SUSE SLES15 Security Update : kernel (SUSE-SU-2025:4111-1)

high Nessus Plugin ID 275594

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4111-1 advisory.

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (bsc#1249859).
- CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() (bsc#1249857).
- CVE-2022-50490: bpf: Propagate error from htab_lock_bucket() to userspace (bsc#1251164).
- CVE-2022-50516: fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741).
- CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report() (bsc#1249988).
- CVE-2023-53500: xfrm: fix slab-use-after-free in decode_session6 (bsc#1250816).
- CVE-2023-53559: ip_vti: fix potential slab-use-after-free in decode_session6 (bsc#1251052).
- CVE-2023-53574: wifi: rtw88: delete timer and free skb queue when unloading (bsc#1251222).
- CVE-2023-53619: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free (bsc#1251743).
- CVE-2023-53673: Bluetooth: hci_event: call disconnect callback before deleting conn (bsc#1251763).
- CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (bsc#1252554).
- CVE-2025-39742: RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (bsc#1249479).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font (bsc#1252033).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40044: fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785).
- CVE-2025-40088: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (bsc#1252904).
- CVE-2025-40102: KVM: arm64: Prevent access to vCPU events before init (bsc#1252919).

The following non security issues were fixed:

- fbcon: Fix OOB access in font allocation (bsc#1252033)
- mm: avoid unnecessary page fault retires on shared memory types (bsc#1251823).
- net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 275594

File Name: suse_SU-2025-4111-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 11/18/2025

Updated: 11/18/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.1

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2022-43945

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-obs-build, p-cpe:/a:novell:suse_linux:reiserfs-kmp-default, p-cpe:/a:novell:suse_linux:kernel-zfcpdump, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-64kb, p-cpe:/a:novell:suse_linux:kernel-64kb-devel

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/15/2025

Vulnerability Publication Date: 9/4/2021

Reference Information

CVE: CVE-2022-43945, CVE-2022-50327, CVE-2022-50334, CVE-2022-50470, CVE-2022-50471, CVE-2022-50472, CVE-2022-50475, CVE-2022-50478, CVE-2022-50480, CVE-2022-50482, CVE-2022-50484, CVE-2022-50485, CVE-2022-50488, CVE-2022-50489, CVE-2022-50490, CVE-2022-50492, CVE-2022-50493, CVE-2022-50494, CVE-2022-50496, CVE-2022-50497, CVE-2022-50498, CVE-2022-50499, CVE-2022-50501, CVE-2022-50503, CVE-2022-50504, CVE-2022-50505, CVE-2022-50509, CVE-2022-50511, CVE-2022-50512, CVE-2022-50513, CVE-2022-50514, CVE-2022-50516, CVE-2022-50519, CVE-2022-50520, CVE-2022-50521, CVE-2022-50523, CVE-2022-50525, CVE-2022-50528, CVE-2022-50529, CVE-2022-50530, CVE-2022-50532, CVE-2022-50534, CVE-2022-50535, CVE-2022-50537, CVE-2022-50541, CVE-2022-50542, CVE-2022-50544, CVE-2022-50545, CVE-2022-50546, CVE-2022-50549, CVE-2022-50551, CVE-2022-50553, CVE-2022-50556, CVE-2022-50559, CVE-2022-50560, CVE-2022-50561, CVE-2022-50562, CVE-2022-50563, CVE-2022-50564, CVE-2022-50566, CVE-2022-50567, CVE-2022-50568, CVE-2022-50570, CVE-2022-50572, CVE-2022-50574, CVE-2022-50575, CVE-2022-50576, CVE-2022-50578, CVE-2022-50579, CVE-2022-50580, CVE-2022-50581, CVE-2022-50582, CVE-2023-52923, CVE-2023-53365, CVE-2023-53500, CVE-2023-53533, CVE-2023-53534, CVE-2023-53541, CVE-2023-53542, CVE-2023-53548, CVE-2023-53551, CVE-2023-53552, CVE-2023-53553, CVE-2023-53554, CVE-2023-53556, CVE-2023-53559, CVE-2023-53560, CVE-2023-53564, CVE-2023-53566, CVE-2023-53567, CVE-2023-53568, CVE-2023-53571, CVE-2023-53572, CVE-2023-53574, CVE-2023-53576, CVE-2023-53579, CVE-2023-53582, CVE-2023-53587, CVE-2023-53589, CVE-2023-53592, CVE-2023-53594, CVE-2023-53597, CVE-2023-53603, CVE-2023-53604, CVE-2023-53605, CVE-2023-53607, CVE-2023-53608, CVE-2023-53611, CVE-2023-53612, CVE-2023-53615, CVE-2023-53616, CVE-2023-53617, CVE-2023-53619, CVE-2023-53622, CVE-2023-53625, CVE-2023-53626, CVE-2023-53631, CVE-2023-53637, CVE-2023-53639, CVE-2023-53640, CVE-2023-53641, CVE-2023-53644, CVE-2023-53648, CVE-2023-53650, CVE-2023-53651, CVE-2023-53658, CVE-2023-53659, CVE-2023-53662, CVE-2023-53667, CVE-2023-53668, CVE-2023-53670, CVE-2023-53673, CVE-2023-53674, CVE-2023-53675, CVE-2023-53679, CVE-2023-53680, CVE-2023-53681, CVE-2023-53683, CVE-2023-53687, CVE-2023-53692, CVE-2023-53693, CVE-2023-53695, CVE-2023-53696, CVE-2023-53700, CVE-2023-53704, CVE-2023-53705, CVE-2023-53708, CVE-2023-53709, CVE-2023-53711, CVE-2023-53715, CVE-2023-53717, CVE-2023-53718, CVE-2023-53719, CVE-2023-53722, CVE-2023-53723, CVE-2023-53724, CVE-2023-53725, CVE-2023-53726, CVE-2023-53730, CVE-2023-7324, CVE-2025-39742, CVE-2025-39797, CVE-2025-39945, CVE-2025-39965, CVE-2025-39967, CVE-2025-39968, CVE-2025-39973, CVE-2025-39978, CVE-2025-40018, CVE-2025-40044, CVE-2025-40088, CVE-2025-40102

SuSE: SUSE-SU-2025:4111-1

Detections

Analytics

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:4111-1)

high Nessus Plugin ID 275594

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

VPR

CVSS v2

CVSS v3

Vulnerability Information

Reference Information