According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

    media: dvbdev: Fix memory leak in dvb_media_device_free()(CVE-2020-36777)

    Drivers: hv: vmbus: Use after free in __vmbus_open()(CVE-2021-47049)

    KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak(CVE-2021-47296)

    nvme-rdma: destroy cm id before destroy qp to avoid use after free(CVE-2021-47378)

    tty: Fix out-of-bound vmalloc access in imageblit(CVE-2021-47383)

    kernel:RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests(CVE-2021-47391)

    kernel: netfilter: conntrack: serialize hash resizes and cleanups(CVE-2021-47408)

    mISDN: Fix memory leak in dsp_pipeline_build()(CVE-2022-48863)

    netfilter: fix use-after-free in __nf_register_net_hook()(CVE-2022-48912)

    thermal: int340x: fix memory leak in int3400_notify()(CVE-2022-48924)

    RDMA/ib_srp: Fix a deadlock(CVE-2022-48930)

    KVM: x86/mmu: make apf token non-zero to fix bug(CVE-2022-48943)

    SUNRPC: Fix UAF in svc_tcp_listen_data_ready()(CVE-2023-52885)

    xhci: Fix null pointer dereference when host dies(CVE-2023-52898)

    media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer(CVE-2023-52915)

    A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000     xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to     malfunction or denial of service issue.(CVE-2024-24861)

    create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero     bytes, and crash, because of a missing check for ubi-leb_size.(CVE-2024-25739)

    kernel:kprobes: Fix possible use-after-free issue on kprobe registration(CVE-2024-35955)

    enic: Validate length of nl attributes in enic_set_vf_port(CVE-2024-38659)

    HID: core: remove unnecessary WARN_ON() in implement()(CVE-2024-39509)

    KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()(CVE-2024-40953)

    xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()(CVE-2024-40959)

    filelock: Remove locks reliably when fcntl/close race is detected(CVE-2024-41012)

    xfs: add bounds checking to xlog_recover_process_data(CVE-2024-41014)

    filelock: Fix fcntl/close race recovery compat path(CVE-2024-41020)

    USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor(CVE-2024-41035)

    udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port().(CVE-2024-41041)

    ppp: reject claimed-as-LCP but actually malformed packets(CVE-2024-41044)

    ASoC: topology: Fix references to freed memory(CVE-2024-41069)

    ata: libata-core: Fix double free on error(CVE-2024-41087)

    tap: add missing verification for short frame(CVE-2024-41090)

    tun: add missing verification for short frame(CVE-2024-41091)

    netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers(CVE-2024-42070)

    ftruncate: pass a signed offset(CVE-2024-42084)

    x86: stop playing stack games in profile_pc()(CVE-2024-42096)

    Revert 'mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again'(CVE-2024-42102)

    mm: avoid overflows in dirty throttling logic(CVE-2024-42131)

    IB/core: Implement a limit on UMAD receive List(CVE-2024-42145)

    bnx2x: Fix multiple UBSAN array-index-out-of-bounds(CVE-2024-42148)

    tcp_metrics: validate source addr length(CVE-2024-42154)

    media: dvb-frontends: tda10048: Fix integer overflow(CVE-2024-42223)

    crypto: aead,cipher - zeroize key buffer after use(CVE-2024-42229)

    libceph: fix race between delayed_work() and ceph_monc_stop()(CVE-2024-42232)

    USB: serial: mos7840: fix crash on resume(CVE-2024-42244)

    protect the fetch of -fd[fd] in do_dup2() from mispredictions(CVE-2024-42265)

    mISDN: Fix a use after free in hfcmulti_tx()(CVE-2024-42280)

    tipc: Return non-zero value from tipc_udp_addr2str() on error(CVE-2024-42284)

    RDMA/iwcm: Fix a use-after-free related to destroying CM IDs(CVE-2024-42285)

    scsi: qla2xxx: validate nvme_local_port correctly(CVE-2024-42286)

    scsi: qla2xxx: Fix for possible memory corruption(CVE-2024-42288)

    scsi: qla2xxx: During vport delete send async logout explicitly(CVE-2024-42289)

    kobject_uevent: Fix OOB access within zap_modalias_env()(CVE-2024-42292)

    dev/parport: fix the array out-of-bounds risk(CVE-2024-42301)

    ext4: check dot and dotdot of dx_root before making dir indexed(CVE-2024-42305)

    sysctl: always initialize i_uid/i_gid(CVE-2024-42312)

    cgroup/cpuset: Prevent UAF in proc_cpuset_show()(CVE-2024-43853)

    dma: fix call order in dmam_free_coherent(CVE-2024-43856)

    devres: Fix memory leakage caused by driver API devm_free_percpu()(CVE-2024-43871)

    exec: Fix ToCToU between perm check and set-uid/gid usage(CVE-2024-43882)

    tracing: Fix overflow in get_free_elt()(CVE-2024-43890)

    memcg: protect concurrent access to mem_cgroup_idr(CVE-2024-43892)

    serial: core: check uartclk for zero to avoid divide by zero(CVE-2024-43893)

    media: xc2028: avoid use-after-free in load_firmware_cb()(CVE-2024-43900)

    md/raid5: avoid BUG_ON() while continue reshape after reassembling(CVE-2024-43914)

    x86/mtrr: Check if fixed MTRRs exist before saving them(CVE-2024-44948)

    ipv6: prevent UAF in ip6_send_skb()(CVE-2024-44987)

    xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration(CVE-2024-45006)

    VMCI: Fix use-after-free when removing resource in vmci_resource_remove()(CVE-2024-46738)

    sch/ netem: fix use after free in netem_dequeue(CVE-2024-46800)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3215 advisory.

    The kernel packages contain the Linux kernel, the core of any Linux operating system.

    Security Fix(es):

    * kernel: net/bluetooth: race condition in conn_info_{min,max}_age_set() (CVE-2024-24857)

    * kernel: arp: Prevent overflow in arp_req_get(). (CVE-2024-26733)

    * kernel: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (CVE-2024-26851)

    * kernel: drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (CVE-2024-26940)

    * kernel: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash (CVE-2024-35854)

    * kernel: ipv4: Fix uninit-value access in __ip_make_skb() (CVE-2024-36927)

    * kernel: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (CVE-2024-36920)

    * kernel: ipv6: prevent NULL dereference in ip6_output() (CVE-2024-36901)

    * kernel: ftruncate: pass a signed offset (CVE-2024-42084)

    * kernel: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (CVE-2024-42265)

    * kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CVE-2025-21785)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-6966 advisory.

    - net: stmmac: dwmac-tegra: Read iommu stream id from device tree (Izabela Bakollari) [RHEL-75649]     {CVE-2025-21663}
    - net: stmmac: Fix zero-division error when disabling tc cbs (Izabela Bakollari) [RHEL-63931]     {CVE-2024-49977}
    - scsi: qla2xxx: Fix use after free on unload (Ewan D. Milne) [RHEL-75828] {CVE-2024-56623}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7088-1 advisory.

    Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer     overflow vulnerability. A local attacker could use this to cause a denial of service (system crash).
    (CVE-2022-36402)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - PowerPC architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - CPU frequency scaling framework;

    - Device frequency scaling framework;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - InfiniBand drivers;

    - Input Device core drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - EEPROM drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - QCOM SoC drivers;

    - Direct Digital Synthesis drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB subsystem;

    - BTRFS file system;

    - File systems infrastructure;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - NILFS2 file system;

    - BPF subsystem;

    - Core kernel;

    - DMA mapping infrastructure;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - Objagg library;

    - Memory management;

    - Amateur Radio drivers;

    - Bluetooth subsystem;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - MAC80211 subsystem;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - Wireless networking;

    - AppArmor security module;

    - Simplified Mandatory Access Control Kernel framework;

    - SoC audio core drivers;

    - USB sound devices; (CVE-2024-43894, CVE-2024-46737, CVE-2024-46828, CVE-2024-42244, CVE-2024-46723,     CVE-2024-41073, CVE-2024-46756, CVE-2024-42288, CVE-2024-46840, CVE-2024-46771, CVE-2024-46757,     CVE-2024-43860, CVE-2024-46747, CVE-2024-41017, CVE-2024-42246, CVE-2024-44988, CVE-2024-42281,     CVE-2024-36484, CVE-2024-43856, CVE-2024-47668, CVE-2024-46759, CVE-2024-46744, CVE-2024-42289,     CVE-2024-42131, CVE-2024-46679, CVE-2024-42304, CVE-2024-46818, CVE-2024-43858, CVE-2024-44960,     CVE-2024-45028, CVE-2024-26885, CVE-2024-46676, CVE-2024-46780, CVE-2024-42310, CVE-2024-44987,     CVE-2024-41090, CVE-2024-44954, CVE-2024-45026, CVE-2024-42285, CVE-2023-52614, CVE-2024-27051,     CVE-2024-43880, CVE-2024-43839, CVE-2024-43884, CVE-2024-42311, CVE-2024-43893, CVE-2024-41072,     CVE-2024-41091, CVE-2024-46758, CVE-2024-41022, CVE-2024-46745, CVE-2024-42305, CVE-2024-46673,     CVE-2024-42284, CVE-2024-46844, CVE-2024-46677, CVE-2024-45025, CVE-2024-43861, CVE-2024-43914,     CVE-2024-46783, CVE-2024-41012, CVE-2024-44999, CVE-2024-44946, CVE-2024-42276, CVE-2024-46740,     CVE-2024-42295, CVE-2024-44947, CVE-2024-41059, CVE-2024-26669, CVE-2024-38602, CVE-2024-42306,     CVE-2023-52918, CVE-2024-42297, CVE-2024-42229, CVE-2024-43853, CVE-2024-45006, CVE-2024-44998,     CVE-2024-42283, CVE-2024-44952, CVE-2024-46761, CVE-2024-43841, CVE-2024-44944, CVE-2024-42313,     CVE-2024-45008, CVE-2024-46714, CVE-2024-41065, CVE-2024-43883, CVE-2024-43867, CVE-2024-42286,     CVE-2024-43879, CVE-2024-43846, CVE-2024-42280, CVE-2024-43854, CVE-2021-47212, CVE-2024-35848,     CVE-2024-41020, CVE-2024-41068, CVE-2024-45021, CVE-2024-41098, CVE-2024-44965, CVE-2024-43890,     CVE-2024-45003, CVE-2024-44969, CVE-2024-41011, CVE-2024-46738, CVE-2024-41071, CVE-2024-26800,     CVE-2024-46721, CVE-2024-42292, CVE-2024-41081, CVE-2024-44948, CVE-2023-52531, CVE-2024-26891,     CVE-2024-26641, CVE-2024-42287, CVE-2024-46722, CVE-2024-41042, CVE-2024-46675, CVE-2024-46743,     CVE-2024-42259, CVE-2024-41015, CVE-2024-43908, CVE-2024-46719, CVE-2024-43871, CVE-2024-46739,     CVE-2024-42301, CVE-2024-47659, CVE-2024-42271, CVE-2024-26668, CVE-2024-43835, CVE-2024-46829,     CVE-2024-47667, CVE-2024-44995, CVE-2024-47669, CVE-2024-38611, CVE-2024-40929, CVE-2024-46815,     CVE-2024-43830, CVE-2024-42309, CVE-2024-41063, CVE-2024-46782, CVE-2024-46777, CVE-2024-42265,     CVE-2024-46781, CVE-2024-26607, CVE-2024-41064, CVE-2024-46685, CVE-2024-43882, CVE-2024-44935,     CVE-2024-46800, CVE-2024-46822, CVE-2024-46755, CVE-2024-46817, CVE-2024-43829, CVE-2024-46798,     CVE-2024-46689, CVE-2024-42290, CVE-2024-46750, CVE-2024-26640, CVE-2024-47663, CVE-2024-41070)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7088-2 advisory.

    Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer     overflow vulnerability. A local attacker could use this to cause a denial of service (system crash).
    (CVE-2022-36402)

    Several security issues were discovered in the Linux kernel. An attacker could possibly use these to     compromise the system. This update corrects flaws in the following subsystems:

    - ARM64 architecture;

    - PowerPC architecture;

    - User-Mode Linux (UML);

    - x86 architecture;

    - Block layer subsystem;

    - Cryptographic API;

    - Android drivers;

    - Serial ATA and Parallel ATA drivers;

    - ATM drivers;

    - Drivers core;

    - CPU frequency scaling framework;

    - Device frequency scaling framework;

    - GPU drivers;

    - HID subsystem;

    - Hardware monitoring drivers;

    - InfiniBand drivers;

    - Input Device core drivers;

    - Input Device (Miscellaneous) drivers;

    - IOMMU subsystem;

    - IRQ chip drivers;

    - ISDN/mISDN subsystem;

    - LED subsystem;

    - Multiple devices driver;

    - Media drivers;

    - EEPROM drivers;

    - VMware VMCI Driver;

    - MMC subsystem;

    - Network drivers;

    - Near Field Communication (NFC) drivers;

    - NVME drivers;

    - Device tree and open firmware driver;

    - Parport drivers;

    - PCI subsystem;

    - Pin controllers subsystem;

    - Remote Processor subsystem;

    - S/390 drivers;

    - SCSI drivers;

    - QCOM SoC drivers;

    - Direct Digital Synthesis drivers;

    - TTY drivers;

    - Userspace I/O drivers;

    - DesignWare USB3 driver;

    - USB Gadget drivers;

    - USB Serial drivers;

    - BTRFS file system;

    - File systems infrastructure;

    - Ext4 file system;

    - F2FS file system;

    - JFS file system;

    - NILFS2 file system;

    - BPF subsystem;

    - Core kernel;

    - DMA mapping infrastructure;

    - Tracing infrastructure;

    - Radix Tree data structure library;

    - Kernel userspace event delivery library;

    - Objagg library;

    - Memory management;

    - Amateur Radio drivers;

    - Bluetooth subsystem;

    - CAN network layer;

    - Networking core;

    - Ethtool driver;

    - IPv4 networking;

    - IPv6 networking;

    - IUCV driver;

    - KCM (Kernel Connection Multiplexor) sockets driver;

    - MAC80211 subsystem;

    - Netfilter;

    - Network traffic control;

    - SCTP protocol;

    - Sun RPC protocol;

    - TIPC protocol;

    - TLS protocol;

    - Wireless networking;

    - AppArmor security module;

    - Simplified Mandatory Access Control Kernel framework;

    - SoC audio core drivers;

    - USB sound devices; (CVE-2024-46714, CVE-2024-42288, CVE-2024-42290, CVE-2024-44987, CVE-2024-41090,     CVE-2024-42313, CVE-2024-46689, CVE-2024-46737, CVE-2024-44946, CVE-2024-44999, CVE-2024-44935,     CVE-2024-38602, CVE-2024-43883, CVE-2024-26607, CVE-2024-41091, CVE-2024-45025, CVE-2024-42305,     CVE-2024-26891, CVE-2024-41073, CVE-2024-44969, CVE-2024-26641, CVE-2024-46719, CVE-2024-40929,     CVE-2024-46721, CVE-2024-46740, CVE-2024-41012, CVE-2024-42280, CVE-2024-46738, CVE-2024-46722,     CVE-2024-42246, CVE-2024-41063, CVE-2024-41072, CVE-2024-41068, CVE-2024-43884, CVE-2024-46758,     CVE-2024-43861, CVE-2024-42306, CVE-2024-42285, CVE-2024-41065, CVE-2024-46818, CVE-2024-43894,     CVE-2024-44954, CVE-2024-42310, CVE-2024-46829, CVE-2023-52614, CVE-2024-47663, CVE-2024-42281,     CVE-2024-42297, CVE-2024-46800, CVE-2024-44960, CVE-2024-44952, CVE-2024-46747, CVE-2024-42286,     CVE-2024-41071, CVE-2024-43893, CVE-2023-52531, CVE-2024-43860, CVE-2024-46840, CVE-2024-41011,     CVE-2024-43890, CVE-2024-45026, CVE-2024-42292, CVE-2024-27051, CVE-2024-41015, CVE-2024-47668,     CVE-2024-46817, CVE-2024-43846, CVE-2024-44988, CVE-2024-44944, CVE-2024-43829, CVE-2024-45021,     CVE-2024-43914, CVE-2024-43856, CVE-2024-46673, CVE-2024-46771, CVE-2024-41081, CVE-2024-43830,     CVE-2024-43839, CVE-2024-43853, CVE-2024-47669, CVE-2024-42244, CVE-2021-47212, CVE-2024-46844,     CVE-2024-44965, CVE-2024-41059, CVE-2024-46783, CVE-2024-42295, CVE-2024-35848, CVE-2024-41017,     CVE-2024-47659, CVE-2024-42309, CVE-2024-26800, CVE-2024-41064, CVE-2024-43879, CVE-2024-46679,     CVE-2024-43854, CVE-2024-41022, CVE-2024-43858, CVE-2024-46739, CVE-2024-46685, CVE-2024-42289,     CVE-2024-44998, CVE-2024-46761, CVE-2024-46677, CVE-2024-42131, CVE-2024-46815, CVE-2024-46777,     CVE-2024-43880, CVE-2024-42276, CVE-2024-42265, CVE-2024-46723, CVE-2024-42259, CVE-2024-45028,     CVE-2024-42229, CVE-2024-42283, CVE-2024-44948, CVE-2024-44995, CVE-2024-46757, CVE-2024-46822,     CVE-2024-45006, CVE-2024-46780, CVE-2024-26668, CVE-2024-42284, CVE-2024-46782, CVE-2024-46781,     CVE-2024-43871, CVE-2024-42304, CVE-2024-42311, CVE-2024-45003, CVE-2024-46745, CVE-2024-41098,     CVE-2024-46750, CVE-2024-47667, CVE-2024-41020, CVE-2024-26640, CVE-2024-41070, CVE-2024-42301,     CVE-2024-43882, CVE-2024-45008, CVE-2024-26885, CVE-2024-42287, CVE-2024-46744, CVE-2024-43908,     CVE-2024-46798, CVE-2023-52918, CVE-2024-36484, CVE-2024-43841, CVE-2024-41042, CVE-2024-38611,     CVE-2024-43867, CVE-2024-26669, CVE-2024-42271, CVE-2024-46756, CVE-2024-44947, CVE-2024-43835,     CVE-2024-46676, CVE-2024-46743, CVE-2024-46759, CVE-2024-46675, CVE-2024-46828, CVE-2024-46755)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3564-1 advisory.

    The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001).
    - CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
    - CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (bsc#1230240).
    - CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206).
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch (bsc#1230195).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling (bsc#1230169).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter (bsc#1230432).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order     0 (bsc#1230435).
    - CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow disk (bsc#1230455).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()     (bsc#1230518).
    - CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section (bsc#1230526).
    - CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call (bsc#1230520).
    - CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes (bsc#1230521).
    - CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers (bsc#1230540).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop (bsc#1230704).
    - CVE-2024-46735: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() (bsc#1230727).
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3569-1 advisory.

    The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2022-48901: btrfs: do not start relocation until in progress drops are done  (bsc#1229607).
    - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.  (bsc#1229633).
    - CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment (bsc#1229662)
    - CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
    - CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
    - CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
    - CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
    - CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
    - CVE-2024-26767: drm/amd/display: fixed integer types and null check locations  (bsc#1230339).
    - CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
    - CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of     the list of MDB events to replay (bsc#1222973).
    - CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
    - CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
    - CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
    - CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
    - CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
    - CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
    - CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
    - CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command  (bsc#1228620 CVE-2024-41082).
    - CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
    - CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156)
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
    - CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
    - CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
    - CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
    - CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
    - CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
    - CVE-2024-43912: wifi: nl80211: disallow setting special AP channel widths (bsc#1229830)
    - CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
    - CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
    - CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
    - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
    - CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
    - CVE-2024-44952: driver core: Fix uevent_show() vs driver detach race  (bsc#1230178).
    - CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
    - CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() (bsc#1230211).
    - CVE-2024-44986: ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230230)
    - CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
    - CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
    - CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference (bsc#1230193).
    - CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok (bsc#1230194).
    - CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx() (bsc#1230171).
    - CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
    - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245).
    - CVE-2024-45007: char: xillybus: Refine workqueue handling (bsc#1230175).
    - CVE-2024-45008: Input: MT - limit max slots (bsc#1230248).
    - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442).
    - CVE-2024-45015: drm/msm/dpu: move dpu_encoder's connector assignment to (bsc#1230444)
    - CVE-2024-45018: netfilter: flowtable: initialise extack before use (bsc#1230431).
    - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434).
    - CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe (bsc#1230451).
    - CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure (bsc#1230506).
    - CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe  error path (bsc#1230507).
    - CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
    - CVE-2024-46679: ethtool: check device is present when getting link settings (bsc#1230556).
    - CVE-2024-46685: pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1230515)
    - CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1230517).
    - CVE-2024-46689: soc: qcom: cmd-db: Map shared memory as WC, not WB (bsc#1230524)
    - CVE-2024-46702: thunderbolt: Mark XDomain as unplugged when router is removed (bsc#1230589)
    - CVE-2024-46707: KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3  (bsc#1230582).
    - CVE-2024-46715: driver: iio: add missing checks on iio_info's callback access  (bsc#1230700).
    - CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
    - CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710)
    - CVE-2024-46728: drm/amd/display: Check index for aux_rd_interval before using (bsc#1230703)
    - CVE-2024-46730: drm/amd/display: Ensure array index tg_inst won't be -1 (bsc#1230701)
    - CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in interrupt map walk (bsc#1230756).
    - CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at btrfs_lookup_extent_info()     (bsc#1230786).
    - CVE-2024-46752: btrfs: reduce nesting for extent processing at btrfs_lookup_extent_info() (bsc#1230794).
    - CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly (bsc#1230796).
    - CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used (bsc#1230772).
    - CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg() (bsc#1230810).
    - CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
    - CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
    - CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry (bsc#1231120).
    - CVE-2024-46830: KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS  (bsc#1231116).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12780 advisory.

    - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez)     [Orabug: 37037205] {CVE-2024-46738}
    - exec: Fix ToCToU between perm check and set-uid/gid usage (Kees Cook) [Orabug: 36984017]     {CVE-2024-43882}
    - drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (Andi Shyti) [Orabug: 36953969]     {CVE-2024-42259}
    - netfilter: nf_tables: prefer nft_chain_validate (Florian Westphal) [Orabug: 36896846] {CVE-2024-41042}
    - netfilter: nf_tables: use timestamp to check for set element timeout (Pablo Neira Ayuso) [Orabug:
    36630432] {CVE-2024-27397}
    - x86/mtrr: Check if fixed MTRRs exist before saving them (Andi Kleen) [Orabug: 37028936] {CVE-2024-44948}
    - tracing: Fix overflow in get_free_elt() (Tze-nan Wu) [Orabug: 36992998] {CVE-2024-43890}
    - serial: core: check uartclk for zero to avoid divide by zero (George Kennedy) [Orabug: 36993009]     {CVE-2024-43893}
    - tick/broadcast: Move per CPU pointer access into the atomic section (Thomas Gleixner) [Orabug: 37036032]     {CVE-2024-44968}
    - usb: gadget: core: Check for unset descriptor (Chris Wulff) [Orabug: 37028988] {CVE-2024-44960}
    - usb: vhci-hcd: Do not drop references before new references are gained (Oliver Neukum) [Orabug:
    36992971] {CVE-2024-43883}
    - ALSA: line6: Fix racy access to midibuf (Takashi Iwai) [Orabug: 37028957] {CVE-2024-44954}
    - drm/client: fix null pointer dereference in drm_client_modeset_probe (Ma Ke) [Orabug: 36993014]     {CVE-2024-43894}
    - s390/sclp: Prevent release of buffer in I/O (Peter Oberparleiter) [Orabug: 37029020] {CVE-2024-44969}
    - drm/amdgpu: Fix the null pointer dereference to ras_manager (Ma Jun) [Orabug: 36993084] {CVE-2024-43908}
    - md/raid5: avoid BUG_ON() while continue reshape after reassembling (Yu Kuai) [Orabug: 36993127]     {CVE-2024-43914}
    - net: usb: qmi_wwan: fix memory leak for not ip packets (Daniele Palmas) [Orabug: 36983959]     {CVE-2024-43861}
    - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Kuniyuki Iwashima) [Orabug: 36993147]     {CVE-2024-44935}
    - x86/mm: Fix pti_clone_pgtable() alignment assumption (Peter Zijlstra) [Orabug: 37029012]     {CVE-2024-44965}
    - protect the fetch of ->fd[fd] in do_dup2() from mispredictions (Al Viro) [Orabug: 36963808]     {CVE-2024-42265}
    - net/iucv: fix use after free in iucv_sock_close() (Alexandra Winter) [Orabug: 36964006] {CVE-2024-42271}
    - drm/nouveau: prime: fix refcount underflow (Danilo Krummrich) [Orabug: 36983979] {CVE-2024-43867}
    - remoteproc: imx_rproc: Skip over memory region when node value is NULL (Aleksandr Mishin) [Orabug:
    36964537] {CVE-2024-43860}
    - irqchip/imx-irqsteer: Handle runtime power management correctly (Shenwei Wang) [Orabug: 36964085]     {CVE-2024-42290}
    - devres: Fix memory leakage caused by driver API devm_free_percpu() (Zijun Hu) [Orabug: 36983991]     {CVE-2024-43871}
    - dev/parport: fix the array out-of-bounds risk (tuhaowen) [Orabug: 36964223] {CVE-2024-42301}
    - mm: avoid overflows in dirty throttling logic (Jan Kara) [Orabug: 36897803] {CVE-2024-42131}
    - nvme-pci: add missing condition check for existence of mapped data (Leon Romanovsky) [Orabug: 36964022]     {CVE-2024-42276}
    - mISDN: Fix a use after free in hfcmulti_tx() (Dan Carpenter) [Orabug: 36964032] {CVE-2024-42280}
    - bpf: Fix a segment issue when downgrading gso_size (Fred Li) [Orabug: 36964038] {CVE-2024-42281}
    - net: nexthop: Initialize all fields in dumped nexthops (Petr Machata) [Orabug: 36964044]     {CVE-2024-42283}
    - tipc: Return non-zero value from tipc_udp_addr2str() on error (Shigeru Yoshida) [Orabug: 36964047]     {CVE-2024-42284}
    - dma: fix call order in dmam_free_coherent (Lance Richardson) [Orabug: 36964523] {CVE-2024-43856}
    - jfs: Fix array-index-out-of-bounds in diFree (Jeongjun Park) [Orabug: 36964530] {CVE-2024-43858}
    - nilfs2: handle inconsistent state in nilfs_btnode_create_block() (Ryusuke Konishi) [Orabug: 36964203]     {CVE-2024-42295}
    - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Bart Van Assche) [Orabug: 36964054]     {CVE-2024-42285}
    - scsi: qla2xxx: validate nvme_local_port correctly (Nilesh Javali) [Orabug: 36964059] {CVE-2024-42286}
    - scsi: qla2xxx: Complete command early within lock (Shreyas Deodhar) [Orabug: 36964065] {CVE-2024-42287}
    - scsi: qla2xxx: Fix for possible memory corruption (Shreyas Deodhar) [Orabug: 36964070] {CVE-2024-42288}
    - scsi: qla2xxx: During vport delete send async logout explicitly (Manish Rangankar) [Orabug: 36964080]     {CVE-2024-42289}
    - kobject_uevent: Fix OOB access within zap_modalias_env() (Zijun Hu) [Orabug: 36964092] {CVE-2024-42292}
    - f2fs: fix to don't dirty inode for readonly filesystem (Chao Yu) [Orabug: 36964213] {CVE-2024-42297}
    - ext4: make sure the first directory block is not a hole (Baokun Li) [Orabug: 36964232] {CVE-2024-42304}
    - ext4: check dot and dotdot of dx_root before making dir indexed (Baokun Li) [Orabug: 36964237]     {CVE-2024-42305}
    - udf: Avoid using corrupted block bitmap buffer (Jan Kara) [Orabug: 36964242] {CVE-2024-42306}
    - drm/amd/display: Check for NULL pointer (Sung Joon Kim) [Orabug: 36964247] {CVE-2024-42308}
    - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (Ma Ke) [Orabug: 36964253]     {CVE-2024-42309}
    - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (Ma Ke) [Orabug: 36964260]     {CVE-2024-42310}
    - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (Chao Yu) [Orabug: 36964265]     {CVE-2024-42311}
    - media: venus: fix use after free in vdec_close (Dikshita Agarwal) [Orabug: 36964275] {CVE-2024-42313}
    - netfilter: ctnetlink: use helper function to calculate expect ID (Pablo Neira Ayuso) [Orabug: 37013755]     {CVE-2024-44944}
    - drm/qxl: Add check for drm_cvt_mode (Chen Ni) [Orabug: 36964456] {CVE-2024-43829}
    - leds: trigger: Unregister sysfs attributes before calling deactivate() (Hans de Goede) [Orabug:
    36964459] {CVE-2024-43830}
    - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (Alexey Kodanev) [Orabug: 36964480]     {CVE-2024-43839}
    - wifi: virt_wifi: avoid reporting connection success with wrong SSID (En-Wei Wu) [Orabug: 36964487]     {CVE-2024-43841}
    - wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (Baochen Qiang) [Orabug:
    36984010] {CVE-2024-43879}
    - mlxsw: spectrum_acl_erp: Fix object nesting warning (Ido Schimmel) [Orabug: 36984013] {CVE-2024-43880}
    - lib: objagg: Fix general protection fault (Ido Schimmel) [Orabug: 36964495] {CVE-2024-43846}
    - tap: add missing verification for short frame (Si-Wei Liu)   [Orabug: 36660755] {CVE-2024-41090}
    - tun: add missing verification for short frame (Dongli Zhang)   [Orabug: 36660755] {CVE-2024-41091}
    - filelock: Fix fcntl/close race recovery compat path (Jann Horn) [Orabug: 36896789] {CVE-2024-41020}     {CVE-2024-41012}
    - jfs: don't walk off the end of ealist (lei lu) [Orabug: 36891667] {CVE-2024-41017}
    - ocfs2: add bounds checking to ocfs2_check_dir_entry() (lei lu) [Orabug: 36891655] {CVE-2024-41015}
    - hfsplus: fix uninit-value in copy_name (Edward Adam Davis) [Orabug: 36896969] {CVE-2024-41059}
    - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (Tetsuo Handa) [Orabug: 36896994]     {CVE-2024-41063}
    - powerpc/eeh: avoid possible crash when edev->pdev changes (Ganesh Goudar) [Orabug: 36897003]     {CVE-2024-41064}
    - powerpc/pseries: Whitelist dtl slub object for copying to userspace (Anjali K) [Orabug: 36897009]     {CVE-2024-41065}
    - s390/sclp: Fix sclp_init() cleanup on failure (Heiko Carstens) [Orabug: 36897032] {CVE-2024-41068}
    - KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (Michael Ellerman) [Orabug:
    36897048] {CVE-2024-41070}
    - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (Dmitry Antipov) [Orabug: 36897312]     {CVE-2024-41072}
    - ila: block BH in ila_output() (Eric Dumazet) [Orabug: 36897360] {CVE-2024-41081}
    - filelock: Remove locks reliably when fcntl/close race is detected (Jann Horn) [Orabug: 36874758]     {CVE-2024-41012} {CVE-2024-41020}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12782 advisory.

    - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez)     [Orabug: 37037205] {CVE-2024-46738}
    - exec: Fix ToCToU between perm check and set-uid/gid usage (Kees Cook) [Orabug: 36984017]     {CVE-2024-43882}
    - drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (Andi Shyti) [Orabug: 36953969]     {CVE-2024-42259}
    - netfilter: nf_tables: prefer nft_chain_validate (Florian Westphal) [Orabug: 36896846] {CVE-2024-41042}
    - netfilter: nf_tables: use timestamp to check for set element timeout (Pablo Neira Ayuso) [Orabug:
    36630432] {CVE-2024-27397}
    - x86/mtrr: Check if fixed MTRRs exist before saving them (Andi Kleen) [Orabug: 37028936] {CVE-2024-44948}
    - tracing: Fix overflow in get_free_elt() (Tze-nan Wu) [Orabug: 36992998] {CVE-2024-43890}
    - serial: core: check uartclk for zero to avoid divide by zero (George Kennedy) [Orabug: 36993009]     {CVE-2024-43893}
    - tick/broadcast: Move per CPU pointer access into the atomic section (Thomas Gleixner) [Orabug: 37036032]     {CVE-2024-44968}
    - usb: gadget: core: Check for unset descriptor (Chris Wulff) [Orabug: 37028988] {CVE-2024-44960}
    - usb: vhci-hcd: Do not drop references before new references are gained (Oliver Neukum) [Orabug:
    36992971] {CVE-2024-43883}
    - ALSA: line6: Fix racy access to midibuf (Takashi Iwai) [Orabug: 37028957] {CVE-2024-44954}
    - drm/client: fix null pointer dereference in drm_client_modeset_probe (Ma Ke) [Orabug: 36993014]     {CVE-2024-43894}
    - s390/sclp: Prevent release of buffer in I/O (Peter Oberparleiter) [Orabug: 37029020] {CVE-2024-44969}
    - drm/amdgpu: Fix the null pointer dereference to ras_manager (Ma Jun) [Orabug: 36993084] {CVE-2024-43908}
    - md/raid5: avoid BUG_ON() while continue reshape after reassembling (Yu Kuai) [Orabug: 36993127]     {CVE-2024-43914}
    - net: usb: qmi_wwan: fix memory leak for not ip packets (Daniele Palmas) [Orabug: 36983959]     {CVE-2024-43861}
    - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Kuniyuki Iwashima) [Orabug: 36993147]     {CVE-2024-44935}
    - x86/mm: Fix pti_clone_pgtable() alignment assumption (Peter Zijlstra) [Orabug: 37029012]     {CVE-2024-44965}
    - protect the fetch of ->fd[fd] in do_dup2() from mispredictions (Al Viro) [Orabug: 36963808]     {CVE-2024-42265}
    - net/iucv: fix use after free in iucv_sock_close() (Alexandra Winter) [Orabug: 36964006] {CVE-2024-42271}
    - drm/nouveau: prime: fix refcount underflow (Danilo Krummrich) [Orabug: 36983979] {CVE-2024-43867}
    - remoteproc: imx_rproc: Skip over memory region when node value is NULL (Aleksandr Mishin) [Orabug:
    36964537] {CVE-2024-43860}
    - irqchip/imx-irqsteer: Handle runtime power management correctly (Shenwei Wang) [Orabug: 36964085]     {CVE-2024-42290}
    - devres: Fix memory leakage caused by driver API devm_free_percpu() (Zijun Hu) [Orabug: 36983991]     {CVE-2024-43871}
    - dev/parport: fix the array out-of-bounds risk (tuhaowen) [Orabug: 36964223] {CVE-2024-42301}
    - mm: avoid overflows in dirty throttling logic (Jan Kara) [Orabug: 36897803] {CVE-2024-42131}
    - nvme-pci: add missing condition check for existence of mapped data (Leon Romanovsky) [Orabug: 36964022]     {CVE-2024-42276}
    - mISDN: Fix a use after free in hfcmulti_tx() (Dan Carpenter) [Orabug: 36964032] {CVE-2024-42280}
    - bpf: Fix a segment issue when downgrading gso_size (Fred Li) [Orabug: 36964038] {CVE-2024-42281}
    - net: nexthop: Initialize all fields in dumped nexthops (Petr Machata) [Orabug: 36964044]     {CVE-2024-42283}
    - tipc: Return non-zero value from tipc_udp_addr2str() on error (Shigeru Yoshida) [Orabug: 36964047]     {CVE-2024-42284}
    - dma: fix call order in dmam_free_coherent (Lance Richardson) [Orabug: 36964523] {CVE-2024-43856}
    - jfs: Fix array-index-out-of-bounds in diFree (Jeongjun Park) [Orabug: 36964530] {CVE-2024-43858}
    - nilfs2: handle inconsistent state in nilfs_btnode_create_block() (Ryusuke Konishi) [Orabug: 36964203]     {CVE-2024-42295}
    - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Bart Van Assche) [Orabug: 36964054]     {CVE-2024-42285}
    - scsi: qla2xxx: validate nvme_local_port correctly (Nilesh Javali) [Orabug: 36964059] {CVE-2024-42286}
    - scsi: qla2xxx: Complete command early within lock (Shreyas Deodhar) [Orabug: 36964065] {CVE-2024-42287}
    - scsi: qla2xxx: Fix for possible memory corruption (Shreyas Deodhar) [Orabug: 36964070] {CVE-2024-42288}
    - scsi: qla2xxx: During vport delete send async logout explicitly (Manish Rangankar) [Orabug: 36964080]     {CVE-2024-42289}
    - kobject_uevent: Fix OOB access within zap_modalias_env() (Zijun Hu) [Orabug: 36964092] {CVE-2024-42292}
    - f2fs: fix to don't dirty inode for readonly filesystem (Chao Yu) [Orabug: 36964213] {CVE-2024-42297}
    - ext4: make sure the first directory block is not a hole (Baokun Li) [Orabug: 36964232] {CVE-2024-42304}
    - ext4: check dot and dotdot of dx_root before making dir indexed (Baokun Li) [Orabug: 36964237]     {CVE-2024-42305}
    - udf: Avoid using corrupted block bitmap buffer (Jan Kara) [Orabug: 36964242] {CVE-2024-42306}
    - drm/amd/display: Check for NULL pointer (Sung Joon Kim) [Orabug: 36964247] {CVE-2024-42308}
    - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (Ma Ke) [Orabug: 36964253]     {CVE-2024-42309}
    - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (Ma Ke) [Orabug: 36964260]     {CVE-2024-42310}
    - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (Chao Yu) [Orabug: 36964265]     {CVE-2024-42311}
    - media: venus: fix use after free in vdec_close (Dikshita Agarwal) [Orabug: 36964275] {CVE-2024-42313}
    - netfilter: ctnetlink: use helper function to calculate expect ID (Pablo Neira Ayuso) [Orabug: 37013755]     {CVE-2024-44944}
    - drm/qxl: Add check for drm_cvt_mode (Chen Ni) [Orabug: 36964456] {CVE-2024-43829}
    - leds: trigger: Unregister sysfs attributes before calling deactivate() (Hans de Goede) [Orabug:
    36964459] {CVE-2024-43830}
    - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (Alexey Kodanev) [Orabug: 36964480]     {CVE-2024-43839}
    - wifi: virt_wifi: avoid reporting connection success with wrong SSID (En-Wei Wu) [Orabug: 36964487]     {CVE-2024-43841}
    - wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (Baochen Qiang) [Orabug:
    36984010] {CVE-2024-43879}
    - mlxsw: spectrum_acl_erp: Fix object nesting warning (Ido Schimmel) [Orabug: 36984013] {CVE-2024-43880}
    - lib: objagg: Fix general protection fault (Ido Schimmel) [Orabug: 36964495] {CVE-2024-43846}
    - tap: add missing verification for short frame (Si-Wei Liu)   [Orabug: 36660755] {CVE-2024-41090}
    - tun: add missing verification for short frame (Dongli Zhang)   [Orabug: 36660755] {CVE-2024-41091}
    - filelock: Fix fcntl/close race recovery compat path (Jann Horn) [Orabug: 36896789] {CVE-2024-41020}     {CVE-2024-41012}
    - jfs: don't walk off the end of ealist (lei lu) [Orabug: 36891667] {CVE-2024-41017}
    - ocfs2: add bounds checking to ocfs2_check_dir_entry() (lei lu) [Orabug: 36891655] {CVE-2024-41015}
    - hfsplus: fix uninit-value in copy_name (Edward Adam Davis) [Orabug: 36896969] {CVE-2024-41059}
    - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (Tetsuo Handa) [Orabug: 36896994]     {CVE-2024-41063}
    - powerpc/eeh: avoid possible crash when edev->pdev changes (Ganesh Goudar) [Orabug: 36897003]     {CVE-2024-41064}
    - powerpc/pseries: Whitelist dtl slub object for copying to userspace (Anjali K) [Orabug: 36897009]     {CVE-2024-41065}
    - s390/sclp: Fix sclp_init() cleanup on failure (Heiko Carstens) [Orabug: 36897032] {CVE-2024-41068}
    - KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (Michael Ellerman) [Orabug:
    36897048] {CVE-2024-41070}
    - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (Dmitry Antipov) [Orabug: 36897312]     {CVE-2024-41072}
    - ila: block BH in ila_output() (Eric Dumazet) [Orabug: 36897360] {CVE-2024-41081}
    - filelock: Remove locks reliably when fcntl/close race is detected (Jann Horn) [Orabug: 36874758]     {CVE-2024-41012} {CVE-2024-41020}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02849-1 advisory.

    The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.


    The following security bugs were fixed:

    - CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160).
    - CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104).
    - CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
    - CVE-2023-53117: fs: prevent out-of-bounds array speculation when closing a file descriptor     (bsc#1242780).
    - CVE-2024-26643: Fixed mark set as dead when unbinding anonymous  set with timeout (bsc#1221829).
    - CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
    - CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863).
    - CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
    - CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799).
    - CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217).
    - CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000).
    - CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045).
    - CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073).
    - CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029).
    - CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037).
    - CVE-2025-38257: s390/pkey: Prevent overflow in size calculation for memdup_user() (bsc#1246186).
    - CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781).
    - CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437).
    - CVE-2025-38477: net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class     (bsc#1247314).
    - CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349).
    - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID     (bsc#1247348).
    - CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347).


Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
210654	EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2832)	Nessus	Huawei Local Security Checks	11/8/2024	11/8/2024	high
233510	RHEL 9 : kernel (RHSA-2025:3215)	Nessus	Red Hat Local Security Checks	3/29/2025	6/5/2025	high
239850	TencentOS Server 4: kernel (TSSA-2024:0980)	Nessus	Tencent Local Security Checks	6/16/2025	11/20/2025	high
236028	Alibaba Cloud Linux 3 : 0275: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2024:0275)	Nessus	Alibaba Cloud Linux Local Security Checks	5/14/2025	9/23/2025	high
237030	Oracle Linux 9 : kernel (ELSA-2025-6966)	Nessus	Oracle Linux Local Security Checks	5/22/2025	2/9/2026	critical
210006	Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-7088-1)	Nessus	Ubuntu Local Security Checks	10/31/2024	9/24/2025	high
210256	Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-7088-2)	Nessus	Ubuntu Local Security Checks	11/5/2024	9/24/2025	high
208667	SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:3564-1)	Nessus	SuSE Local Security Checks	10/10/2024	9/24/2025	high
208671	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2024:3569-1)	Nessus	SuSE Local Security Checks	10/10/2024	1/6/2026	high
208953	Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12780)	Nessus	Oracle Linux Local Security Checks	10/14/2024	2/9/2026	high
209005	Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2024-12782)	Nessus	Oracle Linux Local Security Checks	10/14/2024	2/9/2026	high
252245	SUSE SLES15 Security Update : kernel (SUSE-SU-2025:02849-1)	Nessus	SuSE Local Security Checks	8/19/2025	9/24/2025	medium

Detections

Analytics

Plugins Search

high

high

high

high

critical

high

high

high

high

high

high

medium