SUSE SLES12 Security Update : kernel (SUSE-SU-2025:01983-1)

high Nessus Plugin ID 240793

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01983-1 advisory.

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2021-47670: can: peak_usb: fix use after free bugs (bsc#1241407).
- CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032).
- CVE-2022-49145: ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (bsc#1238162).
- CVE-2022-49168: btrfs: do not clean up repair bio if submit fails (bsc#1238109).
- CVE-2022-49190: kernel/resource: fix kfree() of bootmem memory again (bsc#1238130).
- CVE-2022-49212: mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init (bsc#1238331).
- CVE-2022-49216: drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (bsc#1238338).
- CVE-2022-49235: ath9k_htc: fix uninit value bugs (bsc#1238333).
- CVE-2022-49248: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (bsc#1238284).
- CVE-2022-49253: media: usb: go7007: s2250-board: fix leak in probe() (bsc#1238420).
- CVE-2022-49320: dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (bsc#1238394).
- CVE-2022-49326: rtl818x: Prevent using not initialized queues (bsc#1238646).
- CVE-2022-49371: driver core: fix deadlock in __device_attach (bsc#1238546).
- CVE-2022-49382: soc: rockchip: Fix refcount leak in rockchip_grf_init (bsc#1238306).
- CVE-2022-49396: phy: qcom-qmp: fix reset-controller leak on probe errors (bsc#1238289).
- CVE-2022-49420: net: annotate races around sk->sk_bound_dev_if (bsc#1238887).
- CVE-2022-49441: tty: fix deadlock caused by calling printk() under tty_port->lock (bsc#1238263).
- CVE-2022-49445: pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() (bsc#1238019).
- CVE-2022-49460: PM / devfreq: rk3399_dmc: Disable edev on remove() (bsc#1238892).
- CVE-2022-49467: drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (bsc#1238815).
- CVE-2022-49474: Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (bsc#1238071).
- CVE-2022-49491: drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (bsc#1238539).
- CVE-2022-49503: ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix (bsc#1238868).
- CVE-2022-49592: net: stmmac: fix dma queue left shift overflow issue (bsc#1238311).
- CVE-2022-49625: sfc: fix kernel panic when creating VF (bsc#1238411).
- CVE-2022-49635: drm/i915/selftests: fix subtraction overflow bug (bsc#1238806).
- CVE-2022-49652: dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (bsc#1238871).
- CVE-2022-49715: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (bsc#1238818).
- CVE-2022-49728: kABI workaround for changeing the variable length type to size_t (bsc#1239111).
- CVE-2022-49729: nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (bsc#1239060).
- CVE-2022-49751: w1: fix WARNING after calling w1_process() (bsc#1240254).
- CVE-2022-49761: btrfs: always report error in run_one_delayed_ref() (bsc#1240261).
- CVE-2022-49772: ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open() (bsc#1242147).
- CVE-2022-49775: tcp: cdg: allow tcp_cdg_release() to be called multiple times (bsc#1242245).
- CVE-2022-49776: macvlan: enforce a consistent minimal mtu (bsc#1242248).
- CVE-2022-49787: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put() (bsc#1242352).
- CVE-2022-49788: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (bsc#1242353).
- CVE-2022-49813: net: ena: Fix error handling in ena_init() (bsc#1242497).
- CVE-2022-49821: mISDN: fix possible memory leak in mISDN_dsp_element_register() (bsc#1242542).
- CVE-2022-49826: ata: libata-transport: fix double ata_host_put() in ata_tport_add() (bsc#1242549).
- CVE-2022-49829: drm/scheduler: fix fence ref counting (bsc#1242691).
- CVE-2022-49832: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map (bsc#1242154).
- CVE-2022-49835: ALSA: hda: fix potential memleak in 'add_widget_node' (bsc#1242385).
- CVE-2022-49840: bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() (bsc#1242447).
- CVE-2022-49842: ASoC: soc-utils: Remove __exit for snd_soc_util_exit() (bsc#1242484).
- CVE-2022-49853: net: macvlan: fix memory leaks of macvlan_common_newlink (bsc#1242688).
- CVE-2022-49861: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() (bsc#1242580).
- CVE-2022-49862: tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header (bsc#1242755).
- CVE-2022-49865: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network (bsc#1242570).
- CVE-2022-49871: net: tun: call napi_schedule_prep() to ensure we own a napi (bsc#1242558).
- CVE-2022-49872: net: gso: fix panic on frag_list with mixed head alloc types (bsc#1242594).
- CVE-2022-49874: HID: hyperv: fix possible memory leak in mousevsc_probe() (bsc#1242478).
- CVE-2022-49898: btrfs: fix tree mod log mishandling of reallocated nodes (bsc#1242472).
- CVE-2022-49907: net: mdio: fix undefined behavior in bit shift for __mdiobus_register (bsc#1242450).
- CVE-2022-49913: btrfs: fix inode list leak during backref walking at find_parent_nodes() (bsc#1242470).
- CVE-2022-49914: btrfs: fix inode list leak during backref walking at resolve_indirect_refs() (bsc#1242427).
- CVE-2022-49922: nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send() (bsc#1242378).
- CVE-2022-49923: nfc: nxp-nci: Fix potential memory leak in nxp_nci_send() (bsc#1242394).
- CVE-2022-49924: nfc: fdp: Fix potential memory leak in fdp_nci_send() (bsc#1242426).
- CVE-2022-49925: RDMA/core: Fix null-ptr-deref in ib_core_cleanup() (bsc#1242371).
- CVE-2022-49931: IB/hfi1: Correctly move list in sc_disable() (bsc#1242382).
- CVE-2023-52868: thermal: core: prevent potential string overflow (bsc#1225044).
- CVE-2023-52975: scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (bsc#1240322).
- CVE-2023-52988: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() (bsc#1240293).
- CVE-2023-52989: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region (bsc#1240266).
- CVE-2023-52993: x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL (bsc#1240297).
- CVE-2023-53039: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function (bsc#1242745).
- CVE-2023-53045: usb: gadget: u_audio: do not let userspace block driver unbind (bsc#1242756).
- CVE-2023-53066: qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info (bsc#1242227).
- CVE-2023-53079: net/mlx5: Fix steering rules cleanup (bsc#1242765).
- CVE-2023-53080: xsk: Add missing overflow check in xdp_umem_reg (bsc#1242287).
- CVE-2023-53094: tty: serial: fsl_lpuart: fix race on RX DMA shutdown (bsc#1242288).
- CVE-2023-53103: bonding: Fix memory leak when changing bond type to Ethernet (bsc#1242408).
- CVE-2023-53114: i40e: Fix kernel crash during reboot when adapter is in recovery mode (bsc#1242398).
- CVE-2023-53139: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties (bsc#1242361).
- CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).
- CVE-2024-27010: net/sched: Fix mirred deadlock on device recursion (bsc#1223720).
- CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
- CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info() (bsc#1230786).
- CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
- CVE-2024-50106: nfsd: fix race between laundromat and free_stateid() (bsc#1232882).
- CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (bsc#1234887).
- CVE-2024-56779: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (bsc#1235632).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21704: usb: cdc-acm: Check control transfer buffer size before access (bsc#1237571).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22027: media: streamzap: fix race between device disconnection and urb callback (bsc#1241369).
- CVE-2025-22050: usbnet:fix NPE during rx_complete (bsc#1241441).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-23136: thermal: int340x: Add NULL check for adev (bsc#1241357).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23161: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (bsc#1242792).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37752: net_sched: sch_sfq: move the limit validation (bsc#1242504).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37782: hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (bsc#1242770).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37794: wifi: mac80211: Purge vif txq in ieee80211_do_stop() (bsc#1242566).
- CVE-2025-37796: wifi: at76c50x: fix use after free access in at76_disconnect (bsc#1242727).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37852: drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (bsc#1243074).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37989: net: phy: leds: fix memory leak (bsc#1243511).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 240793

File Name: suse_SU-2025-01983-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 6/27/2025

Updated: 6/27/2025

Supported Sensors: Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2021-20320

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2025-21969

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-default-man

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 6/17/2025

Vulnerability Publication Date: 7/21/2021

Reference Information

CVE: CVE-2020-36791, CVE-2021-20320, CVE-2021-4159, CVE-2021-47170, CVE-2021-47670, CVE-2022-3564, CVE-2022-48875, CVE-2022-49139, CVE-2022-49145, CVE-2022-49168, CVE-2022-49190, CVE-2022-49212, CVE-2022-49216, CVE-2022-49235, CVE-2022-49248, CVE-2022-49253, CVE-2022-49320, CVE-2022-49326, CVE-2022-49371, CVE-2022-49382, CVE-2022-49396, CVE-2022-49420, CVE-2022-49441, CVE-2022-49445, CVE-2022-49460, CVE-2022-49467, CVE-2022-49474, CVE-2022-49491, CVE-2022-49503, CVE-2022-49592, CVE-2022-49625, CVE-2022-49635, CVE-2022-49652, CVE-2022-49715, CVE-2022-49728, CVE-2022-49729, CVE-2022-49751, CVE-2022-49761, CVE-2022-49769, CVE-2022-49771, CVE-2022-49772, CVE-2022-49775, CVE-2022-49776, CVE-2022-49787, CVE-2022-49788, CVE-2022-49789, CVE-2022-49813, CVE-2022-49818, CVE-2022-49821, CVE-2022-49822, CVE-2022-49826, CVE-2022-49829, CVE-2022-49832, CVE-2022-49835, CVE-2022-49840, CVE-2022-49842, CVE-2022-49846, CVE-2022-49853, CVE-2022-49861, CVE-2022-49862, CVE-2022-49865, CVE-2022-49871, CVE-2022-49872, CVE-2022-49874, CVE-2022-49877, CVE-2022-49880, CVE-2022-49889, CVE-2022-49892, CVE-2022-49898, CVE-2022-49906, CVE-2022-49907, CVE-2022-49909, CVE-2022-49910, CVE-2022-49913, CVE-2022-49914, CVE-2022-49915, CVE-2022-49922, CVE-2022-49923, CVE-2022-49924, CVE-2022-49925, CVE-2022-49927, CVE-2022-49931, CVE-2023-1074, CVE-2023-1989, CVE-2023-1990, CVE-2023-52868, CVE-2023-52975, CVE-2023-52988, CVE-2023-52989, CVE-2023-52993, CVE-2023-53039, CVE-2023-53041, CVE-2023-53044, CVE-2023-53045, CVE-2023-53051, CVE-2023-53056, CVE-2023-53060, CVE-2023-53062, CVE-2023-53066, CVE-2023-53068, CVE-2023-53075, CVE-2023-53078, CVE-2023-53079, CVE-2023-53080, CVE-2023-53094, CVE-2023-53100, CVE-2023-53101, CVE-2023-53103, CVE-2023-53106, CVE-2023-53108, CVE-2023-53109, CVE-2023-53114, CVE-2023-53119, CVE-2023-53121, CVE-2023-53124, CVE-2023-53125, CVE-2023-53131, CVE-2023-53139, CVE-2023-53140, CVE-2023-53141, CVE-2023-53145, CVE-2024-26740, CVE-2024-26804, CVE-2024-27010, CVE-2024-45021, CVE-2024-46751, CVE-2024-46752, CVE-2024-50106, CVE-2024-53168, CVE-2024-56633, CVE-2024-56779, CVE-2025-21648, CVE-2025-21702, CVE-2025-21704, CVE-2025-21787, CVE-2025-21814, CVE-2025-21969, CVE-2025-22021, CVE-2025-22025, CVE-2025-22027, CVE-2025-22050, CVE-2025-22058, CVE-2025-22060, CVE-2025-22063, CVE-2025-22104, CVE-2025-23136, CVE-2025-23150, CVE-2025-23161, CVE-2025-37749, CVE-2025-37752, CVE-2025-37780, CVE-2025-37782, CVE-2025-37789, CVE-2025-37794, CVE-2025-37796, CVE-2025-37797, CVE-2025-37798, CVE-2025-37823, CVE-2025-37833, CVE-2025-37852, CVE-2025-37871, CVE-2025-37879, CVE-2025-37932, CVE-2025-37948, CVE-2025-37949, CVE-2025-37953, CVE-2025-37963, CVE-2025-37989, CVE-2025-38637

SuSE: SUSE-SU-2025:01983-1

Detections

Analytics