Detections
Analytics
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:4505-1)
high Nessus Plugin ID 279673
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4505-1 advisory.The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-50253: bpf: make sure skb->len != 0 when redirecting to a tunneling device (bsc#1249912).
- CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786).
- CVE-2025-21710: tcp: correct handling of extreme memory squeeze (bsc#1237888).
- CVE-2025-37916: pds_core: remove write-after-free of client_id (bsc#1243474).
- CVE-2025-38359: s390/mm: Fix in_atomic() handling in do_secure_storage_access() (bsc#1247076).
- CVE-2025-38361: drm/amd/display: Check dce_hwseq before dereferencing it (bsc#1247079).
- CVE-2025-39788: scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE (bsc#1249547).
- CVE-2025-39805: net: macb: fix unregister_netdev call order in macb_remove() (bsc#1249982).
- CVE-2025-39819: fs/smb: Fix inconsistent refcnt update (bsc#1250176).
- CVE-2025-39859: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (bsc#1250252).
- CVE-2025-39944: octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (bsc#1251120).
- CVE-2025-39980: nexthop: Forbid FDB status change while nexthop is in a group (bsc#1252063).
- CVE-2025-40001: scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (bsc#1252303).
- CVE-2025-40021: tracing: dynevent: Add a missing lockdown check on dynevent (bsc#1252681).
- CVE-2025-40027: net/9p: fix double req put in p9_fd_cancelled (bsc#1252763).
- CVE-2025-40030: pinctrl: check the return value of pinmux_ops::get_function_name() (bsc#1252773).
- CVE-2025-40038: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (bsc#1252817).
- CVE-2025-40040: mm/ksm: fix flag-dropping behavior in ksm_madvise (bsc#1252780).
- CVE-2025-40048: uio_hv_generic: Let userspace take care of interrupt mask (bsc#1252862).
- CVE-2025-40055: ocfs2: fix double free in user_cluster_connect() (bsc#1252821).
- CVE-2025-40059: coresight: Fix incorrect handling for return value of devm_kzalloc (bsc#1252809).
- CVE-2025-40064: smc: Fix use-after-free in __pnet_find_base_ndev() (bsc#1252845).
- CVE-2025-40070: pps: fix warning in pps_register_cdev when register device fail (bsc#1252836).
- CVE-2025-40074: ipv4: start using dst_dev_rcu() (bsc#1252794).
- CVE-2025-40075: tcp_metrics: use dst_dev_net_rcu() (bsc#1252795).
- CVE-2025-40083: net/sched: sch_qfq: Fix null-deref in agg_dequeue (bsc#1252912).
- CVE-2025-40098: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (bsc#1252917).
- CVE-2025-40105: vfs: Don't leak disconnected dentries on umount (bsc#1252928).
- CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409).
- CVE-2025-40149: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (bsc#1253355).
- CVE-2025-40159: xsk: Harden userspace-supplied xdp_desc validation (bsc#1253403).
- CVE-2025-40168: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (bsc#1253427).
- CVE-2025-40169: bpf: Reject negative offsets for ALU ops (bsc#1253416).
- CVE-2025-40173: net/ip6_tunnel: Prevent perpetual tunnel growth (bsc#1253421).
- CVE-2025-40176: tls: wait for pending async decryptions if tls_strp_msg_hold fails (bsc#1253425).
- CVE-2025-40204: sctp: Fix MAC comparison to be constant-time (bsc#1253436).
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
https://bugzilla.suse.com/1253779
http://www.nessus.org/u?d6171bf4
https://www.suse.com/security/cve/CVE-2022-50253
https://www.suse.com/security/cve/CVE-2023-53676
https://www.suse.com/security/cve/CVE-2025-21710
https://www.suse.com/security/cve/CVE-2025-37916
https://www.suse.com/security/cve/CVE-2025-38359
https://www.suse.com/security/cve/CVE-2025-38361
https://www.suse.com/security/cve/CVE-2025-39788
https://www.suse.com/security/cve/CVE-2025-39805
https://www.suse.com/security/cve/CVE-2025-39819
https://www.suse.com/security/cve/CVE-2025-39859
https://www.suse.com/security/cve/CVE-2025-39944
https://www.suse.com/security/cve/CVE-2025-39980
https://www.suse.com/security/cve/CVE-2025-40001
https://www.suse.com/security/cve/CVE-2025-40021
https://www.suse.com/security/cve/CVE-2025-40027
https://www.suse.com/security/cve/CVE-2025-40030
https://www.suse.com/security/cve/CVE-2025-40038
https://www.suse.com/security/cve/CVE-2025-40040
https://www.suse.com/security/cve/CVE-2025-40048
https://www.suse.com/security/cve/CVE-2025-40055
https://www.suse.com/security/cve/CVE-2025-40059
https://www.suse.com/security/cve/CVE-2025-40064
https://www.suse.com/security/cve/CVE-2025-40070
https://www.suse.com/security/cve/CVE-2025-40074
https://www.suse.com/security/cve/CVE-2025-40075
https://www.suse.com/security/cve/CVE-2025-40083
https://www.suse.com/security/cve/CVE-2025-40098
https://www.suse.com/security/cve/CVE-2025-40105
https://www.suse.com/security/cve/CVE-2025-40107
https://www.suse.com/security/cve/CVE-2025-40109
https://www.suse.com/security/cve/CVE-2025-40110
https://www.suse.com/security/cve/CVE-2025-40111
https://www.suse.com/security/cve/CVE-2025-40115
https://www.suse.com/security/cve/CVE-2025-40116
https://www.suse.com/security/cve/CVE-2025-40118
https://www.suse.com/security/cve/CVE-2025-40120
https://www.suse.com/security/cve/CVE-2025-40121
https://www.suse.com/security/cve/CVE-2025-40127
https://www.suse.com/security/cve/CVE-2025-40129
https://www.suse.com/security/cve/CVE-2025-40139
https://www.suse.com/security/cve/CVE-2025-40140
https://www.suse.com/security/cve/CVE-2025-40141
https://www.suse.com/security/cve/CVE-2025-40149
https://www.suse.com/security/cve/CVE-2025-40154
https://www.suse.com/security/cve/CVE-2025-40156
https://www.suse.com/security/cve/CVE-2025-40157
https://www.suse.com/security/cve/CVE-2025-40159
https://www.suse.com/security/cve/CVE-2025-40164
https://www.suse.com/security/cve/CVE-2025-40168
https://www.suse.com/security/cve/CVE-2025-40169
https://www.suse.com/security/cve/CVE-2025-40171
https://www.suse.com/security/cve/CVE-2025-40172
https://www.suse.com/security/cve/CVE-2025-40173
https://www.suse.com/security/cve/CVE-2025-40176
https://www.suse.com/security/cve/CVE-2025-40180
https://www.suse.com/security/cve/CVE-2025-40183
https://www.suse.com/security/cve/CVE-2025-40186
https://www.suse.com/security/cve/CVE-2025-40188
https://www.suse.com/security/cve/CVE-2025-40194
https://www.suse.com/security/cve/CVE-2025-40198
https://www.suse.com/security/cve/CVE-2025-40200
https://www.suse.com/security/cve/CVE-2025-40204
https://www.suse.com/security/cve/CVE-2025-40205
https://www.suse.com/security/cve/CVE-2025-40206
https://www.suse.com/security/cve/CVE-2025-40207
https://bugzilla.suse.com/1232223
https://bugzilla.suse.com/1236743
https://bugzilla.suse.com/1237888
https://bugzilla.suse.com/1243474
https://bugzilla.suse.com/1245193
https://bugzilla.suse.com/1247076
https://bugzilla.suse.com/1247079
https://bugzilla.suse.com/1247500
https://bugzilla.suse.com/1247509
https://bugzilla.suse.com/1249547
https://bugzilla.suse.com/1249912
https://bugzilla.suse.com/1249982
https://bugzilla.suse.com/1250176
https://bugzilla.suse.com/1250237
https://bugzilla.suse.com/1250252
https://bugzilla.suse.com/1250705
https://bugzilla.suse.com/1251120
https://bugzilla.suse.com/1251786
https://bugzilla.suse.com/1252063
https://bugzilla.suse.com/1252267
https://bugzilla.suse.com/1252269
https://bugzilla.suse.com/1252303
https://bugzilla.suse.com/1252353
https://bugzilla.suse.com/1252681
https://bugzilla.suse.com/1252763
https://bugzilla.suse.com/1252773
https://bugzilla.suse.com/1252780
https://bugzilla.suse.com/1252794
https://bugzilla.suse.com/1252795
https://bugzilla.suse.com/1252809
https://bugzilla.suse.com/1252817
https://bugzilla.suse.com/1252821
https://bugzilla.suse.com/1252836
https://bugzilla.suse.com/1252845
https://bugzilla.suse.com/1252862
https://bugzilla.suse.com/1252912
https://bugzilla.suse.com/1252917
https://bugzilla.suse.com/1252928
https://bugzilla.suse.com/1253018
https://bugzilla.suse.com/1253176
https://bugzilla.suse.com/1253275
https://bugzilla.suse.com/1253318
https://bugzilla.suse.com/1253324
https://bugzilla.suse.com/1253349
https://bugzilla.suse.com/1253352
https://bugzilla.suse.com/1253355
https://bugzilla.suse.com/1253360
https://bugzilla.suse.com/1253362
https://bugzilla.suse.com/1253363
https://bugzilla.suse.com/1253367
https://bugzilla.suse.com/1253369
https://bugzilla.suse.com/1253393
https://bugzilla.suse.com/1253395
https://bugzilla.suse.com/1253403
https://bugzilla.suse.com/1253407
https://bugzilla.suse.com/1253409
https://bugzilla.suse.com/1253412
https://bugzilla.suse.com/1253416
https://bugzilla.suse.com/1253421
https://bugzilla.suse.com/1253423
https://bugzilla.suse.com/1253424
https://bugzilla.suse.com/1253425
https://bugzilla.suse.com/1253427
https://bugzilla.suse.com/1253428
https://bugzilla.suse.com/1253431
https://bugzilla.suse.com/1253436
https://bugzilla.suse.com/1253438
https://bugzilla.suse.com/1253440
https://bugzilla.suse.com/1253441
https://bugzilla.suse.com/1253445
https://bugzilla.suse.com/1253448
https://bugzilla.suse.com/1253449
https://bugzilla.suse.com/1253453
Plugin Details
Severity: High
ID: 279673
File Name: suse_SU-2025-4505-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 12/24/2025
Updated: 12/24/2025
Supported Sensors: Continuous Assessment, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.1
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2025-39859
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 6.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:kernel-source-azure, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-devel-azure, p-cpe:/a:novell:suse_linux:kernel-azure, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 12/22/2025
Vulnerability Publication Date: 9/4/2021
Reference Information
CVE: CVE-2022-50253, CVE-2023-53676, CVE-2025-21710, CVE-2025-37916, CVE-2025-38359, CVE-2025-38361, CVE-2025-39788, CVE-2025-39805, CVE-2025-39819, CVE-2025-39859, CVE-2025-39944, CVE-2025-39980, CVE-2025-40001, CVE-2025-40021, CVE-2025-40027, CVE-2025-40030, CVE-2025-40038, CVE-2025-40040, CVE-2025-40048, CVE-2025-40055, CVE-2025-40059, CVE-2025-40064, CVE-2025-40070, CVE-2025-40074, CVE-2025-40075, CVE-2025-40083, CVE-2025-40098, CVE-2025-40105, CVE-2025-40107, CVE-2025-40109, CVE-2025-40110, CVE-2025-40111, CVE-2025-40115, CVE-2025-40116, CVE-2025-40118, CVE-2025-40120, CVE-2025-40121, CVE-2025-40127, CVE-2025-40129, CVE-2025-40139, CVE-2025-40140, CVE-2025-40141, CVE-2025-40149, CVE-2025-40154, CVE-2025-40156, CVE-2025-40157, CVE-2025-40159, CVE-2025-40164, CVE-2025-40168, CVE-2025-40169, CVE-2025-40171, CVE-2025-40172, CVE-2025-40173, CVE-2025-40176, CVE-2025-40180, CVE-2025-40183, CVE-2025-40186, CVE-2025-40188, CVE-2025-40194, CVE-2025-40198, CVE-2025-40200, CVE-2025-40204, CVE-2025-40205, CVE-2025-40206, CVE-2025-40207
SuSE: SUSE-SU-2025:4505-1