FERRAMENTAS LINUX: Critical Linux Kernel Security Update: Live Patch 32 for SLE 15 SP4 (CVE-2022-49080 & CVE-2024-57996 Fixes)

sexta-feira, 13 de junho de 2025

Critical Linux Kernel Security Update: Live Patch 32 for SLE 15 SP4 (CVE-2022-49080 & CVE-2024-57996 Fixes)

 

SUSE


SUSE releases urgent Linux Kernel Live Patch 32 for SLE 15 SP4, addressing critical vulnerabilities CVE-2022-49080 (memory leak) and CVE-2024-57996 (network exploit). Learn patch instructions, CVSS 8.5 risks, and affected systems like SUSE Enterprise Server 15 SP4 and OpenSUSE Leap 15.4.

Why This Update Matters

The Linux Kernel is the backbone of enterprise infrastructure, and unpatched vulnerabilities can lead to severe memory leaks (CVE-2022-49080) or network exploitation (CVE-2024-57996). This SUSE update (SUSE-SU-2025:01928-1) is rated "important" and impacts:

  • SUSE Linux Enterprise Server 15 SP4

  • OpenSUSE Leap 15.4

  • SUSE Real Time/Micro/HPC deployments

 "Managing Linux servers? Enterprise-grade security tools like [Trend Micro Deep Security] or [Qualys Cloud Platform] can automate kernel patch compliance."

Vulnerability Breakdown & Risks

1. CVE-2022-49080: Memory Policy Leak (CVSS 7.3-7.8)

  • Impact: Privilege escalation via mm/mempolicy flaw.

  • Exploit Scenario: Local attackers could leak kernel memory, compromising sensitive data.

  • Patch Fix: shared_policy_replace now handles memory allocation securely.

2. CVE-2024-57996: Network Scheduling Exploit (CVSS 8.5)

  • Impact: Denial-of-service (DoS) via sch_sfq packet limit bypass.

  • Exploit Scenario: Malicious actors could crash systems by flooding scheduled queues.

  • Enterprise Risk: Critical for cloud hosts or financial systems using SUSE Real Time.

Step-by-Step Patch Instructions

For OpenSUSE Leap 15.4 / SUSE Enterprise:

bash
Copy
Download
zypper in -t patch SUSE-2025-1928=1

For Live Patching 15-SP4:

bash
Copy
Download
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1928=1

Pro Tip: Automate patches with [SUSE Manager] or [Ansible Tower] for large-scale deployments.

Affected Packages & References

ProductPackage
OpenSUSE Leap 15.4kernel-livepatch-5_14_21-default
SUSE Live Patching 15-SP4kernel-livepatch-SLE15-SP4_Update_32

Official References:

FAQ: Enterprise Linux Security

Q: Can these CVEs be exploited remotely?

A: No—both require local access, but insider threats or compromised accounts elevate risk.

Q: How does SUSE Live Patching reduce downtime?

A: Patches the kernel without reboots, ideal for 24/7 systems like SAP or Oracle DB.

Q: Are third-party kernel modules affected?

A: Yes—verify compatibility with vendors like NVIDIA or VMware.

Cezar Henrique at
Marcadores: Linux, Android, Segurança , , , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)