The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3173 advisory.

    -------------------------------------------------------------------------     Debian LTS Advisory DLA-3173-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/                        Ben Hutchings     November 1, 2022                              https://wiki.debian.org/LTS
    -------------------------------------------------------------------------

    Package        : linux-5.10     Version        : 5.10.149-2~deb10u1     CVE ID         : CVE-2021-4037 CVE-2022-0171 CVE-2022-1184 CVE-2022-1679                      CVE-2022-2153 CVE-2022-2602 CVE-2022-2663 CVE-2022-2905                      CVE-2022-3028 CVE-2022-3061 CVE-2022-3176 CVE-2022-3303                      CVE-2022-3586 CVE-2022-3621 CVE-2022-3625 CVE-2022-3629                      CVE-2022-3633 CVE-2022-3635 CVE-2022-3646 CVE-2022-3649                      CVE-2022-20421 CVE-2022-20422 CVE-2022-39188 CVE-2022-39190                      CVE-2022-39842 CVE-2022-40307 CVE-2022-41222 CVE-2022-41674                      CVE-2022-42719 CVE-2022-42720 CVE-2022-42721 CVE-2022-42722                      CVE-2022-43750     Debian Bug     : 1017425 1019248

    Several vulnerabilities have been discovered in the Linux kernel that     may lead to a privilege escalation, denial of service or information     leaks.

    CVE-2021-4037

        Christian Brauner reported that the inode_init_owner function for         the XFS filesystem in the Linux kernel allows local users to         create files with an unintended group ownership allowing attackers         to escalate privileges by making a plain file executable and SGID.

    CVE-2022-0171

        Mingwei Zhang reported that a cache incoherence issue in the SEV         API in the KVM subsystem may result in denial of service.

    CVE-2022-1184

        A flaw was discovered in the ext4 filesystem driver which can lead         to a use-after-free. A local user permitted to mount arbitrary         filesystems could exploit this to cause a denial of service (crash         or memory corruption) or possibly for privilege escalation.

    CVE-2022-1679

        The syzbot tool found a race condition in the ath9k_htc driver         which can lead to a use-after-free.  This might be exploitable to         cause a denial service (crash or memory corruption) or possibly         for privilege escalation.

    CVE-2022-2153

        kangel reported a flaw in the KVM implementation for x86         processors which could lead to a null pointer dereference. A local         user permitted to access /dev/kvm could exploit this to cause a         denial of service (crash).

    CVE-2022-2602

        A race between handling an io_uring request and the Unix socket         garbage collector was discovered. An attacker can take advantage         of this flaw for local privilege escalation.

    CVE-2022-2663

        David Leadbeater reported flaws in the nf_conntrack_irc         connection-tracking protocol module. When this module is enabled         on a firewall, an external user on the same IRC network as an         internal user could exploit its lax parsing to open arbitrary TCP         ports in the firewall, to reveal their public IP address, or to         block their IRC connection at the firewall.

    CVE-2022-2905

        Hsin-Wei Hung reported a flaw in the eBPF verifier which can lead         to an out-of-bounds read.  If unprivileged use of eBPF is enabled,         this could leak sensitive information.  This was already disabled         by default, which would fully mitigate the vulnerability.

    CVE-2022-3028

        Abhishek Shah reported a race condition in the AF_KEY subsystem,         which could lead to an out-of-bounds write or read.  A local user         could exploit this to cause a denial of service (crash or memory         corruption), to obtain sensitive information, or possibly for         privilege escalation.

    CVE-2022-3061

        A flaw was discovered in the i740 driver which may result in         denial of service.

        This driver is not enabled in Debian's official kernel         configurations.

    CVE-2022-3176

        A use-after-free flaw was discovered in the io_uring subsystem         which may result in local privilege escalation to root.

    CVE-2022-3303

        A race condition in the snd_pcm_oss_sync function in the sound         subsystem in the Linux kernel due to improper locking may result         in denial of service.

    CVE-2022-3586 (ZDI-22-1452)

        The Zero Day Initiative reported a flaw in the sch_sfb network         scheduler, which may lead to a use-after-free and leak of         sensitive information from the kernel.

    CVE-2022-3621, CVE-2022-3646

        The syzbot tool found flaws in the nilfs2 filesystem driver which         can lead to a null pointer dereference or memory leak.  A user         permitted to mount arbitrary filesystem images could use these to         cause a denial of service (crash or resource exhaustion).

    CVE-2022-3625

        A flaw was discovered in the devlink subsystem which can lead to         a use-after-free.  The security impact of this is unclear.

    CVE-2022-3629

        The syzbot tool found a memory leak in the Virtual Socket Protocol         implementation.  A local user could exploit this to cause a denial         of service (resource exhaustion).

    CVE-2022-3633

        The Linux Verification Center found a memory leak in the SAE J1939         protocol implementation.  A local user could exploit this to cause         a denial of service (resource exhaustion).

    CVE-2022-3635

        Several race conditions were discovered in the idt77252 ATM         driver, which can lead to a use-after-free if the module is         removed.  The security impact of this is unclear.

    CVE-2022-3649

        The syzbot tool found flaws in the nilfs2 filesystem driver which         can lead to a use-after-free.  A user permitted to mount arbitrary         filesystem images could use these to cause a denial of service         (crash or memory corruption) or possibly for privilege escalation.

    CVE-2022-20421

        A use-after-free vulnerability was discovered in the         binder_inc_ref_for_node function in the Android binder driver. On         systems where the binder driver is loaded, a local user could         exploit this for privilege escalation.

    CVE-2022-20422

        A race condition was discovered in the instruction emulator for         64-bit Arm systems.  Concurrent changes to the sysctls that         control the emulator could result in a null pointer dereference.
        The security impact of this is unclear.

    CVE-2022-39188

        Jann Horn reported a race condition in the kernel's handling of         unmapping of certain memory ranges. When a driver created a memory         mapping with the VM_PFNMAP flag, which many GPU drivers do, the         memory mapping could be removed and freed before it was flushed         from the CPU TLBs. This could result in a page use-after-free. A         local user with access to such a device could exploit this to         cause a denial of service (crash or memory corruption) or possibly         for privilege escalation.

    CVE-2022-39190

        Gwangun Jung reported a flaw in the nf_tables subsystem.  A local         user could exploit this to cause a denial of service (crash).

    CVE-2022-39842

        An integer overflow was discovered in the pxa3xx-gcu video driver         which could lead to a heap out-of-bounds write.

        This driver is not enabled in Debian's official kernel         configurations.

    CVE-2022-40307

        A race condition was discovered in the EFI capsule-loader driver,         which could lead to use-after-free. A local user permitted to         access this device (/dev/efi_capsule_loader) could exploit this to         cause a denial of service (crash or memory corruption) or possibly         for privilege escalation. However, this device is normally only         accessible by the root user.

    CVE-2022-41222

        A race condition was discovered in the memory management subsystem         that can lead to stale TLB entries.  A local user could exploit         this to cause a denial of service (memory corruption or crash),         information leak, or privilege escalation.

    CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721,     CVE-2022-42722

        Soenke Huster discovered several vulnerabilities in the mac80211         subsystem triggered by WLAN frames which may result in denial of         service or the execution of arbitrary code.

    CVE-2022-43750

        The syzbot tool found that the USB monitor (usbmon) driver allowed         user-space programs to overwrite the driver's data structures.  A         local user permitted to access a USB monitor device could exploit         this to cause a denial of service (memory corruption or crash) or         possibly for privilege escalation.  However, by default only the         root user can access such devices.

    For Debian 10 buster, these problems have been fixed in version     5.10.149-2~deb10u1.  This update also fixes a regression for some     older 32-bit PCs (bug #1017425), and enables the i10nm_edac driver     (bug #1019248).  It additionally includes many more bug fixes from     stable updates 5.10.137-5.10.149 inclusive.

    We recommend that you upgrade your linux-5.10 packages.

    For the detailed security status of linux-5.10 please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/linux-5.10

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS

    --     Ben Hutchings - Debian developer, member of kernel, installer and LTS teams     Attachment:
    signature.asc     Description: This is a digitally signed message part

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of kernel-generic installed on the remote host is prior to 5.15.80 / 5.15.80_smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-333-01 advisory.

    New kernel packages are available for Slackware 15.0 to fix security issues.

Tenable has extracted the preceding description block directly from the kernel-generic security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead     to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or     member of the audio group) could use this flaw to crash the system, resulting in a denial of service     condition (CVE-2022-3303)

Note that Nessus relies on the presence of the package as reported by the vendor.

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

  - Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before     2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
    (CVE-2019-0149)

  - A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl()     printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had     been freed by gprinter_free(). (CVE-2020-27784)

  - LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.
    (CVE-2021-26401)

  - A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to     userspace. (CVE-2022-0850)

  - An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a     user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage     of memory in the flush_to_ldisc function. This flaw allows a local user to crash the system or read     unauthorized random data from memory. (CVE-2022-1462)

  - In rndis_set_response of rndis.c, there is a possible out of bounds write due to an integer overflow. This     could lead to local escalation of privilege if a malicious USB device is attached with no additional     execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:
    Android kernelAndroid ID: A-239842288References: Upstream kernel (CVE-2022-20423)

  - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and     incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted     IRC with nf_conntrack_irc configured. (CVE-2022-2663)

  - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where     virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-     free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)

  - A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from     the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length     heap-based buffer. This vulnerability allows a local attacker to escalate privileges and execute arbitrary     code in the context of the kernel. The attacker must first obtain the ability to execute high-privileged     code on the target system to exploit this vulnerability. (CVE-2022-2991)

  - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)     when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to     potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read     and copying it into a socket. (CVE-2022-3028)

  - Found Linux Kernel flaw in the i740 driver. The Userspace program could pass any values to the driver     through ioctl() interface. The driver doesn't check the value of 'pixclock', so it may cause a divide by     zero error. (CVE-2022-3061)

  - A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux     kernel. This could allow a local attacker to crash the system or leak kernel internal information.
    (CVE-2022-3202)

  - A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers     em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system     or potentially escalate their privileges on the system. (CVE-2022-3239)

  - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead     to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or     member of the audio group) could use this flaw to crash the system, resulting in a denial of service     condition (CVE-2022-3303)

  - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race     condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale     TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)

  - An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users     can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED     situations. (CVE-2022-39189)

  - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in     drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an     integer overflow and bypassing the size check. After that, because it is used as the third argument to     copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can     actually happen. (CVE-2022-39842)

  - An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a     race condition with a resultant use-after-free. (CVE-2022-40307)

  - roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel through 5.19.12 has a race condition     and resultant use-after-free in certain situations where a report is received while copying a     report->value is in progress. (CVE-2022-41850)

  - mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anon_vma double reuse.
    (CVE-2022-42703)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3809-1 advisory.

  - The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to     simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI     error injection through EINJ when securelevel is set. (CVE-2016-3695)

  - Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP     socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux     kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
    (CVE-2020-16119)

  - A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl()     printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had     been freed by gprinter_free(). (CVE-2020-27784)

  - A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size     increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS     filesystem otherwise not accessible to them. (CVE-2021-4155)

  - A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and     SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a     user privileges may crash the system or leak internal kernel information. (CVE-2021-4203)

  - Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel     (CVE-2022-20368)

  - In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input     validation. This could lead to local escalation of privilege with System execution privileges needed. User     interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:
    A-223375145References: Upstream kernel (CVE-2022-20369)

  - Dm-verity is used for extending root-of-trust to root filesystems. LoadPin builds on this property to     restrict module/firmware loads to just the trusted root filesystem. Device-mapper table reloads currently     allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass     verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and     unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for     peripherals that do not verify firmware updates. We recommend upgrading past commit     4caae58406f8ceb741603eee460d79bacca9b1b5 (CVE-2022-2503)

  - kernel: nf_tables cross-table potential use-after-free may lead to local privilege escalation     (CVE-2022-2586)

  - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation     (CVE-2022-2588)

  - Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow     an authorized user to potentially enable information disclosure via local access. (CVE-2022-26373)

  - An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and     incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted     IRC with nf_conntrack_irc configured. (CVE-2022-2663)

  - An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the     bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to     gain unauthorized access to data. (CVE-2022-2905)

  - A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where     virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-     free and create a situation where it may be possible to escalate privileges on the system. (CVE-2022-2977)

  - A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem)     when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to     potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read     and copying it into a socket. (CVE-2022-3028)

  - A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request     of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting     in a PCIe link disconnect. (CVE-2022-3169)

  - The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are     used. This occurs because of use of Algorithm 4 (Double-Hash Port Selection Algorithm) of RFC 6056.
    (CVE-2022-32296)

  - A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers     em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system     or potentially escalate their privileges on the system. (CVE-2022-3239)

  - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead     to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or     member of the audio group) could use this flaw to crash the system, resulting in a denial of service     condition (CVE-2022-3303)

  - An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in     net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879)

  - An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race     condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale     TLB entries. This only occurs in situations with VM_PFNMAP VMAs. (CVE-2022-39188)

  - An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of     service can occur upon binding to an already bound chain. (CVE-2022-39190)

  - drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information     from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.
    (CVE-2022-40768)

  - In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused     by refcount races, affecting dvb_demux_open and dvb_dmxdev_release. (CVE-2022-41218)

  - mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is     not held during a PUD move. (CVE-2022-41222)

  - An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could     cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. (CVE-2022-41674)

  - drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant     use-after-free if a physically proximate attacker removes a PCMCIA device while calling ioctl, aka a race     condition between mgslpc_ioctl and mgslpc_detach. (CVE-2022-41848)

  - drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-     after-free if a physically proximate attacker removes a USB device while calling open(), aka a race     condition between ufx_ops_open and ufx_usb_disconnect. (CVE-2022-41849)

  - A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through     5.19.x before 5.19.16 could be used by attackers (able to inject WLAN frames) to crash the kernel and     potentially execute code. (CVE-2022-42719)

  - Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through     5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-     free conditions to potentially execute code. (CVE-2022-42720)

  - A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before     5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in     turn, potentially execute code. (CVE-2022-42721)

  - In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able to inject WLAN frames into the     mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon     protection of P2P devices. (CVE-2022-42722)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of kernel installed on the remote host is prior to 5.4.217-126.408. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-037 advisory.

  - Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution     under certain microarchitecture-dependent conditions. (CVE-2022-29900)

  - Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their     retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can     hijack return instructions to achieve arbitrary speculative code execution under certain     microarchitecture-dependent conditions. (CVE-2022-29901)

  - A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead     to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or     member of the audio group) could use this flaw to crash the system, resulting in a denial of service     condition (CVE-2022-3303)

  - An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in     drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an     integer overflow and bypassing the size check. After that, because it is used as the third argument to     copy_from_user(), a heap overflow may occur. (CVE-2022-39842)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1241-1 advisory.

    The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.

    The following security bugs were fixed:

    - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF (bsc#1237918).
    - CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
    - CVE-2022-49739: gfs2: Always check inode size of inline inodes (bsc#1240207).
    - CVE-2023-52935: mm/khugepaged: fix ->anon_vma race (bsc#1240276).
    - CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
    - CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
    - CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
    - CVE-2024-56651: can: hi311x: hi3110_can_ist(): fix potential use-after-free (bsc#1235528).
    - CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
    - CVE-2024-58013: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync     (bsc#1239095).
    - CVE-2024-58014: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (bsc#1239109).
    - CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
    - CVE-2025-21718: net: rose: fix timer races against user threads (bsc#1239073).
    - CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
    - CVE-2025-21780: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (bsc#1239115).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

A race condition flaw was found in the Linux kernel sound subsystem due to improper locking. It could lead to a NULL pointer dereference while handling the SNDCTL_DSP_SYNC ioctl. A privileged local user (root or member of the audio group) could use this flaw to crash the system, resulting in a denial of service condition

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

ID	Name	Product	Family	Published	Updated	Severity
166822	Debian dla-3173 : linux-config-5.10 - security update	Nessus	Debian Local Security Checks	11/2/2022	1/22/2025	high
168270	Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2022-333-01)	Nessus	Slackware Local Security Checks	11/29/2022	9/30/2025	high
224786	Linux Distros Unpatched Vulnerability : CVE-2022-3303	Nessus	Misc.	3/5/2025	10/28/2025	medium
169864	EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2023-1147)	Nessus	Huawei Local Security Checks	1/11/2023	1/16/2024	high
166751	SUSE SLES15 Security Update : kernel (SUSE-SU-2022:3809-1)	Nessus	SuSE Local Security Checks	11/1/2022	6/26/2024	high
173106	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-070)	Nessus	Amazon Linux Local Security Checks	3/21/2023	8/22/2024	high
166494	Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-037)	Nessus	Amazon Linux Local Security Checks	10/25/2022	1/16/2024	high
234407	SUSE SLES15 Security Update : kernel (SUSE-SU-2025:1241-1)	Nessus	SuSE Local Security Checks	4/15/2025	10/28/2025	high
503004	Siemens SIMATIC Devices Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-3303)	Tenable OT Security	Tenable.ot	2/25/2025	10/29/2025	medium

Detections

Analytics

Plugins Search

high

high

medium

high

high

high

high

high

medium