SUSE SLES12 Security Update : kernel (SUSE-SU-2025:4189-1)

high Nessus Plugin ID 276910

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4189-1 advisory.

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2021-4460: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning (bsc#1250764).
- CVE-2022-48631: ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 (bsc#1223475).
- CVE-2022-50236: iommu/mediatek: Fix crash on isr after kexec() (bsc#1249702).
- CVE-2022-50249: memory: of: Fix refcount leak bug in of_get_ddr_timings() (bsc#1249747).
- CVE-2022-50280: pnode: terminate at peers of source (bsc#1249806).
- CVE-2022-50293: btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range (bsc#1249752).
- CVE-2022-50327: ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value (bsc#1249859).
- CVE-2022-50350: scsi: target: iscsi: Fix a race condition between login_work and the login thread (bsc#1250261).
- CVE-2022-50356: net: sched: sfb: fix null pointer access issue when sfb_init() fails (bsc#1250040).
- CVE-2022-50367: fs: fix UAF/GPF bug in nilfs_mdt_destroy (bsc#1250277).
- CVE-2022-50394: i2c: ismt: Fix an out-of-bounds bug in ismt_access() (bsc#1250107).
- CVE-2022-50395: integrity: Fix memory leakage in keyring allocation error path (bsc#1250211).
- CVE-2022-50423: ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() (bsc#1250784).
- CVE-2022-50443: drm/rockchip: lvds: fix PM usage counter unbalance in poweron (bsc#1250768).
- CVE-2022-50459: scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() (bsc#1250850).
- CVE-2022-50481: cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter() (bsc#1251051).
- CVE-2022-50485: ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode (bsc#1251197).
- CVE-2022-50505: iommu/amd: Fix pci device refcount leak in ppr_notifier() (bsc#1251086).
- CVE-2022-50516: fs: dlm: fix invalid derefence of sb_lvbptr (bsc#1251741).
- CVE-2022-50542: media: si470x: Fix use-after-free in si470x_int_in_callback() (bsc#1251330).
- CVE-2022-50571: btrfs: call __btrfs_remove_free_space_cache_locked on cache load failure (bsc#1252487).
- CVE-2023-53183: btrfs: exit gracefully if reloc roots don't match (bsc#1249863).
- CVE-2023-53185: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes (bsc#1249820).
- CVE-2023-53188: net: openvswitch: fix race on port output (bsc#1249854).
- CVE-2023-53191: irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains (bsc#1249721).
- CVE-2023-53204: af_unix: Fix data-races around user->unix_inflight (bsc#1249682).
- CVE-2023-53271: ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() (bsc#1249916).
- CVE-2023-53282: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write (bsc#1250311).
- CVE-2023-53289: media: bdisp: Add missing check for create_workqueue (bsc#1249941).
- CVE-2023-53292: blk-mq: protect q->elevator by ->sysfs_lock in blk_mq_elv_switch_none (bsc#1250163).
- CVE-2023-53338: lwt: Fix return values of BPF xmit ops (bsc#1250074).
- CVE-2023-53339: btrfs: fix BUG_ON condition in btrfs_cancel_balance (bsc#1250329).
- CVE-2023-53373: crypto: seqiv - Handle EBUSY correctly (bsc#1250137).
- CVE-2023-53433: net: add vlan_get_protocol_and_depth() helper (bsc#1250164).
- CVE-2023-53476: iw_cxgb4: Fix potential NULL dereference in c4iw_fill_res_cm_id_entry() (bsc#1250839).
- CVE-2023-53477: ipv6: Add lwtunnel encap size of all siblings in nexthop calculation (bsc#1250840).
- CVE-2023-53484: lib: cpu_rmap: Avoid use after free on rmap->obj array entries (bsc#1250895).
- CVE-2023-53517: tipc: do not update mtu if msg_max is too small in mtu negotiation (bsc#1250919).
- CVE-2023-53519: media: v4l2-mem2mem: add lock to protect parameter num_rdy (bsc#1250964).
- CVE-2023-53540: wifi: cfg80211: reject auth/assoc to AP with our address (bsc#1251053).
- CVE-2023-53548: net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb (bsc#1251066).
- CVE-2023-53556: iavf: Fix use-after-free in free_netdev (bsc#1251059).
- CVE-2023-53559: ip_vti: fix potential slab-use-after-free in decode_session6 (bsc#1251052).
- CVE-2023-53582: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds (bsc#1251061).
- CVE-2023-53589: wifi: iwlwifi: mvm: don't trust firmware n_channels (bsc#1251129).
- CVE-2023-53593: cifs: Release folio lock on fscache read hit (bsc#1251132).
- CVE-2023-53594: driver core: fix resource leak in device_add() (bsc#1251166).
- CVE-2023-53596: drivers: base: Free devm resources when unregistering a device (bsc#1251161).
- CVE-2023-53619: netfilter: conntrack: Avoid nf_ct_helper_hash uses after free (bsc#1251743).
- CVE-2023-53620: md: fix soft lockup in status_resync.
- CVE-2023-53624: net/sched: sch_fq: fix integer overflow of 'credit' (bsc#1251333).
- CVE-2023-53635: netfilter: conntrack: fix wrong ct->timeout value (bsc#1251524).
- CVE-2023-53648: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer (bsc#1251750).
- CVE-2023-53687: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk (bsc#1251772).
- CVE-2023-53695: udf: Detect system inodes linked into directory hierarchy (bsc#1252539).
- CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (bsc#1252554).
- CVE-2023-53707: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 (bsc#1252632).
- CVE-2023-53715: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex (bsc#1252545).
- CVE-2023-53717: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() (bsc#1252560).
- CVE-2023-53733: net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode (bsc#1252685).
- CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
- CVE-2025-38680: media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (bsc#1249203).
- CVE-2025-38691: pNFS: Fix uninited ptr deref in block/scsi layout (bsc#1249215).
- CVE-2025-38695: scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1249285).
- CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (bsc#1249182).
- CVE-2025-38714: hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read() (bsc#1249260).
- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
- CVE-2025-38724: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (bsc#1249169).
- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
- CVE-2025-39724: serial: 8250: fix panic due to PSLVERR (bsc#1249265).
- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
- CVE-2025-39772: drm/hisilicon/hibmc: fix the hibmc loaded failed bug (bsc#1249506).
- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
- CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
- CVE-2025-39841: scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250274).
- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
- CVE-2025-39923: dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (bsc#1250741).
- CVE-2025-39929: smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path (bsc#1251036).
- CVE-2025-39931: crypto: af_alg - Set merge to zero early in af_alg_sendmsg (bsc#1251100).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
- CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39970: i40e: Fix filter input checks to prevent config with invalid values (bsc#1252051).
- CVE-2025-39971: i40e: Add bounds check for ch[] array (bsc#1252052).
- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39997: ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (bsc#1252056).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40044: fs: udf: fix OOB read in lengthAllocDescs handling (bsc#1252785).
- CVE-2025-40049: Squashfs: fix uninit-value in squashfs_get_parent (bsc#1252822).
- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
- CVE-2025-40082: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1252775).
- CVE-2025-40088: hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (bsc#1252904).

The following non security issues were fixed:

- NFSv4.1: fix backchannel max_resp_sz verification check (bsc#1247518).
- net: hv_netvsc: fix loss of early receive events from host during channel open (bsc#1252265).
- openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1249854)

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 276910

File Name: suse_SU-2025-4189-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 11/26/2025

Updated: 11/26/2025

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-56633

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-devel, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/24/2025

Vulnerability Publication Date: 9/4/2021

Reference Information

CVE: CVE-2021-4460, CVE-2022-43945, CVE-2022-48631, CVE-2022-50236, CVE-2022-50249, CVE-2022-50280, CVE-2022-50293, CVE-2022-50327, CVE-2022-50350, CVE-2022-50356, CVE-2022-50367, CVE-2022-50394, CVE-2022-50395, CVE-2022-50423, CVE-2022-50443, CVE-2022-50459, CVE-2022-50470, CVE-2022-50481, CVE-2022-50485, CVE-2022-50493, CVE-2022-50496, CVE-2022-50501, CVE-2022-50504, CVE-2022-50505, CVE-2022-50509, CVE-2022-50516, CVE-2022-50532, CVE-2022-50534, CVE-2022-50536, CVE-2022-50537, CVE-2022-50542, CVE-2022-50544, CVE-2022-50549, CVE-2022-50563, CVE-2022-50564, CVE-2022-50571, CVE-2022-50581, CVE-2023-53183, CVE-2023-53185, CVE-2023-53188, CVE-2023-53191, CVE-2023-53204, CVE-2023-53271, CVE-2023-53282, CVE-2023-53289, CVE-2023-53292, CVE-2023-53338, CVE-2023-53339, CVE-2023-53373, CVE-2023-53433, CVE-2023-53476, CVE-2023-53477, CVE-2023-53484, CVE-2023-53517, CVE-2023-53519, CVE-2023-53533, CVE-2023-53540, CVE-2023-53548, CVE-2023-53556, CVE-2023-53559, CVE-2023-53564, CVE-2023-53568, CVE-2023-53582, CVE-2023-53587, CVE-2023-53589, CVE-2023-53593, CVE-2023-53594, CVE-2023-53596, CVE-2023-53603, CVE-2023-53604, CVE-2023-53611, CVE-2023-53615, CVE-2023-53619, CVE-2023-53620, CVE-2023-53622, CVE-2023-53624, CVE-2023-53635, CVE-2023-53644, CVE-2023-53647, CVE-2023-53648, CVE-2023-53650, CVE-2023-53667, CVE-2023-53668, CVE-2023-53672, CVE-2023-53675, CVE-2023-53681, CVE-2023-53683, CVE-2023-53687, CVE-2023-53695, CVE-2023-53696, CVE-2023-53705, CVE-2023-53707, CVE-2023-53715, CVE-2023-53717, CVE-2023-53722, CVE-2023-53733, CVE-2023-7324, CVE-2024-56633, CVE-2025-38539, CVE-2025-38680, CVE-2025-38691, CVE-2025-38695, CVE-2025-38699, CVE-2025-38700, CVE-2025-38714, CVE-2025-38718, CVE-2025-38724, CVE-2025-39676, CVE-2025-39702, CVE-2025-39724, CVE-2025-39756, CVE-2025-39772, CVE-2025-39812, CVE-2025-39813, CVE-2025-39841, CVE-2025-39866, CVE-2025-39876, CVE-2025-39911, CVE-2025-39923, CVE-2025-39929, CVE-2025-39931, CVE-2025-39945, CVE-2025-39949, CVE-2025-39955, CVE-2025-39968, CVE-2025-39970, CVE-2025-39971, CVE-2025-39972, CVE-2025-39973, CVE-2025-39997, CVE-2025-40018, CVE-2025-40044, CVE-2025-40049, CVE-2025-40078, CVE-2025-40082, CVE-2025-40088

SuSE: SUSE-SU-2025:4189-1

Detections

Analytics