SUSE SLES12 : Recommended update for initial livepatch (SUSE-SU-2026:0473-1)

high Nessus Plugin ID 298924

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0473-1 advisory.

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues

The following security issues were fixed:

- CVE-2022-50347: mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (bsc#1249928).
- CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time (bsc#1252542).
- CVE-2022-50676: net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() (bsc#1254689).
- CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit (bsc#1255594).
- CVE-2022-50709: wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (bsc#1255565).
- CVE-2022-50716: wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (bsc#1255839).
- CVE-2022-50717: nvmet-tcp: add bounds check on Transfer Tag (bsc#1255844).
- CVE-2022-50719: ALSA: line6: fix stack overflow in line6_midi_transmit (bsc#1255939).
- CVE-2022-50740: wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs() (bsc#1256155).
- CVE-2022-50744: scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs (bsc#1256165).
- CVE-2022-50749: acct: fix potential integer overflow in encode_comp_t() (bsc#1256191).
- CVE-2022-50751: configfs: fix possible memory leak in configfs_create_dir() (bsc#1256184).
- CVE-2022-50760: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() (bsc#1255983).
- CVE-2022-50770: ocfs2: fix memory leak in ocfs2_mount_volume() (bsc#1256221).
- CVE-2022-50777: net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe (bsc#1256320).
- CVE-2022-50780: net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed (bsc#1256305).
- CVE-2022-50782: ext4: fix bug_on in __es_tree_search caused by bad quota inode (bsc#1256282).
- CVE-2022-50786: media: s5p-mfc: Clear workbit to handle error condition (bsc#1256258).
- CVE-2022-50816: ipv6: ensure sane device mtu in tunnels (bsc#1256038).
- CVE-2022-50834: nfc: Fix potential resource leaks (bsc#1256219).
- CVE-2022-50865: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (bsc#1256168).
- CVE-2022-50868: hwrng: amd - Fix PCI device refcount leak (bsc#1256386).
- CVE-2022-50880: wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state() (bsc#1256132).
- CVE-2022-50881: ath9k: Fix typo in function name (bsc#1256130).
- CVE-2022-50884: drm: Prevent drm_copy_field() to attempt copying a NULL pointer (bsc#1256127).
- CVE-2022-50885: RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed (bsc#1256122).
- CVE-2022-50887: regulator: core: fix unbalanced of node refcount in regulator_dev_lookup() (bsc#1256125).
- CVE-2023-50756: nvme-pci: fix mempool alloc size (bsc#1256216).
- CVE-2023-53685: tun: Fix memory leak for detached NAPI queue (bsc#1251770).
- CVE-2023-53747: vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF (bsc#1254572).
- CVE-2023-53751: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname (bsc#1254986).
- CVE-2023-53825: kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg() (bsc#1254707).
- CVE-2023-53853: netlink: annotate accesses to nlk->cb_running (bsc#1254673).
- CVE-2023-53863: netlink: do not hard code device address lenth in fdb dumps (bsc#1254657).
- CVE-2023-53992: wifi: cfg80211: ocb: don't leave if not joined (bsc#1256058).
- CVE-2023-54012: net: fix stack overflow when LRO is disabled for virtual interfaces (bsc#1255571).
- CVE-2023-54047: drm/rockchip: dw_hdmi: cleanup drm encoder during unbind (bsc#1256398).
- CVE-2023-54048: RDMA/bnxt_re: Prevent handling any completions after qp destroy (bsc#1256395).
- CVE-2023-54067: btrfs: fix race when deleting free space root from the dirty cow roots list (bsc#1256369).
- CVE-2023-54111: pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups (bsc#1256149).
- CVE-2023-54112: kcm: Fix memory leak in error path of kcm_sendmsg() (bsc#1256354).
- CVE-2023-54118: serial: sc16is7xx: setup GPIO controller later in probe (bsc#1256131).
- CVE-2023-54121: btrfs: fix incorrect splitting in btrfs_drop_extent_map_range (bsc#1256267).
- CVE-2023-54134: autofs: fix memory leak of waitqueues in autofs_catatonic_mode (bsc#1256106).
- CVE-2023-54198: tty: fix out-of-bounds access in tty_driver_lookup_tty() (bsc#1255970).
- CVE-2023-54202: drm/i915: fix race condition UAF in i915_perf_add_config_ioctl (bsc#1255880).
- CVE-2023-54207: HID: uclogic: Correct devm device reference for hidinput input_dev name (bsc#1255961).
- CVE-2023-54218: sock: Make sock->sk_stamp thread-safe (bsc#1256229).
- CVE-2023-54230: amba: bus: fix refcount leak (bsc#1255925).
- CVE-2023-54243: netfilter: ebtables: fix table blob use-after-free (bsc#1255908).
- CVE-2023-54265: ipv6: Fix an uninit variable access bug in __ip6_make_skb() (bsc#1255874).
- CVE-2023-54274: RDMA/srpt: Add a check for valid 'mad_agent' pointer (bsc#1255905).
- CVE-2023-54282: media: tuners: qt1010: replace BUG_ON with a regular error (bsc#1255810).
- CVE-2023-54287: tty: serial: imx: disable Ageing Timer interrupt request irq (bsc#1255804).
- CVE-2023-54311: ext4: fix deadlock when converting an inline directory in nojournal mode (bsc#1255773).
- CVE-2023-54321: driver core: fix potential null-ptr-deref in device_add() (bsc#1255762).
- CVE-2024-41007: tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
- CVE-2025-40115: scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (bsc#1253318).
- CVE-2025-40259: scsi: sg: Do not sleep in atomic context (bsc#1254845).
- CVE-2025-40261: nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (bsc#1254839).
- CVE-2025-40264: be2net: pass wrb_params in case of OS2BMC (bsc#1254835).
- CVE-2025-40271: fs/proc: fix uaf in proc_readdir_de() (bsc#1255297).
- CVE-2025-40323: fbcon: Set fb_display[i]->mode to NULL when the mode is released (bsc#1255094).
- CVE-2025-40339: drm/amdgpu: fix nullptr err of vm_handle_moved (bsc#1255428).
- CVE-2025-40345: usb: storage: sddr55: Reject out-of-bound new_pba (bsc#1255279).
- CVE-2025-40363: net: ipv6: fix field-spanning memcpy warning in AH output (bsc#1255102).
- CVE-2025-68188: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (bsc#1255269).
- CVE-2025-68190: drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked() (bsc#1255131).
- CVE-2025-68192: net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (bsc#1255246).
- CVE-2025-68241: ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (bsc#1255157).
- CVE-2025-68245: net: netpoll: fix incorrect refcount handling causing incorrect cleanup (bsc#1255268).
- CVE-2025-68261: ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164).
- CVE-2025-68264: ext4: refresh inline data size before write operations (bsc#1255380).
- CVE-2025-68286: drm/amd/display: Check NULL before accessing (bsc#1255351).
- CVE-2025-68296: drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128).
- CVE-2025-68303: platform/x86: intel: punit_ipc: fix memory corruption (bsc#1255122).
- CVE-2025-68305: Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (bsc#1255169).
- CVE-2025-68312: usbnet: Prevents free active kevent (bsc#1255171).
- CVE-2025-68337: jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482).
- CVE-2025-68349: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (bsc#1255544).
- CVE-2025-68354: regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex (bsc#1255553).
- CVE-2025-68362: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() (bsc#1255611).
- CVE-2025-68366: nbd: defer config unlock in nbd_genl_connect (bsc#1255622).
- CVE-2025-68367: macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (bsc#1255547).
- CVE-2025-68372: nbd: defer config put in recv_work (bsc#1255537).
- CVE-2025-68379: RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (bsc#1255695).
- CVE-2025-68740: ima: Handle error code returned by ima_filter_rule_match() (bsc#1255812).
- CVE-2025-68757: drm/vgem-fence: Fix potential deadlock on release (bsc#1255943).
- CVE-2025-68767: hfsplus: Verify inode mode when loading from disk (bsc#1256580).
- CVE-2025-68771: ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582).
- CVE-2025-68774: hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create (bsc#1256585).
- CVE-2025-68783: ALSA: usb-mixer: us16x08: validate meter packet indices (bsc#1256650).
- CVE-2025-68788: fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638).
- CVE-2025-68795: ethtool: Avoid overflowing userspace buffer on stats query (bsc#1256688).
- CVE-2025-68797: char: applicom: fix NULL pointer dereference in ac_ioctl (bsc#1256660).
- CVE-2025-68813: ipvs: fix ipv4 null-ptr-deref in route error path (bsc#1256641).
- CVE-2025-68816: net/mlx5: fw_tracer, Validate format string parameters (bsc#1256674).
- CVE-2025-71064: net: hns3: using the num_tqps in the vf driver to apply for resources (bsc#1256654).
- CVE-2025-71082: Bluetooth: btusb: revert use of devm_kzalloc in btusb (bsc#1256611).
- CVE-2025-71085: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (bsc#1256623).
- CVE-2025-71087: iavf: fix off-by-one issues in iavf_config_rss_reg() (bsc#1256628).
- CVE-2025-71091: team: fix check for port enabled in team_queue_override_port_prio_changed() (bsc#1256773).
- CVE-2025-71093: e1000: fix OOB in e1000_tbi_should_accept() (bsc#1256777).
- CVE-2025-71096: RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (bsc#1256606).
- CVE-2025-71098: ip6_gre: make ip6gre_header() robust (bsc#1256591).
- CVE-2025-71108: usb: typec: ucsi: Handle incorrect num_connectors capability (bsc#1256774).
- CVE-2025-71112: net: hns3: add VLAN id validation before using (bsc#1256726).
- CVE-2025-71119: powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1205462).
- CVE-2025-71120: SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (bsc#1256779).
- CVE-2026-22976: net_sched: qfq: Fix double list add in class with netem as child qdisc (bsc#1257035).
- CVE-2026-22978: wifi: avoid kernel-infoleak from struct iw_point (bsc#1257227).
- CVE-2026-22999: net/sched: sch_qfq: do not free existing class in qfq_change_class() (bsc#1257236).
- CVE-2026-23001: macvlan: Use 'hash' iterators to simplify code (bsc#1257232).
- CVE-2026-23011: ipv4: ip_gre: make ipgre_header() robust (bsc#1257207).

The following non security issues were fixed:

- RDMA/rxe: Fix the error caused by qp->sk (bsc#1256122).
- RDMA/srpt: Fix disabling device management (bsc#1255905).
- RDMA/srpt: Fix handling of SR-IOV and iWARP ports (bsc#1255905).
- configfs: factor dirent removal into helpers (bsc#1256184).
- drm/amdgpu: Remove explicit wait after VM validate (bsc#1255428).
- drm/amdgpu: update mappings not managed by KFD (bsc#1255428).
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (bsc#1256386).
- nvmet-tcp: Fix NULL dereference when a connect data comes in h2cdata pdu (bsc#1255844).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 298924

File Name: suse_SU-2026-0473-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 2/13/2026

Updated: 2/13/2026

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-39913

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-default-kgraft, p-cpe:/a:novell:suse_linux:cluster-md-kmp-default, p-cpe:/a:novell:suse_linux:dlm-kmp-default, p-cpe:/a:novell:suse_linux:kernel-default-kgraft-devel, p-cpe:/a:novell:suse_linux:kernel-macros, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:gfs2-kmp-default, p-cpe:/a:novell:suse_linux:kernel-devel, p-cpe:/a:novell:suse_linux:ocfs2-kmp-default, p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_293-default

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2/12/2026

Vulnerability Publication Date: 9/4/2021

Reference Information

CVE: CVE-2022-48838, CVE-2022-49943, CVE-2022-49980, CVE-2022-50347, CVE-2022-50580, CVE-2022-50676, CVE-2022-50697, CVE-2022-50709, CVE-2022-50716, CVE-2022-50717, CVE-2022-50719, CVE-2022-50740, CVE-2022-50744, CVE-2022-50749, CVE-2022-50751, CVE-2022-50760, CVE-2022-50770, CVE-2022-50777, CVE-2022-50780, CVE-2022-50782, CVE-2022-50786, CVE-2022-50816, CVE-2022-50834, CVE-2022-50865, CVE-2022-50868, CVE-2022-50880, CVE-2022-50881, CVE-2022-50884, CVE-2022-50885, CVE-2022-50887, CVE-2023-50756, CVE-2023-52525, CVE-2023-52999, CVE-2023-53148, CVE-2023-53178, CVE-2023-53226, CVE-2023-53464, CVE-2023-53685, CVE-2023-53747, CVE-2023-53751, CVE-2023-53825, CVE-2023-53853, CVE-2023-53863, CVE-2023-53992, CVE-2023-54012, CVE-2023-54047, CVE-2023-54048, CVE-2023-54067, CVE-2023-54111, CVE-2023-54112, CVE-2023-54118, CVE-2023-54121, CVE-2023-54134, CVE-2023-54198, CVE-2023-54202, CVE-2023-54207, CVE-2023-54218, CVE-2023-54230, CVE-2023-54243, CVE-2023-54265, CVE-2023-54274, CVE-2023-54282, CVE-2023-54287, CVE-2023-54311, CVE-2023-54321, CVE-2024-26832, CVE-2024-26935, CVE-2024-36903, CVE-2024-41007, CVE-2024-50040, CVE-2024-56690, CVE-2024-58020, CVE-2025-21681, CVE-2025-37913, CVE-2025-38007, CVE-2025-38539, CVE-2025-38591, CVE-2025-38602, CVE-2025-38656, CVE-2025-39689, CVE-2025-39813, CVE-2025-39829, CVE-2025-39913, CVE-2025-40087, CVE-2025-40088, CVE-2025-40115, CVE-2025-40198, CVE-2025-40259, CVE-2025-40261, CVE-2025-40264, CVE-2025-40271, CVE-2025-40323, CVE-2025-40339, CVE-2025-40345, CVE-2025-40363, CVE-2025-68188, CVE-2025-68190, CVE-2025-68192, CVE-2025-68241, CVE-2025-68245, CVE-2025-68261, CVE-2025-68264, CVE-2025-68286, CVE-2025-68296, CVE-2025-68303, CVE-2025-68305, CVE-2025-68312, CVE-2025-68337, CVE-2025-68349, CVE-2025-68354, CVE-2025-68362, CVE-2025-68366, CVE-2025-68367, CVE-2025-68372, CVE-2025-68379, CVE-2025-68740, CVE-2025-68757, CVE-2025-68767, CVE-2025-68771, CVE-2025-68774, CVE-2025-68783, CVE-2025-68788, CVE-2025-68795, CVE-2025-68797, CVE-2025-68813, CVE-2025-68816, CVE-2025-71064, CVE-2025-71082, CVE-2025-71085, CVE-2025-71087, CVE-2025-71091, CVE-2025-71093, CVE-2025-71096, CVE-2025-71098, CVE-2025-71108, CVE-2025-71112, CVE-2025-71119, CVE-2025-71120, CVE-2025-71123, CVE-2026-22976, CVE-2026-22978, CVE-2026-22988, CVE-2026-22999, CVE-2026-23001, CVE-2026-23011

SuSE: SUSE-SU-2026:0473-1

Detections

Analytics