Detections
Analytics
SUSE SLES11 Security Update : kernel (SUSE-SU-2025:4315-1)
high Nessus Plugin ID 277048
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4315-1 advisory.The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2022-50116: Update config files. Disable N_GSM (bsc#1244824 jsc#PED-8240).
- CVE-2022-50252: igb: Do not free q_vector unless new one was allocated (bsc#1249846).
- CVE-2022-50381: MD: add rdev reference for super write (bsc#1250257).
- CVE-2022-50409: net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory (bsc#1250392).
- CVE-2023-53282: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write (bsc#1250311).
- CVE-2023-53322: scsi: qla2xxx: Wait for io return on terminate rport (bsc#1250323).
- CVE-2023-53365: ip6mr: Fix skb_under_panic in ip6mr_cache_report() (bsc#1249988).
- CVE-2023-53395: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer (bsc#1250358).
- CVE-2023-53705: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (bsc#1252554).
- CVE-2023-53722: md: raid1: fix potential OOB in raid1_remove_disk() (bsc#1252499).
- CVE-2025-38352: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911).
- CVE-2025-38498: do_change_type(): refuse to operate on unmounted/not ours mounts (bsc#1247374).
- CVE-2025-38617: net/packet: fix a race in packet_set_ring() and packet_notifier() (bsc#1248621).
- CVE-2025-38685: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (bsc#1249220).
- CVE-2025-38713: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (bsc#1249200).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1250358
https://bugzilla.suse.com/1250392
https://bugzilla.suse.com/1250522
https://bugzilla.suse.com/1250742
https://bugzilla.suse.com/1252035
https://bugzilla.suse.com/1252499
https://bugzilla.suse.com/1252554
http://www.nessus.org/u?3c233f3f
https://www.suse.com/security/cve/CVE-2022-50116
https://www.suse.com/security/cve/CVE-2022-50252
https://www.suse.com/security/cve/CVE-2022-50272
https://www.suse.com/security/cve/CVE-2022-50381
https://www.suse.com/security/cve/CVE-2022-50409
https://www.suse.com/security/cve/CVE-2023-28328
https://www.suse.com/security/cve/CVE-2023-3772
https://www.suse.com/security/cve/CVE-2023-53147
https://www.suse.com/security/cve/CVE-2023-53282
https://www.suse.com/security/cve/CVE-2023-53322
https://www.suse.com/security/cve/CVE-2023-53365
https://www.suse.com/security/cve/CVE-2023-53395
https://www.suse.com/security/cve/CVE-2023-53705
https://www.suse.com/security/cve/CVE-2023-53722
https://www.suse.com/security/cve/CVE-2025-38352
https://www.suse.com/security/cve/CVE-2025-38498
https://www.suse.com/security/cve/CVE-2025-38617
https://www.suse.com/security/cve/CVE-2025-38685
https://www.suse.com/security/cve/CVE-2025-38713
https://www.suse.com/security/cve/CVE-2025-39973
https://bugzilla.suse.com/963449
https://bugzilla.suse.com/1078788
https://bugzilla.suse.com/1209291
https://bugzilla.suse.com/1213666
https://bugzilla.suse.com/1244824
https://bugzilla.suse.com/1246911
https://bugzilla.suse.com/1247374
https://bugzilla.suse.com/1248621
https://bugzilla.suse.com/1249200
https://bugzilla.suse.com/1249220
https://bugzilla.suse.com/1249604
https://bugzilla.suse.com/1249808
https://bugzilla.suse.com/1249846
https://bugzilla.suse.com/1249880
https://bugzilla.suse.com/1249988
https://bugzilla.suse.com/1250257
Plugin Details
Severity: High
ID: 277048
File Name: suse_SU-2025-4315-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/2/2025
Updated: 12/2/2025
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.6
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2022-50252
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-xen-base, p-cpe:/a:novell:suse_linux:kernel-trace-base, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-ec2-base, p-cpe:/a:novell:suse_linux:kernel-ec2, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-ec2-devel, p-cpe:/a:novell:suse_linux:kernel-trace-devel, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-xen-devel, p-cpe:/a:novell:suse_linux:kernel-xen, p-cpe:/a:novell:suse_linux:kernel-trace, p-cpe:/a:novell:suse_linux:kernel-default, cpe:/o:novell:suse_linux:11
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/1/2025
Vulnerability Publication Date: 9/4/2021
CISA Known Exploited Vulnerability Due Dates: 9/25/2025
Reference Information
CVE: CVE-2022-50116, CVE-2022-50252, CVE-2022-50272, CVE-2022-50381, CVE-2022-50409, CVE-2023-28328, CVE-2023-3772, CVE-2023-53147, CVE-2023-53282, CVE-2023-53322, CVE-2023-53365, CVE-2023-53395, CVE-2023-53705, CVE-2023-53722, CVE-2025-38352, CVE-2025-38498, CVE-2025-38617, CVE-2025-38685, CVE-2025-38713, CVE-2025-39973
SuSE: SUSE-SU-2025:4315-1