FERRAMENTAS LINUX: Critical Kernel Security Patch for SUSE Linux Enterprise 12 SP5 – CVE-2022-49080 & CVE-2024-57996 Fixes

terça-feira, 10 de junho de 2025

Critical Kernel Security Patch for SUSE Linux Enterprise 12 SP5 – CVE-2022-49080 & CVE-2024-57996 Fixes

 

SUSE


SUSE Linux Enterprise 12 SP5 kernel security patch fixes CVE-2022-49080 & CVE-2024-57996. Learn how to apply updates via YaST or Zypper to prevent privilege escalation & DoS attacks. Includes CVSS scores & affected systems.

SUSE has released an important kernel security update (2025:01844-1) addressing critical vulnerabilities affecting SUSE Linux Enterprise 12 SP5

This patch resolves CVE-2022-49080 (memory policy leak) and CVE-2024-57996 (network scheduling flaw), both posing significant security risks. Enterprises relying on SUSE Linux for mission-critical operations must apply this patch immediately to prevent exploitation.

Security Vulnerabilities Patched

1. CVE-2022-49080 – Memory Policy Leak (High Severity)

  • CVSS 7.8 (v3.1) / 7.3 (v4.0)

  • Impact: Unauthorized privilege escalation via shared memory policy leaks.

  • Affected Systems: SUSE Linux Enterprise Server, High Performance Computing, and SAP Applications.

  • Fix: Kernel update prevents mpol_new leaks in shared_policy_replace.

2. CVE-2024-57996 – Network Scheduling Flaw (Critical Severity)

  • CVSS 8.5 (v4.0) / 7.8 (v3.1)

  • Impact: Denial-of-service (DoS) via malformed sch_sfq packet limits.

  • Affected Systems: All SUSE Linux Enterprise 12 SP5 deployments.

  • Fix: Kernel patch enforces packet limit validation.

How to Apply the Patch

Recommended Installation Methods

✔ YaST Online Update – Automated patching for enterprise environments.
✔ Zypper Patch – Manual update via command line:

bash
Copy
Download
zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-1844=1

Affected Packages

  • SUSE Linux Enterprise Live Patching 12-SP5 (x86_64ppc64les390x)

  • Kernel Patch: kgraft-patch-4_12_14-122_219-default-14-2.1

Why This Update Matters for Enterprises

  • Prevents privilege escalation attacks via memory leaks.

  • Mitigates network-based DoS risks in critical infrastructure.

  • Ensures compliance with enterprise security policies.

🔗 Official References:

FAQs

❓ Is this patch mandatory for SUSE Linux Enterprise users?

✅ Yes. Both CVEs are actively exploitable, making immediate patching essential.

❓ Can this update disrupt live systems?

✅ Minimal risk. SUSE’s Live Patching reduces downtime for critical servers.


Cezar Henrique at
Marcadores: Linux, Android, Segurança , , , , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)