).
    - dpll: zl3073x: Fix build failure (bsc#1252253).
    - dpll: zl3073x: Fix double free in zl3073x_devlink_flash_update() (bsc#1252253).
    - dpll: zl3073x: Handle missing or corrupted flash configuration (bsc#1252253).
    - dpll: zl3073x: Implement devlink flash callback (bsc#1252253).
    - dpll: zl3073x: Increase maximum size of flash utility (bsc#1252253).
    - dpll: zl3073x: Refactor DPLL initialization (bsc#1252253).
    - dpll: zl3073x: ZL3073X_I2C and ZL3073X_SPI should depend on NET (bsc#1252253).
    - drm/amd : Update MES API header file for v11 & v12 (stable-fixes).
    - drm/amd/amdgpu: Implement MES suspend/resume gang functionality for v12 (bsc#1243112).
    - drm/amd/display: Add NULL check for stream before dereference in 'dm_vupdate_high_irq' (bsc#1243112).
    - drm/amd/display: Enable Dynamic DTBCLK Switch (bsc#1243112).
    - drm/amd/display: Fix vupdate_offload_work doc (bsc#1243112).
    - drm/amd/display: fix dmub access race condition (bsc#1243112).
    - drm/amd/display: more liberal vmin/vmax update for freesync (bsc#1243112).
    - drm/amd/include : MES v11 and v12 API header update (stable-fixes).
    - drm/amd/include : Update MES v12 API for fence update (stable-fixes).
    - drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
    - drm/amd: Avoid evicting resources at S5 (bsc#1243112).
    - drm/amd: Check whether secure display TA loaded successfully (bsc#1243112).
    - drm/amd: Fix hybrid sleep (bsc#1243112).
    - drm/amd: Only restore cached manual clock settings in restore if OD enabled (bsc#1243112).
    - drm/amd: Restore cached manual clock settings during resume (bsc#1243112).
    - drm/amdgpu/mes11: implement detect and reset callback (bsc#1243112).
    - drm/amdgpu/mes12: implement detect and reset callback (bsc#1243112).
    - drm/amdgpu/mes: add front end for detect and reset hung queue (bsc#1243112).
    - drm/amdgpu/vpe: cancel delayed work in hw_fini (bsc#1243112).
    - drm/amdgpu: Avoid rma causes GPU duplicate reset (bsc#1243112).
    - drm/amdgpu: Fix for GPU reset being blocked by KIQ I/O (bsc#1243112).
    - drm/amdgpu: Report individual reset error (bsc#1243112).
    - drm/amdgpu: do not resume device in thaw for normal hibernation (bsc#1243112).
    - drm/amdgpu: fix link error for !PM_SLEEP (bsc#1243112).
    - drm/amdkfd: Fix mmap write lock not release (bsc#1243112).
    - drm/xe/guc: Prepare GuC register list and update ADS size for error capture (stable-fixes).
    - ext4: fix checks for orphan inodes (bsc#1250119).
    - hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
    - intel_idle: Provide the default enter_dead() handler (jsc#PED-13815).
    - intel_idle: Rescan 'dead' SMT siblings during initialization (jsc#PED-13815).
    - intel_idle: Use subsys_initcall_sync() for initialization (jsc#PED-13815).
    - ixgbe: handle IXGBE_VF_FEATURES_NEGOTIATE mbox cmd (bsc#1247222).
    - ixgbe: handle IXGBE_VF_GET_PF_LINK_STATE mailbox operation (bsc#1247222).
    - ixgbevf: fix getting link speed data for E610 devices (bsc#1247222).
    - ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1247222).
    - kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
    - net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency     (bsc#1248754).
    - netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
    - nvme-auth: update bi_directional flag (git-fixes bsc#1249735).
    - nvme-auth: update sc_c in host response (git-fixes bsc#1249397).
    - nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
    - nvme-tcp: send only permitted commands for secure concat (git-fixes bsc#1247683).
    - nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
    - nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
    - nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
    - perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
    - perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
    - phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
    - platform/x86/amd/pmc: Add 1Ah family series to STB support list (bsc#1243112).
    - platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (bsc#1243112).
    - platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (bsc#1243112).
    - platform/x86/amd/pmc: Add VPE information for AMDI000A platform (bsc#1243112).
    - platform/x86/amd/pmc: Add idlemask support for 1Ah family (bsc#1243112).
    - platform/x86/amd/pmc: Extend support for PMC features on new AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Fix SMU command submission path on new AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Modify SMU message port for latest AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Notify user when platform does not support s0ix transition (bsc#1243112).
    - platform/x86/amd/pmc: Remove unnecessary line breaks (bsc#1243112).
    - platform/x86/amd/pmc: Send OS_HINT command for AMDI000A platform (bsc#1243112).
    - platform/x86/amd/pmc: Send OS_HINT command for new AMD platform (bsc#1243112).
    - platform/x86/amd/pmc: Update IP information structure for newer SoCs (bsc#1243112).
    - platform/x86/amd/pmc: Use ARRAY_SIZE() to fill num_ips information (bsc#1243112).
    - platform/x86/amd/pmc: call amd_pmc_get_ip_info() during driver probe (bsc#1243112).
    - platform/x86/amd: pmc: Add new ACPI ID AMDI000B (bsc#1243112).
    - platform/x86/amd: pmc: Drop SMU F/W match for Cezanne (bsc#1243112).
    - platform/x86/amd: pmc: Use guard(mutex) (bsc#1243112).
    - powerpc/boot: Fix build with gcc 15 (bsc#1215199).
    - powerpc/fadump: skip parameter area allocation when fadump is disabled (jsc#PED-9891 git-fixes).
    - powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
    - powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
    - powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
    - powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
    - proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
    - proc: fix type confusion in pde_set_flags() (bsc#1248630)
    - sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
    - scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
    - scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
    - scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
    - scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
    - scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
    - scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
    - scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
    - scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
    - scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
    - scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
    - scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
    - scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
    - scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
    - scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
    - scsi: lpfc: use min() to improve code (bsc#1250519).
    - serial: sc16is7xx: rename Kconfig CONFIG_SERIAL_SC16IS7XX_CORE (bsc#1252469) Re-enable     CONFIG_SERIAL_SC16IS7X for aarch64 and x86_64 default configurations, but keep it disabled for kvmsmall     configurations. For ppc64 and s390x drivers was not enabled, so keep it that way. Add sc16is7xx_spi and     sc16is7xx_i2c drivers to supported list.
    - skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
    - smb: client: fix crypto buffers in non-linear memory (bsc#1250491, bsc#1239206).
    - smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
    - tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
    - tracing: Remove unneeded goto out logic (bsc#1249286).
    - x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
    - x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID     (bsc#1252734).
    - x86/resctrl: Refactor resctrl_arch_rmid_read() (bsc#1252734).
    - x86/smp: Allow calling mwait_play_dead with an arbitrary hint (jsc#PED-13815).
    - x86/smp: Fix mwait_play_dead() and acpi_processor_ffh_play_dead() noreturn behavior (jsc#PED-13815).
    - x86/smp: PM/hibernate: Split arch_resume_nosmt() (jsc#PED-13815).
    - x86/topology: Implement topology_is_core_online() to address SMT regression (jsc#PED-13815).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3751-1 advisory.

    The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
    - CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
    - CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
    - CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
    - CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
    - CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
    - CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
    - CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
    - CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
    - CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
    - CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in     rproc_attach() (bsc#1247136).
    - CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
    - CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
    - CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
    - CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
    - CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
    - CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
    - CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
    - CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
    - CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
    - CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
    - CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
    - CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
    - CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
    - CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
    - CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port     (bsc#1248378).
    - CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
    - CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
    - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
    - CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
    - CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
    - CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
    - CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
    - CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
    - CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
    - CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
    - CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
    - CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
    - CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data     (bsc#1248647).
    - CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
    - CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
    - CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
    - CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
    - CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
    - CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
    - CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
    - CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
    - CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
    - CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
    - CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
    - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
    - CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
    - CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
    - CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
    - CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
    - CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
    - CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
    - CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
    - CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
    - CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
    - CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
    - CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
    - CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
    - CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
    - CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
    - CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
    - CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
    - CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
    - CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
    - CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
    - CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
    - CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
    - CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
    - CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
    - CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
    - CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).
    - CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
    - CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
    - CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
    - CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
    - CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
    - CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
    - CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
    - CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
    - CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
    - CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
    - CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03634-1 advisory.

    The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
    - CVE-2024-46733: btrfs: fix qgroup reserve leaks in cow_file_range (bsc#1230708).
    - CVE-2024-53125: bpf: sync_linked_regs() must preserve subreg_def (bsc#1234156).
    - CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
    - CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
    - CVE-2025-37885: KVM: x86: Reset IRTE to host control if *new* route isn't postable (bsc#1242960).
    - CVE-2025-38006: net: mctp: Do not access ifa_index when missing (bsc#1244930).
    - CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
    - CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
    - CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
    - CVE-2025-38125: net: stmmac: make sure that ptp_rate is not 0 before configuring EST (bsc#1245710).
    - CVE-2025-38146: net: openvswitch: Fix the dead loop of MPLS parse (bsc#1245767).
    - CVE-2025-38160: clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (bsc#1245780).
    - CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
    - CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
    - CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
    - CVE-2025-38201: netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (bsc#1245977).
    - CVE-2025-38205: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (bsc#1246005).
    - CVE-2025-38208: smb: client: add NULL check in automount_fullpath (bsc#1245815).
    - CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
    - CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
    - CVE-2025-38251: atm: clip: prevent NULL deref in clip_push() (bsc#1246181).
    - CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
    - CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
    - CVE-2025-38360: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078).
    - CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
    - CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
    - CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
    - CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in     rproc_attach() (bsc#1247136).
    - CVE-2025-38439: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (bsc#1247155).
    - CVE-2025-38441: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()     (bsc#1247167).
    - CVE-2025-38444: raid10: cleanup memleak at raid10_make_request (bsc#1247162).
    - CVE-2025-38445: md/raid1: Fix stack memory use after return in raid1_reshape (bsc#1247229).
    - CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
    - CVE-2025-38458: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (bsc#1247116).
    - CVE-2025-38459: atm: clip: Fix infinite recursive call of clip_push() (bsc#1247119).
    - CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
    - CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
    - CVE-2025-38472: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (bsc#1247313).
    - CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
    - CVE-2025-38490: net: libwx: remove duplicate page_pool_put_full_page() (bsc#1247243).
    - CVE-2025-38491: mptcp: make fallback action and fallback decision atomic (bsc#1247280).
    - CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns     (bsc#1247976).
    - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collect_md xfrm interface     (bsc#1248088).
    - CVE-2025-38506: KVM: Allow CPU to reschedule while setting per-page memory attributes (bsc#1248186).
    - CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
    - CVE-2025-38520: drm/amdkfd: Do not call mmput from MMU notifier callback (bsc#1248217).
    - CVE-2025-38524: rxrpc: Fix recv-recv race of completed call (bsc#1248194).
    - CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
    - CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
    - CVE-2025-38528: bpf: Reject %p% format string in bprintf-like helpers (bsc#1248198).
    - CVE-2025-38531: iio: common: st_sensors: Fix use of uninitialize device structs (bsc#1248205).
    - CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
    - CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
    - CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
    - CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
    - CVE-2025-38560: x86/sev: Evict cache lines during SNP memory validation (bsc#1248312).
    - CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
    - CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
    - CVE-2025-38585: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (bsc#1248355).
    - CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
    - CVE-2025-38591: bpf: Reject narrower access to pointer ctx fields (bsc#1248363).
    - CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
    - CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
    - CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port     (bsc#1248378).
    - CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
    - CVE-2025-38608: bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338).
    - CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
    - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
    - CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
    - CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
    - CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
    - CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
    - CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
    - CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
    - CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
    - CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
    - CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
    - CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
    - CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data     (bsc#1248647).
    - CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
    - CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
    - CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
    - CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
    - CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
    - CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
    - CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
    - CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
    - CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
    - CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
    - CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
    - CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
    - CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
    - CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
    - CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
    - CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
    - CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
    - CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
    - CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
    - CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
    - CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
    - CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
    - CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
    - CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
    - CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
    - CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
    - CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
    - CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
    - CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
    - CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
    - CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
    - CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
    - CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
    - CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
    - CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
    - CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
    - CVE-2025-39828: kABI workaround for struct atmdev_ops extension (bsc#1250205).
    - CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).
    - CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
    - CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
    - CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
    - CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
    - CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
    - CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
    - CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
    - CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
    - CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
    - CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
    - CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4328 advisory.

    -------------------------------------------------------------------------     Debian LTS Advisory DLA-4328-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                        Ben Hutchings     October 13, 2025                              https://wiki.debian.org/LTS
    -------------------------------------------------------------------------

    Package        : linux-6.1     Version        : 6.1.153-1     CVE ID         : CVE-2024-36331 CVE-2024-36350 CVE-2024-36357 CVE-2024-36913                      CVE-2024-41013 CVE-2024-47704 CVE-2024-56758 CVE-2024-57883                      CVE-2024-57924 CVE-2024-58240 CVE-2025-21816 CVE-2025-22119                      CVE-2025-23143 CVE-2025-23160 CVE-2025-27558 CVE-2025-37925                      CVE-2025-37931 CVE-2025-37958 CVE-2025-37968 CVE-2025-38000                      CVE-2025-38001 CVE-2025-38003 CVE-2025-38004 CVE-2025-38031                      CVE-2025-38034 CVE-2025-38035 CVE-2025-38037 CVE-2025-38040                      CVE-2025-38043 CVE-2025-38044 CVE-2025-38048 CVE-2025-38051                      CVE-2025-38052 CVE-2025-38058 CVE-2025-38061 CVE-2025-38062                      CVE-2025-38063 CVE-2025-38065 CVE-2025-38066 CVE-2025-38067                      CVE-2025-38068 CVE-2025-38071 CVE-2025-38072 CVE-2025-38074                      CVE-2025-38075 CVE-2025-38077 CVE-2025-38078 CVE-2025-38079                      CVE-2025-38083 CVE-2025-38084 CVE-2025-38085 CVE-2025-38086                      CVE-2025-38088 CVE-2025-38090 CVE-2025-38097 CVE-2025-38100                      CVE-2025-38102 CVE-2025-38103 CVE-2025-38107 CVE-2025-38108                      CVE-2025-38111 CVE-2025-38112 CVE-2025-38113 CVE-2025-38115                      CVE-2025-38118 CVE-2025-38119 CVE-2025-38120 CVE-2025-38122                      CVE-2025-38124 CVE-2025-38126 CVE-2025-38131 CVE-2025-38135                      CVE-2025-38136 CVE-2025-38138 CVE-2025-38142 CVE-2025-38143                      CVE-2025-38145 CVE-2025-38146 CVE-2025-38147 CVE-2025-38148                      CVE-2025-38151 CVE-2025-38153 CVE-2025-38154 CVE-2025-38157                      CVE-2025-38158 CVE-2025-38159 CVE-2025-38160 CVE-2025-38161                      CVE-2025-38163 CVE-2025-38165 CVE-2025-38166 CVE-2025-38167                      CVE-2025-38170 CVE-2025-38173 CVE-2025-38174 CVE-2025-38180                      CVE-2025-38181 CVE-2025-38183 CVE-2025-38184 CVE-2025-38185                      CVE-2025-38190 CVE-2025-38191 CVE-2025-38193 CVE-2025-38194                      CVE-2025-38197 CVE-2025-38198 CVE-2025-38200 CVE-2025-38202                      CVE-2025-38211 CVE-2025-38212 CVE-2025-38214 CVE-2025-38215                      CVE-2025-38218 CVE-2025-38219 CVE-2025-38222 CVE-2025-38225                      CVE-2025-38226 CVE-2025-38227 CVE-2025-38229 CVE-2025-38230                      CVE-2025-38231 CVE-2025-38236 CVE-2025-38239 CVE-2025-38245                      CVE-2025-38249 CVE-2025-38251 CVE-2025-38257 CVE-2025-38259                      CVE-2025-38260 CVE-2025-38262 CVE-2025-38263 CVE-2025-38273                      CVE-2025-38275 CVE-2025-38277 CVE-2025-38280 CVE-2025-38282                      CVE-2025-38285 CVE-2025-38286 CVE-2025-38293 CVE-2025-38298                      CVE-2025-38300 CVE-2025-38304 CVE-2025-38305 CVE-2025-38310                      CVE-2025-38312 CVE-2025-38313 CVE-2025-38319 CVE-2025-38320                      CVE-2025-38322 CVE-2025-38323 CVE-2025-38324 CVE-2025-38326                      CVE-2025-38328 CVE-2025-38331 CVE-2025-38332 CVE-2025-38334                      CVE-2025-38335 CVE-2025-38336 CVE-2025-38337 CVE-2025-38342                      CVE-2025-38344 CVE-2025-38345 CVE-2025-38346 CVE-2025-38347                      CVE-2025-38348 CVE-2025-38350 CVE-2025-38352 CVE-2025-38354                      CVE-2025-38362 CVE-2025-38363 CVE-2025-38364 CVE-2025-38365                      CVE-2025-38371 CVE-2025-38375 CVE-2025-38377 CVE-2025-38382                      CVE-2025-38384 CVE-2025-38385 CVE-2025-38386 CVE-2025-38387                      CVE-2025-38389 CVE-2025-38391 CVE-2025-38393 CVE-2025-38395                      CVE-2025-38396 CVE-2025-38399 CVE-2025-38400 CVE-2025-38401                      CVE-2025-38403 CVE-2025-38404 CVE-2025-38406 CVE-2025-38409                      CVE-2025-38410 CVE-2025-38412 CVE-2025-38415 CVE-2025-38416                      CVE-2025-38418 CVE-2025-38419 CVE-2025-38420 CVE-2025-38422                      CVE-2025-38424 CVE-2025-38425 CVE-2025-38428 CVE-2025-38430                      CVE-2025-38437 CVE-2025-38439 CVE-2025-38441 CVE-2025-38443                      CVE-2025-38444 CVE-2025-38445 CVE-2025-38448 CVE-2025-38451                      CVE-2025-38455 CVE-2025-38456 CVE-2025-38457 CVE-2025-38458                      CVE-2025-38459 CVE-2025-38460 CVE-2025-38461 CVE-2025-38462                      CVE-2025-38464 CVE-2025-38465 CVE-2025-38466 CVE-2025-38467                      CVE-2025-38468 CVE-2025-38470 CVE-2025-38471 CVE-2025-38472                      CVE-2025-38473 CVE-2025-38474 CVE-2025-38476 CVE-2025-38477                      CVE-2025-38478 CVE-2025-38480 CVE-2025-38481 CVE-2025-38482                      CVE-2025-38483 CVE-2025-38485 CVE-2025-38487 CVE-2025-38488                      CVE-2025-38491 CVE-2025-38494 CVE-2025-38495 CVE-2025-38497                      CVE-2025-38498 CVE-2025-38499 CVE-2025-38500 CVE-2025-38501                      CVE-2025-38502 CVE-2025-38503 CVE-2025-38510 CVE-2025-38512                      CVE-2025-38513 CVE-2025-38514 CVE-2025-38515 CVE-2025-38516                      CVE-2025-38520 CVE-2025-38527 CVE-2025-38528 CVE-2025-38529                      CVE-2025-38530 CVE-2025-38535 CVE-2025-38538 CVE-2025-38539                      CVE-2025-38540 CVE-2025-38542 CVE-2025-38543 CVE-2025-38546                      CVE-2025-38548 CVE-2025-38550 CVE-2025-38552 CVE-2025-38553                      CVE-2025-38555 CVE-2025-38560 CVE-2025-38561 CVE-2025-38562                      CVE-2025-38563 CVE-2025-38565 CVE-2025-38569 CVE-2025-38572                      CVE-2025-38574 CVE-2025-38576 CVE-2025-38577 CVE-2025-38578                      CVE-2025-38579 CVE-2025-38581 CVE-2025-38583 CVE-2025-38587                      CVE-2025-38588 CVE-2025-38601 CVE-2025-38602 CVE-2025-38604                      CVE-2025-38608 CVE-2025-38609 CVE-2025-38610 CVE-2025-38612                      CVE-2025-38614 CVE-2025-38617 CVE-2025-38618 CVE-2025-38622                      CVE-2025-38623 CVE-2025-38624 CVE-2025-38630 CVE-2025-38634                      CVE-2025-38635 CVE-2025-38639 CVE-2025-38644 CVE-2025-38645                      CVE-2025-38650 CVE-2025-38652 CVE-2025-38653 CVE-2025-38663                      CVE-2025-38664 CVE-2025-38665 CVE-2025-38666 CVE-2025-38668                      CVE-2025-38670 CVE-2025-38671 CVE-2025-38676 CVE-2025-38677                      CVE-2025-38679 CVE-2025-38680 CVE-2025-38681 CVE-2025-38683                      CVE-2025-38684 CVE-2025-38685 CVE-2025-38687 CVE-2025-38691                      CVE-2025-38693 CVE-2025-38694 CVE-2025-38695 CVE-2025-38696                      CVE-2025-38697 CVE-2025-38698 CVE-2025-38699 CVE-2025-38700                      CVE-2025-38701 CVE-2025-38702 CVE-2025-38706 CVE-2025-38707                      CVE-2025-38708 CVE-2025-38711 CVE-2025-38712 CVE-2025-38713                      CVE-2025-38714 CVE-2025-38715 CVE-2025-38721 CVE-2025-38723                      CVE-2025-38724 CVE-2025-38725 CVE-2025-38727 CVE-2025-38728                      CVE-2025-38729 CVE-2025-38732 CVE-2025-38735 CVE-2025-38736                      CVE-2025-39673 CVE-2025-39675 CVE-2025-39676 CVE-2025-39681                      CVE-2025-39682 CVE-2025-39683 CVE-2025-39684 CVE-2025-39685                      CVE-2025-39686 CVE-2025-39687 CVE-2025-39689 CVE-2025-39691                      CVE-2025-39692 CVE-2025-39693 CVE-2025-39694 CVE-2025-39697                      CVE-2025-39701 CVE-2025-39702 CVE-2025-39703 CVE-2025-39706                      CVE-2025-39709 CVE-2025-39710 CVE-2025-39713 CVE-2025-39714                      CVE-2025-39715 CVE-2025-39716 CVE-2025-39718 CVE-2025-39719                      CVE-2025-39724 CVE-2025-39730 CVE-2025-39731 CVE-2025-39734                      CVE-2025-39736 CVE-2025-39737 CVE-2025-39738 CVE-2025-39742                      CVE-2025-39743 CVE-2025-39749 CVE-2025-39752 CVE-2025-39756                      CVE-2025-39757 CVE-2025-39759 CVE-2025-39760 CVE-2025-39766                      CVE-2025-39770 CVE-2025-39772 CVE-2025-39773 CVE-2025-39776                      CVE-2025-39782 CVE-2025-39783 CVE-2025-39787 CVE-2025-39788                      CVE-2025-39790 CVE-2025-39794 CVE-2025-39795 CVE-2025-39798                      CVE-2025-39800 CVE-2025-39801 CVE-2025-39806 CVE-2025-39808                      CVE-2025-39812 CVE-2025-39813 CVE-2025-39817 CVE-2025-39819                      CVE-2025-39823 CVE-2025-39824 CVE-2025-39825 CVE-2025-39826                      CVE-2025-39827 CVE-2025-39828 CVE-2025-39835 CVE-2025-39838                      CVE-2025-39839 CVE-2025-39841 CVE-2025-39842 CVE-2025-39843                      CVE-2025-39844 CVE-2025-39845 CVE-2025-39846 CVE-2025-39847                      CVE-2025-39848 CVE-2025-39849 CVE-2025-39853 CVE-2025-39857                      CVE-2025-39860 CVE-2025-39864 CVE-2025-39865 CVE-2025-39866                      CVE-2025-39869 CVE-2025-39870 CVE-2025-39873 CVE-2025-39876                      CVE-2025-39877 CVE-2025-39880 CVE-2025-39881 CVE-2025-39883                      CVE-2025-39885 CVE-2025-39891 CVE-2025-39894 CVE-2025-39898                      CVE-2025-39902 CVE-2025-39907 CVE-2025-39909 CVE-2025-39911                      CVE-2025-39913 CVE-2025-39914 CVE-2025-39916 CVE-2025-39920                      CVE-2025-39923 CVE-2025-40300     Debian Bug     : 1040901 1107479 1107511 1108065 1108069 1108271 1108430                      1109734 1111017 1114773

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For Debian 11 bullseye, these problems have been fixed in version     6.1.153-1~deb11u1.  Starting with this version, modules are signed     with an ephemeral key on all architectures, and the broken pktcdvd     driver is disabled.  This version additionally includes many more bug     fixes from stable updates 6.1.141-6.1.153.

    We recommend that you upgrade your linux-6.1 packages.

    For the detailed security status of linux-6.1 please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/linux-6.1

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS     Attachment:
    signature.asc     Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

An update of the linux package has been released.

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6008 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6008-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     September 22, 2025                    https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : linux     CVE ID         : CVE-2025-21751 CVE-2025-22103 CVE-2025-22113 CVE-2025-22124                      CVE-2025-22125 CVE-2025-23133 CVE-2025-38272 CVE-2025-38306                      CVE-2025-38453 CVE-2025-38502 CVE-2025-38556 CVE-2025-38676                      CVE-2025-38677 CVE-2025-38730 CVE-2025-38732 CVE-2025-38733                      CVE-2025-38734 CVE-2025-38735 CVE-2025-38736 CVE-2025-38737                      CVE-2025-39673 CVE-2025-39675 CVE-2025-39676 CVE-2025-39679                      CVE-2025-39681 CVE-2025-39682 CVE-2025-39683 CVE-2025-39684                      CVE-2025-39685 CVE-2025-39686 CVE-2025-39687 CVE-2025-39689                      CVE-2025-39691 CVE-2025-39692 CVE-2025-39693 CVE-2025-39694                      CVE-2025-39695 CVE-2025-39697 CVE-2025-39698 CVE-2025-39700                      CVE-2025-39701 CVE-2025-39702 CVE-2025-39703 CVE-2025-39705                      CVE-2025-39706 CVE-2025-39707 CVE-2025-39709 CVE-2025-39710                      CVE-2025-39711 CVE-2025-39712 CVE-2025-39713 CVE-2025-39714                      CVE-2025-39715 CVE-2025-39716 CVE-2025-39718 CVE-2025-39719                      CVE-2025-39720 CVE-2025-39721 CVE-2025-39722 CVE-2025-39723                      CVE-2025-39724 CVE-2025-39759 CVE-2025-39765 CVE-2025-39766                      CVE-2025-39767 CVE-2025-39770 CVE-2025-39772 CVE-2025-39773                      CVE-2025-39776 CVE-2025-39779 CVE-2025-39780 CVE-2025-39781                      CVE-2025-39782 CVE-2025-39783 CVE-2025-39787 CVE-2025-39788                      CVE-2025-39790 CVE-2025-39791 CVE-2025-39800 CVE-2025-39801                      CVE-2025-39805 CVE-2025-39806 CVE-2025-39807 CVE-2025-39808                      CVE-2025-39810 CVE-2025-39811 CVE-2025-39812 CVE-2025-39813                      CVE-2025-39815 CVE-2025-39817 CVE-2025-39819 CVE-2025-39823                      CVE-2025-39824 CVE-2025-39825 CVE-2025-39826 CVE-2025-39827                      CVE-2025-39828 CVE-2025-39829 CVE-2025-39831 CVE-2025-39832                      CVE-2025-39835 CVE-2025-39836 CVE-2025-39838 CVE-2025-39839                      CVE-2025-39841 CVE-2025-39842 CVE-2025-39843 CVE-2025-39844                      CVE-2025-39845 CVE-2025-39846 CVE-2025-39847 CVE-2025-39848                      CVE-2025-39849 CVE-2025-39850 CVE-2025-39851 CVE-2025-39852                      CVE-2025-39853 CVE-2025-39854 CVE-2025-39857 CVE-2025-39860                      CVE-2025-39861 CVE-2025-39863 CVE-2025-39864 CVE-2025-39865                      CVE-2025-39866 CVE-2025-40300

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For the stable distribution (trixie), these problems have been fixed in     version 6.12.48-1.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security     tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6009 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6009-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     September 22, 2025                    https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : linux     CVE ID         : CVE-2024-47704 CVE-2024-57924 CVE-2024-58240 CVE-2025-23143                      CVE-2025-23160 CVE-2025-37931 CVE-2025-37968 CVE-2025-38322                      CVE-2025-38347 CVE-2025-38491 CVE-2025-38502 CVE-2025-38552                      CVE-2025-38614 CVE-2025-38670 CVE-2025-38676 CVE-2025-38677                      CVE-2025-38679 CVE-2025-38680 CVE-2025-38681 CVE-2025-38683                      CVE-2025-38684 CVE-2025-38685 CVE-2025-38687 CVE-2025-38691                      CVE-2025-38693 CVE-2025-38694 CVE-2025-38695 CVE-2025-38696                      CVE-2025-38697 CVE-2025-38698 CVE-2025-38699 CVE-2025-38700                      CVE-2025-38701 CVE-2025-38702 CVE-2025-38706 CVE-2025-38707                      CVE-2025-38708 CVE-2025-38711 CVE-2025-38712 CVE-2025-38713                      CVE-2025-38714 CVE-2025-38715 CVE-2025-38721 CVE-2025-38723                      CVE-2025-38724 CVE-2025-38725 CVE-2025-38727 CVE-2025-38728                      CVE-2025-38729 CVE-2025-38732 CVE-2025-38735 CVE-2025-38736                      CVE-2025-39673 CVE-2025-39675 CVE-2025-39676 CVE-2025-39681                      CVE-2025-39682 CVE-2025-39683 CVE-2025-39684 CVE-2025-39685                      CVE-2025-39686 CVE-2025-39687 CVE-2025-39689 CVE-2025-39691                      CVE-2025-39692 CVE-2025-39693 CVE-2025-39694 CVE-2025-39697                      CVE-2025-39701 CVE-2025-39702 CVE-2025-39703 CVE-2025-39706                      CVE-2025-39709 CVE-2025-39710 CVE-2025-39713 CVE-2025-39714                      CVE-2025-39715 CVE-2025-39716 CVE-2025-39718 CVE-2025-39719                      CVE-2025-39724 CVE-2025-39736 CVE-2025-39737 CVE-2025-39738                      CVE-2025-39742 CVE-2025-39743 CVE-2025-39749 CVE-2025-39751                      CVE-2025-39752 CVE-2025-39756 CVE-2025-39757 CVE-2025-39759                      CVE-2025-39760 CVE-2025-39766 CVE-2025-39770 CVE-2025-39772                      CVE-2025-39773 CVE-2025-39776 CVE-2025-39782 CVE-2025-39783                      CVE-2025-39787 CVE-2025-39788 CVE-2025-39790 CVE-2025-39794                      CVE-2025-39795 CVE-2025-39798 CVE-2025-39800 CVE-2025-39801                      CVE-2025-39806 CVE-2025-39808 CVE-2025-39812 CVE-2025-39813                      CVE-2025-39817 CVE-2025-39819 CVE-2025-39823 CVE-2025-39824                      CVE-2025-39825 CVE-2025-39826 CVE-2025-39827 CVE-2025-39828                      CVE-2025-39835 CVE-2025-39838 CVE-2025-39839 CVE-2025-39841                      CVE-2025-39842 CVE-2025-39843 CVE-2025-39844 CVE-2025-39845                      CVE-2025-39846 CVE-2025-39847 CVE-2025-39848 CVE-2025-39849                      CVE-2025-39853 CVE-2025-39857 CVE-2025-39860 CVE-2025-39864                      CVE-2025-39865 CVE-2025-39866 CVE-2025-40300

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    For the oldstable distribution (bookworm), these problems have been fixed     in version 6.1.153-1.

    We recommend that you upgrade your linux packages.

    For the detailed security status of linux please refer to its security     tracker page at:
    https://security-tracker.debian.org/tracker/linux

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - ACPI: pfr_update: Fix the driver update version check The security-version-number check should be used     rather than the runtime version check for driver updates. Otherwise, the firmware update would fail when     the update binary had a lower runtime version number than the current one. [ rjw: Changelog edits ]     (CVE-2025-39701)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
278702	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:03600-1)	Nessus	SuSE Local Security Checks	high
277010	openSUSE 16 Security Update : kernel (openSUSE-SU-2025-20081-1)	Nessus	SuSE Local Security Checks	high
275831	SUSE SLES15 Security Update : kernel (SUSE-SU-2025:4141-1)	Nessus	SuSE Local Security Checks	high
275757	SUSE SLES15 Security Update : kernel (SUSE-SU-2025:4132-1)	Nessus	SuSE Local Security Checks	high
275294	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2025:4057-1)	Nessus	SuSE Local Security Checks	high
271407	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:3751-1)	Nessus	SuSE Local Security Checks	high
270738	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:03634-1)	Nessus	SuSE Local Security Checks	high
270134	Debian dla-4328 : linux-config-6.1 - security update	Nessus	Debian Local Security Checks	high
266289	Photon OS 5.0: Linux PHSA-2025-5.0-0630	Nessus	PhotonOS Local Security Checks	high
265710	Debian dsa-6008 : ata-modules-6.12.31-armmp-di - security update	Nessus	Debian Local Security Checks	high
265709	Debian dsa-6009 : affs-modules-6.1.0-37-4kc-malta-di - security update	Nessus	Debian Local Security Checks	medium
261617	Linux Distros Unpatched Vulnerability : CVE-2025-39701	Nessus	Misc.	high

Detections

Analytics

CVE-2025-39701

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

medium

high