SUSE SLES12 Security Update : kernel (SUSE-SU-2025:01600-1)

high Nessus Plugin ID 237099

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01600-1 advisory.

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2021-47659: drm/plane: Move range check for format_count earlier (bsc#1237839).
- CVE-2022-49044: dm integrity: fix memory corruption when tag_size is less than digest size (bsc#1237840).
- CVE-2022-49055: drm/amdkfd: Check for potential null return of kmalloc_array() (bsc#1237868).
- CVE-2022-49060: net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() (bsc#1237845).
- CVE-2022-49086: net: openvswitch: fix leak of nested actions (bsc#1238037).
- CVE-2022-49111: Bluetooth: Fix use after free in hci_send_acl (bsc#1237984).
- CVE-2022-49118: scsi: hisi_sas: Free irq vectors in order for v3 HW (bsc#1237979).
- CVE-2022-49121: scsi: pm8001: Fix tag leaks on error (bsc#1237926).
- CVE-2022-49137: drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (bsc#1238155).
- CVE-2022-49175: PM: core: keep irq flags in device_pm_check_callbacks() (bsc#1238099).
- CVE-2022-49176: bfq: fix use-after-free in bfq_dispatch_request (bsc#1238097).
- CVE-2022-49179: block, bfq: do not move oom_bfqq (bsc#1238092).
- CVE-2022-49188: remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (bsc#1238138).
- CVE-2022-49197: af_netlink: Fix shift out of bounds in group mask calculation (bsc#1238455).
- CVE-2022-49205: bpf, sockmap: Fix double uncharge the mem of sk_msg (bsc#1238335).
- CVE-2022-49232: drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (bsc#1238139).
- CVE-2022-49290: mac80211: fix potential double free on mesh join (bsc#1238156).
- CVE-2022-49305: drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (bsc#1238645).
- CVE-2022-49325: tcp: add accessors to read/set tp->snd_cwnd (bsc#1238398).
- CVE-2022-49335: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (bsc#1238377).
- CVE-2022-49351: net: altera: Fix refcount leak in altera_tse_mdio_create (bsc#1237939).
- CVE-2022-49385: driver: base: fix UAF when driver_attach failed (bsc#1237951).
- CVE-2022-49390: macsec: fix UAF bug for real_dev (bsc#1238233).
- CVE-2022-49411: bfq: Make sure bfqg for which we are queueing requests is online (bsc#1238307).
- CVE-2022-49442: drivers/base/node.c: fix compaction sysfs file leak (bsc#1238243).
- CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
- CVE-2022-49478: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (bsc#1238000).
- CVE-2022-49489: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (bsc#1238244).
- CVE-2022-49504: scsi: lpfc: Inhibit aborts if external loopback plug is inserted (bsc#1238835).
- CVE-2022-49521: scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() (bsc#1238938).
- CVE-2022-49525: media: cx25821: Fix the warning when removing the module (bsc#1238022).
- CVE-2022-49534: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT (bsc#1238893).
- CVE-2022-49535: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI (bsc#1238937).
- CVE-2022-49536: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock (bsc#1238838).
- CVE-2022-49537: scsi: lpfc: Fix call trace observed during I/O with CMF enabled (bsc#1238930).
- CVE-2022-49542: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() (bsc#1238722).
- CVE-2022-49561: netfilter: conntrack: re-fetch conntrack after insertion (bsc#1238537).
- CVE-2022-49590: igmp: Fix data-races around sysctl_igmp_llm_reports (bsc#1238844).
- CVE-2022-49658: bpf, selftests: Add verifier test case for imm=0,umin=0,umax=1 scalar (bsc#1238803).
- CVE-2022-49668: PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (bsc#1237957).
- CVE-2022-49693: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (bsc#1237954).
- CVE-2022-49725: i40e: Fix call trace in setup_tx_descriptors (bsc#1238016).
- CVE-2022-49728: kABI workaround for changeing the variable length type to size_t (bsc#1239111).
- CVE-2022-49730: scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted (bsc#1239070).
- CVE-2022-49749: i2c: designware: use casting of u64 in clock multiplication to avoid overflow (bsc#1240243).
- CVE-2022-49753: dmaengine: Fix double increment of client_count in dma_chan_get() (bsc#1240250).
- CVE-2023-53023: net: nfc: Fix use-after-free in local_cleanup() (bsc#1240309).
- CVE-2023-53032: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function (bsc#1240270).
- CVE-2024-49994: block: fix integer overflow in BLKSECDISCARD (bsc#1237757).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50272: filemap: Fix bounds checking in filemap_read() (bsc#1233461 bsc#1234209).
- CVE-2024-52559: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (bsc#1238507).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56590: skbuff: introduce skb_pull_data (bsc#1235038).
- CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-57980: media: uvcvideo: Fix double free in error path (bsc#1237911).
- CVE-2024-57981: usb: xhci: Fix NULL pointer dereference on certain command aborts (bsc#1237912).
- CVE-2024-58005: tpm: Change to kvalloc() in eventlog/acpi.c (bsc#1237873).
- CVE-2024-58009: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (bsc#1238760).
- CVE-2024-58017: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950 bsc#1239112).
- CVE-2024-58063: wifi: rtlwifi: fix memory leaks and invalid access at probe error path (bsc#1238984).
- CVE-2024-58093: PCI/ASPM: Fix link state exit during switch upstream function removal (bsc#1241347).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21735: NFC: nci: Add bounds checking in nci_hci_create_pipe() (bsc#1238497).
- CVE-2025-21750: wifi: brcmfmac: Check the return value of of_property_read_string_index() (bsc#1238905).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
- CVE-2025-21779: KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (bsc#1238768).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21909: wifi: nl80211: reject cooked mode if it is set along with other flags (bsc#1240590).
- CVE-2025-21910: wifi: cfg80211: regulatory: improve invalid hints checking (bsc#1240583).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21927: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (bsc#1240714).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21941: drm/amd/display: Fix null check for pipe_ctx->plane_state in (bsc#1240701).
- CVE-2025-21948: HID: appleir: Fix potential NULL dereference at raw event handle (bsc#1240703).
- CVE-2025-21956: drm/amd/display: Assign normalized_pix_clk when color depth = 14 (bsc#1240739).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21976: fbdev: hyperv_fb: Allow graceful removal of framebuffer (bsc#1241145).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22008: regulator: check that dummy regulator has been probed before using it (bsc#1240942).
- CVE-2025-22010: RDMA/hns: Fix soft lockup during bt pages loop (bsc#1240943).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22086: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (bsc#1241458).
- CVE-2025-23131: dlm: prevent NPD when writing a positive value to event_done (bsc#1241601).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 237099

File Name: suse_SU-2025-01600-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 5/22/2025

Updated: 5/22/2025

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-21927

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-default-kgraft, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_258-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/20/2025

Vulnerability Publication Date: 7/15/2022

Reference Information

CVE: CVE-2020-36789, CVE-2021-47659, CVE-2021-47668, CVE-2021-47669, CVE-2022-49044, CVE-2022-49055, CVE-2022-49060, CVE-2022-49086, CVE-2022-49111, CVE-2022-49118, CVE-2022-49121, CVE-2022-49137, CVE-2022-49171, CVE-2022-49175, CVE-2022-49176, CVE-2022-49179, CVE-2022-49188, CVE-2022-49197, CVE-2022-49205, CVE-2022-49232, CVE-2022-49290, CVE-2022-49305, CVE-2022-49325, CVE-2022-49335, CVE-2022-49351, CVE-2022-49385, CVE-2022-49390, CVE-2022-49411, CVE-2022-49442, CVE-2022-49465, CVE-2022-49478, CVE-2022-49489, CVE-2022-49504, CVE-2022-49521, CVE-2022-49525, CVE-2022-49534, CVE-2022-49535, CVE-2022-49536, CVE-2022-49537, CVE-2022-49542, CVE-2022-49561, CVE-2022-49590, CVE-2022-49658, CVE-2022-49668, CVE-2022-49693, CVE-2022-49725, CVE-2022-49728, CVE-2022-49730, CVE-2022-49749, CVE-2022-49753, CVE-2023-53023, CVE-2023-53032, CVE-2024-46763, CVE-2024-46865, CVE-2024-49994, CVE-2024-50038, CVE-2024-50272, CVE-2024-52559, CVE-2024-54683, CVE-2024-56590, CVE-2024-56641, CVE-2024-57924, CVE-2024-57980, CVE-2024-57981, CVE-2024-58005, CVE-2024-58009, CVE-2024-58017, CVE-2024-58063, CVE-2024-58093, CVE-2025-21635, CVE-2025-21735, CVE-2025-21750, CVE-2025-21758, CVE-2025-21764, CVE-2025-21768, CVE-2025-21772, CVE-2025-21779, CVE-2025-21806, CVE-2025-21862, CVE-2025-21881, CVE-2025-21909, CVE-2025-21910, CVE-2025-21926, CVE-2025-21927, CVE-2025-21931, CVE-2025-21941, CVE-2025-21948, CVE-2025-21956, CVE-2025-21957, CVE-2025-21963, CVE-2025-21964, CVE-2025-21976, CVE-2025-22004, CVE-2025-22008, CVE-2025-22010, CVE-2025-22018, CVE-2025-22053, CVE-2025-22055, CVE-2025-22060, CVE-2025-22086, CVE-2025-23131, CVE-2025-37785

SuSE: SUSE-SU-2025:01600-1

Detections

Analytics