Detections
Analytics
SUSE SLES12 Security Update : kernel (SUSE-SU-2025:03204-1)
medium Nessus Plugin ID 264665
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03204-1 advisory.The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-49967: bpf: Fix a data-race around bpf_jit_limit (bsc#1244964).
- CVE-2022-49975: bpf: Don't redirect packets with invalid pkt_len (bsc#1245196).
- CVE-2022-49980: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (bsc#1245110).
- CVE-2022-49981: HID: hidraw: fix memory leak in hidraw_release() (bsc#1245072).
- CVE-2022-50007: xfrm: fix refcount leak in __xfrm_policy_check() (bsc#1245016).
- CVE-2022-50066: net: atlantic: fix aq_vec index out of range error (bsc#1244985).
- CVE-2022-50080: tee: add overflow check in register_shm_helper() (bsc#1244972).
- CVE-2022-50116: kernel: tty: n_gsm: fix deadlock and link starvation in outgoing data path (bsc#1244824).
- CVE-2022-50127: RDMA/rxe: Fix error unwind in rxe_create_qp() (bsc#1244815).
- CVE-2022-50138: RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (bsc#1244797).
- CVE-2022-50141: mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch (bsc#1244794).
- CVE-2022-50162: wifi: libertas: Fix possible refcount leak in if_usb_probe() (bsc#1244773).
- CVE-2022-50185: drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() (bsc#1244887).
- CVE-2022-50191: regulator: of: Fix refcount leak bug in of_get_regulation_constraints() (bsc#1244899).
- CVE-2022-50228: KVM: SVM: Do not BUG if userspace injects an interrupt with GIF=0 (bsc#1244854).
- CVE-2022-50229: ALSA: bcd2000: Fix a UAF bug on the error path of probing (bsc#1244856).
- CVE-2023-52813: crypto: pcrypt - Fix hungtask for PADATA_RESET (bsc#1225527).
- CVE-2023-53020: l2tp: close all race conditions in l2tp_tunnel_register() (bsc#1240224).
- CVE-2024-28956: x86/its: Enable Indirect Target Selection mitigation (bsc#1242006).
- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
- CVE-2025-23141: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782).
- CVE-2025-38075: scsi: target: iscsi: Fix timeout on deleted connection (bsc#1244734).
- CVE-2025-38102: VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify (bsc#1245669).
- CVE-2025-38103: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (bsc#1245663).
- CVE-2025-38117: Bluetooth: MGMT: protect mgmt_pending list with its own lock (bsc#1245695).
- CVE-2025-38122: gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (bsc#1245746).
- CVE-2025-38153: net: usb: aqc111: fix error handling of usbnet read calls (bsc#1245744).
- CVE-2025-38173: crypto: marvell/cesa - Handle zero-length skcipher requests (bsc#1245769).
- CVE-2025-38174: thunderbolt: Do not double dequeue a configuration request (bsc#1245781).
- CVE-2025-38184: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (bsc#1245956).
- CVE-2025-38185: atm: atmtcp: Free invalid length skb in atmtcp_c_send() (bsc#1246012).
- CVE-2025-38190: atm: Revert atm_account_tx() if copy_from_iter_full() fails (bsc#1245973).
- CVE-2025-38214: fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var (bsc#1246042).
- CVE-2025-38245: atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (bsc#1246193).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38313: bus: fsl-mc: fix double-free on mc_dev (bsc#1246342).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38386: ACPICA: Refuse to evaluate a method if arguments are missing (bsc#1247138).
- CVE-2025-38424: perf: Fix sample vs do_exit() (bsc#1246547 bsc#1247293).
- CVE-2025-38430: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (bsc#1247160).
- CVE-2025-38449: drm/gem: Acquire references on GEM handles for framebuffers (bsc#1247255).
- CVE-2025-38457: net/sched: Abort __tc_modify_qdisc if parent class does not exist (bsc#1247098).
- CVE-2025-38460: atm: clip: Fix potential null-ptr-deref in to_atmarpd() (bsc#1247143).
- CVE-2025-38464: tipc: Fix use-after-free in tipc_conn_close() (bsc#1247112).
- CVE-2025-38465: netlink: Fix wraparounds of sk->sk_rmem_alloc (bsc#1247118).
- CVE-2025-38470: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime (bsc#1247288).
- CVE-2025-38473: Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (bsc#1247289).
- CVE-2025-38474: usb: net: sierra: check for no status endpoint (bsc#1247311).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
- CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1247976).
- CVE-2025-38512: wifi: prevent A-MSDU attacks in mesh networks (bsc#1248178).
- CVE-2025-38513: wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (bsc#1248179).
- CVE-2025-38515: drm/sched: Increment job count before swapping tail spsc queue (bsc#1248212).
- CVE-2025-38546: atm: clip: Fix memory leak of struct clip_vcc (bsc#1248223).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38563: perf/core: Prevent VMA split of buffer mappings (bsc#1248306).
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1248621).
- CVE-2025-38618: vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511).
- CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248748).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1225527
https://bugzilla.suse.com/1240224
https://bugzilla.suse.com/1241292
https://bugzilla.suse.com/1242006
https://bugzilla.suse.com/1242782
https://bugzilla.suse.com/1244337
https://bugzilla.suse.com/1244734
https://bugzilla.suse.com/1244773
https://bugzilla.suse.com/1244794
https://bugzilla.suse.com/1244797
https://bugzilla.suse.com/1244815
https://bugzilla.suse.com/1244824
https://bugzilla.suse.com/1244854
https://bugzilla.suse.com/1244856
https://bugzilla.suse.com/1244887
https://bugzilla.suse.com/1244899
https://bugzilla.suse.com/1244964
https://bugzilla.suse.com/1244972
https://bugzilla.suse.com/1244985
https://bugzilla.suse.com/1245016
https://bugzilla.suse.com/1245072
https://bugzilla.suse.com/1245110
https://bugzilla.suse.com/1245196
https://bugzilla.suse.com/1245663
https://bugzilla.suse.com/1245669
https://bugzilla.suse.com/1245695
https://bugzilla.suse.com/1245744
https://bugzilla.suse.com/1245746
https://bugzilla.suse.com/1245769
https://bugzilla.suse.com/1245781
https://bugzilla.suse.com/1245956
https://bugzilla.suse.com/1245973
https://bugzilla.suse.com/1246012
https://bugzilla.suse.com/1246042
https://bugzilla.suse.com/1246193
https://bugzilla.suse.com/1246248
https://bugzilla.suse.com/1246342
https://bugzilla.suse.com/1246547
https://bugzilla.suse.com/1246879
https://bugzilla.suse.com/1246911
https://bugzilla.suse.com/1247098
https://bugzilla.suse.com/1247112
https://bugzilla.suse.com/1247118
https://bugzilla.suse.com/1247138
https://bugzilla.suse.com/1247143
https://bugzilla.suse.com/1247160
https://bugzilla.suse.com/1247172
https://bugzilla.suse.com/1247255
https://bugzilla.suse.com/1247288
https://bugzilla.suse.com/1247289
https://bugzilla.suse.com/1247293
https://bugzilla.suse.com/1247311
https://bugzilla.suse.com/1247374
https://bugzilla.suse.com/1247929
https://bugzilla.suse.com/1247976
https://bugzilla.suse.com/1248108
https://bugzilla.suse.com/1248130
https://bugzilla.suse.com/1248178
https://bugzilla.suse.com/1248179
https://bugzilla.suse.com/1248212
https://bugzilla.suse.com/1248223
https://bugzilla.suse.com/1248296
https://bugzilla.suse.com/1248306
https://bugzilla.suse.com/1248377
https://bugzilla.suse.com/1248511
https://bugzilla.suse.com/1248621
https://bugzilla.suse.com/1248748
http://www.nessus.org/u?232bc767
https://www.suse.com/security/cve/CVE-2022-49967
https://www.suse.com/security/cve/CVE-2022-49975
https://www.suse.com/security/cve/CVE-2022-49980
https://www.suse.com/security/cve/CVE-2022-49981
https://www.suse.com/security/cve/CVE-2022-50007
https://www.suse.com/security/cve/CVE-2022-50066
https://www.suse.com/security/cve/CVE-2022-50080
https://www.suse.com/security/cve/CVE-2022-50116
https://www.suse.com/security/cve/CVE-2022-50127
https://www.suse.com/security/cve/CVE-2022-50138
https://www.suse.com/security/cve/CVE-2022-50141
https://www.suse.com/security/cve/CVE-2022-50162
https://www.suse.com/security/cve/CVE-2022-50185
https://www.suse.com/security/cve/CVE-2022-50191
https://www.suse.com/security/cve/CVE-2022-50228
https://www.suse.com/security/cve/CVE-2022-50229
https://www.suse.com/security/cve/CVE-2023-52813
https://www.suse.com/security/cve/CVE-2023-53020
https://www.suse.com/security/cve/CVE-2024-28956
https://www.suse.com/security/cve/CVE-2025-22022
https://www.suse.com/security/cve/CVE-2025-23141
https://www.suse.com/security/cve/CVE-2025-38075
https://www.suse.com/security/cve/CVE-2025-38102
https://www.suse.com/security/cve/CVE-2025-38103
https://www.suse.com/security/cve/CVE-2025-38117
https://www.suse.com/security/cve/CVE-2025-38122
https://www.suse.com/security/cve/CVE-2025-38153
https://www.suse.com/security/cve/CVE-2025-38173
https://www.suse.com/security/cve/CVE-2025-38174
https://www.suse.com/security/cve/CVE-2025-38184
https://www.suse.com/security/cve/CVE-2025-38185
https://www.suse.com/security/cve/CVE-2025-38190
https://www.suse.com/security/cve/CVE-2025-38214
https://www.suse.com/security/cve/CVE-2025-38245
https://www.suse.com/security/cve/CVE-2025-38263
https://www.suse.com/security/cve/CVE-2025-38313
https://www.suse.com/security/cve/CVE-2025-38352
https://www.suse.com/security/cve/CVE-2025-38386
https://www.suse.com/security/cve/CVE-2025-38424
https://www.suse.com/security/cve/CVE-2025-38430
https://www.suse.com/security/cve/CVE-2025-38449
https://www.suse.com/security/cve/CVE-2025-38457
https://www.suse.com/security/cve/CVE-2025-38460
https://www.suse.com/security/cve/CVE-2025-38464
https://www.suse.com/security/cve/CVE-2025-38465
https://www.suse.com/security/cve/CVE-2025-38470
https://www.suse.com/security/cve/CVE-2025-38473
https://www.suse.com/security/cve/CVE-2025-38474
https://www.suse.com/security/cve/CVE-2025-38498
https://www.suse.com/security/cve/CVE-2025-38499
https://www.suse.com/security/cve/CVE-2025-38512
https://www.suse.com/security/cve/CVE-2025-38513
https://www.suse.com/security/cve/CVE-2025-38515
https://www.suse.com/security/cve/CVE-2025-38546
https://www.suse.com/security/cve/CVE-2025-38556
https://www.suse.com/security/cve/CVE-2025-38563
https://www.suse.com/security/cve/CVE-2025-38565
https://www.suse.com/security/cve/CVE-2025-38617
Plugin Details
Severity: Medium
ID: 264665
File Name: suse_SU-2025-03204-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 9/13/2025
Updated: 9/13/2025
Supported Sensors: Continuous Assessment, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.2
CVSS v2
Risk Factor: Low
Base Score: 3.8
Temporal Score: 3.1
Vector: CVSS2#AV:L/AC:H/Au:S/C:N/I:N/A:C
CVSS Score Source: CVE-2023-53020
CVSS v3
Risk Factor: Medium
Base Score: 4.7
Temporal Score: 4.4
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
CVSS v4
Risk Factor: Medium
Base Score: 5.7
Threat Score: 5.7
Threat Vector: CVSS:4.0/E:A
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS Score Source: CVE-2024-28956
Vulnerability Information
CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-default-man
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 9/12/2025
Vulnerability Publication Date: 10/11/2022
CISA Known Exploited Vulnerability Due Dates: 9/25/2025
Reference Information
CVE: CVE-2022-49967, CVE-2022-49975, CVE-2022-49980, CVE-2022-49981, CVE-2022-50007, CVE-2022-50066, CVE-2022-50080, CVE-2022-50116, CVE-2022-50127, CVE-2022-50138, CVE-2022-50141, CVE-2022-50162, CVE-2022-50185, CVE-2022-50191, CVE-2022-50228, CVE-2022-50229, CVE-2023-52813, CVE-2023-53020, CVE-2024-28956, CVE-2025-22022, CVE-2025-23141, CVE-2025-38075, CVE-2025-38102, CVE-2025-38103, CVE-2025-38117, CVE-2025-38122, CVE-2025-38153, CVE-2025-38173, CVE-2025-38174, CVE-2025-38184, CVE-2025-38185, CVE-2025-38190, CVE-2025-38214, CVE-2025-38245, CVE-2025-38263, CVE-2025-38313, CVE-2025-38352, CVE-2025-38386, CVE-2025-38424, CVE-2025-38430, CVE-2025-38449, CVE-2025-38457, CVE-2025-38460, CVE-2025-38464, CVE-2025-38465, CVE-2025-38470, CVE-2025-38473, CVE-2025-38474, CVE-2025-38498, CVE-2025-38499, CVE-2025-38512, CVE-2025-38513, CVE-2025-38515, CVE-2025-38546, CVE-2025-38556, CVE-2025-38563, CVE-2025-38565, CVE-2025-38617, CVE-2025-38618, CVE-2025-38644
SuSE: SUSE-SU-2025:03204-1