SUSE SLES12 Security Update : kernel (SUSE-SU-2026:0316-1)

high Nessus Plugin ID 297090

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0316-1 advisory.

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2022-49604,CVE-2025-40074: ip: Fix data-races around sysctl_ip_fwd_use_pmtu (bsc#1238414 bsc#1252794).
- CVE-2022-50527: drm/amdgpu: Fix size validation for non-exclusive domains (v4) (bsc#1251738).
- CVE-2022-50625: serial: amba-pl011: avoid SBSA UART accessing DMACR register (bsc#1254559).
- CVE-2022-50630: mm: hugetlb: fix UAF in hugetlb_handle_userfault (bsc#1254785).
- CVE-2022-50656: nfc: pn533: Clear nfc_target before being used (bsc#1254745).
- CVE-2022-50678: wifi: brcmfmac: fix invalid address access when enabling SCAN log level (bsc#1254902).
- CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer (bsc#1255576).
- CVE-2023-53454: HID: multitouch: Correct devm device reference for hidinput input_dev name (bsc#1250759).
- CVE-2023-53718: ring-buffer: Do not swap cpu_buffer during resize process (bsc#1252564).
- CVE-2023-53748: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup (bsc#1254907).
- CVE-2023-53765: dm cache: free background tracker's queued work in btracker_destroy (bsc#1254912).
- CVE-2023-53781: smc: Fix use-after-free in tcp_write_timer_handler() (bsc#1254751).
- CVE-2023-53788: ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() (bsc#1254917).
- CVE-2023-53819: amdgpu: validate offset_in_bo of drm_amdgpu_gem_va (bsc#1254712).
- CVE-2023-53850: iavf: use internal state to free traffic IRQs (bsc#1254677).
- CVE-2023-54120: Bluetooth: Fix race condition in hidp_session_thread (bsc#1256133).
- CVE-2023-54214: Bluetooth: L2CAP: Fix potential user-after-free (bsc#1255954).
- CVE-2023-54236: net/net_failover: fix txq exceeding warning (bsc#1255922).
- CVE-2023-54286: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace (bsc#1255803).
- CVE-2023-54300: wifi: ath9k: avoid referencing uninit memory in ath9k_wmi_ctrl_rx (bsc#1255790).
- CVE-2025-38085: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431 bsc#1245499).
- CVE-2025-38336: ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (bsc#1246370).
- CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256).
- CVE-2025-40006: mm/hugetlb: fix folio is still mapped when deleted (bsc#1252342).
- CVE-2025-40035: Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (bsc#1252866).
- CVE-2025-40053: net: dlink: handle copy_thresh allocation failure (bsc#1252808).
- CVE-2025-40064: smc: Fix use-after-free in __pnet_find_base_ndev() (bsc#1252845).
- CVE-2025-40075: tcp_metrics: use dst_dev_net_rcu() (bsc#1252795).
- CVE-2025-40081: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (bsc#1252776).
- CVE-2025-40110: drm/vmwgfx: Fix a null-ptr access in the cursor snooper (bsc#1253275).
- CVE-2025-40123: bpf: Enforce expected_attach_type for tailcall compatibility (bsc#1253365).
- CVE-2025-40135: ipv6: use RCU in ip6_xmit() (bsc#1253342).
- CVE-2025-40139: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (bsc#1253409).
- CVE-2025-40149: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (bsc#1253355).
- CVE-2025-40153: mm: hugetlb: avoid soft lockup when mprotect to large memory area (bsc#1253408).
- CVE-2025-40158: ipv6: use RCU in ip6_output() (bsc#1253402).
- CVE-2025-40160: xen/events: Cleanup find_virq() return codes (bsc#1253400).
- CVE-2025-40164: usbnet: Fix using smp_processor_id() in preemptible code warnings (bsc#1253407).
- CVE-2025-40167: ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458).
- CVE-2025-40168: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (bsc#1253427).
- CVE-2025-40170: net: use dst_dev_rcu() in sk_setup_caps() (bsc#1253413).
- CVE-2025-40178: pid: Add a judgment for ns null in pid_nr_ns (bsc#1253463).
- CVE-2025-40198: ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (bsc#1253453).
- CVE-2025-40200: Squashfs: reject negative file sizes in squashfs_read_inode() (bsc#1253448).
- CVE-2025-40215: kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959).
- CVE-2025-40219: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (bsc#1254518).
- CVE-2025-40233: ocfs2: clear extent cache after moving/defragmenting extents (bsc#1254813).
- CVE-2025-40240: sctp: avoid NULL dereference when chunk data buffer is missing (bsc#1254869).
- CVE-2025-40244: hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() (bsc#1255033).
- CVE-2025-40248: vsock: Ignore signal/timeout on connect() if already established (bsc#1254864).
- CVE-2025-40252: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (bsc#1254849).
- CVE-2025-40269: ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (bsc#1255035).
- CVE-2025-40275: ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (bsc#1254829).
- CVE-2025-40278: net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (bsc#1254825).
- CVE-2025-40279: net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (bsc#1254846).
- CVE-2025-40283: Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (bsc#1254858).
- CVE-2025-40304: fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (bsc#1255034).
- CVE-2025-40308: Bluetooth: bcsp: receive data only if registered (bsc#1255064).
- CVE-2025-40321: wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (bsc#1254795).
- CVE-2025-40322: fbdev: bitblit: bound-check glyph index in bit_putcs* (bsc#1255092).
- CVE-2025-40331: sctp: Prevent TOCTOU out-of-bounds write (bsc#1254615).
- CVE-2025-40337: net: stmmac: Correctly handle Rx checksum offload errors (bsc#1255081).
- CVE-2025-40349: hfs: validate record offset in hfsplus_bmap_alloc (bsc#1255280).
- CVE-2025-40351: hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (bsc#1255281).
- CVE-2025-68206: netfilter: nft_ct: add seqadj extension for natted connections (bsc#1255142).
- CVE-2025-68340: team: Move team device type change at the end of team_port_add (bsc#1255507).

The following non security issues were fixed:

- HID: multitouch: Add NULL check in mt_input_configured (bsc#1250759).
- Squashfs: add additional inode sanity checking (bsc#1253448).
- drm/amdgpu: Fix potential NULL dereference (bsc#1251238).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 297090

File Name: suse_SU-2026-0316-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 1/29/2026

Updated: 1/29/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2023-53454

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/28/2026

Vulnerability Publication Date: 9/4/2021

Reference Information

CVE: CVE-2022-49546, CVE-2022-49604, CVE-2022-49975, CVE-2022-50527, CVE-2022-50615, CVE-2022-50625, CVE-2022-50630, CVE-2022-50636, CVE-2022-50638, CVE-2022-50640, CVE-2022-50643, CVE-2022-50646, CVE-2022-50656, CVE-2022-50668, CVE-2022-50677, CVE-2022-50678, CVE-2022-50700, CVE-2022-50706, CVE-2022-50715, CVE-2022-50728, CVE-2022-50730, CVE-2022-50733, CVE-2022-50747, CVE-2022-50755, CVE-2022-50761, CVE-2022-50779, CVE-2022-50821, CVE-2022-50824, CVE-2022-50840, CVE-2022-50849, CVE-2022-50850, CVE-2022-50859, CVE-2022-50870, CVE-2022-50879, CVE-2023-20569, CVE-2023-23559, CVE-2023-4132, CVE-2023-53020, CVE-2023-53176, CVE-2023-53454, CVE-2023-53718, CVE-2023-53746, CVE-2023-53748, CVE-2023-53754, CVE-2023-53765, CVE-2023-53781, CVE-2023-53786, CVE-2023-53788, CVE-2023-53803, CVE-2023-53809, CVE-2023-53819, CVE-2023-53832, CVE-2023-53840, CVE-2023-53847, CVE-2023-53850, CVE-2023-53862, CVE-2023-54014, CVE-2023-54017, CVE-2023-54021, CVE-2023-54032, CVE-2023-54045, CVE-2023-54051, CVE-2023-54070, CVE-2023-54091, CVE-2023-54095, CVE-2023-54108, CVE-2023-54110, CVE-2023-54119, CVE-2023-54120, CVE-2023-54123, CVE-2023-54130, CVE-2023-54146, CVE-2023-54168, CVE-2023-54170, CVE-2023-54177, CVE-2023-54179, CVE-2023-54186, CVE-2023-54197, CVE-2023-54211, CVE-2023-54213, CVE-2023-54214, CVE-2023-54220, CVE-2023-54224, CVE-2023-54226, CVE-2023-54236, CVE-2023-54260, CVE-2023-54264, CVE-2023-54266, CVE-2023-54270, CVE-2023-54271, CVE-2023-54286, CVE-2023-54289, CVE-2023-54294, CVE-2023-54300, CVE-2023-54309, CVE-2023-54317, CVE-2025-38085, CVE-2025-38336, CVE-2025-38728, CVE-2025-40006, CVE-2025-40035, CVE-2025-40053, CVE-2025-40064, CVE-2025-40075, CVE-2025-40081, CVE-2025-40110, CVE-2025-40123, CVE-2025-40135, CVE-2025-40139, CVE-2025-40149, CVE-2025-40153, CVE-2025-40158, CVE-2025-40160, CVE-2025-40164, CVE-2025-40167, CVE-2025-40168, CVE-2025-40170, CVE-2025-40178, CVE-2025-40198, CVE-2025-40200, CVE-2025-40215, CVE-2025-40219, CVE-2025-40233, CVE-2025-40240, CVE-2025-40244, CVE-2025-40248, CVE-2025-40252, CVE-2025-40256, CVE-2025-40269, CVE-2025-40275, CVE-2025-40278, CVE-2025-40279, CVE-2025-40283, CVE-2025-40304, CVE-2025-40308, CVE-2025-40321, CVE-2025-40322, CVE-2025-40331, CVE-2025-40337, CVE-2025-40349, CVE-2025-40351, CVE-2025-68206, CVE-2025-68340

SuSE: SUSE-SU-2026:0316-1

Detections

Analytics