FERRAMENTAS LINUX: Critical Linux Kernel Security Update: Live Patch 33 for SLE 15 SP4 (CVE-2022-49080 & CVE-2024-57996 Fixes)

sábado, 14 de junho de 2025

Critical Linux Kernel Security Update: Live Patch 33 for SLE 15 SP4 (CVE-2022-49080 & CVE-2024-57996 Fixes)

 

SUSE

SUSE releases urgent Linux Kernel Live Patch 33 for SLE 15 SP4, addressing critical vulnerabilities CVE-2022-49080 (memory leak) and CVE-2024-57996 (network exploit). Learn how to secure your systems with this high-priority update, including patch commands for openSUSE Leap and Enterprise distributions.

Why This Update Matters

The Linux Kernel is the backbone of enterprise infrastructure, and unpatched vulnerabilities can lead to severe security breaches. This high-priority update (rated "important" by SUSE) fixes two critical flaws:

  1. CVE-2022-49080: A memory leak in mm/mempolicy allowing privilege escalation.

  2. CVE-2024-57996: A networking flaw in sch_sfq enabling denial-of-service attacks.

Affected systems include:

  • SUSE Linux Enterprise Server 15 SP4

  • openSUSE Leap 15.4

  • SUSE Linux Enterprise Real Time 15 SP4

  • SUSE Linux Enterprise for SAP Applications 15 SP4

🔴 CVSS Scores: Up to 8.5 (High Severity) – Immediate patching is recommended.

Patch Instructions & Installation Guide

For openSUSE Leap 15.4

bash
Copy
Download
zypper in -t patch SUSE-2025-1935=1 SUSE-2025-1936=1

For SUSE Linux Enterprise Live Patching 15-SP4

bash
Copy
Download
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1935=1 SUSE-SLE-Module-Live-Patching-15-SP4-2025-1936=1

Alternative methods:

  • Use YaST Online Update for automated patching.

  • Enterprise users should consult SUSE Manager for centralized deployment.

Technical Deep Dive: Vulnerabilities Fixed

1. CVE-2022-49080: Memory Leak Exploit

  • Impact: Local attackers could exploit a flaw in shared_policy_replace to leak kernel memory.

  • CVSS 4.0 Score7.3 (High) – Requires local access but can escalate privileges.

  • Patch: Kernel now properly releases memory allocations.

2. CVE-2024-57996: Network Scheduling Vulnerability

  • Impact: Malicious actors could abuse sch_sfq (Stochastic Fair Queueing) to crash systems.

  • CVSS 4.0 Score8.5 (Critical) – Exploitable via crafted network packets.

  • Patch: Enforces minimum packet limits to prevent exploitation.

Enterprise Implications & Best Practices

🚀 Why This Matters for Businesses:

  • Compliance: Unpatched systems may violate ISO 27001NIST, or GDPR requirements.

  • Risk Mitigation: Reduces exposure to zero-day exploits in production environments.

  • Performance: Fixes kernel-level inefficiencies affecting real-time workloads.

Recommended Actions:

Schedule maintenance windows for patching.

Test updates in staging environments first.

Monitor SUSE Security Advisories for future patches.

FAQ: Linux Kernel Security Update

Q: Can these vulnerabilities be exploited remotely?
A: CVE-2024-57996 is network-accessible, while CVE-2022-49080 requires local access.

Q: Is a reboot required after patching?
A: No – Live Patching applies fixes without restarting systems.

Q: How do I verify the patch is active?
A: Run uname -r and cross-check with SUSE’s Security Portal.

Cezar Henrique at
Marcadores: Linux, Android, Segurança , , , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)