FERRAMENTAS LINUX: Critical Linux Kernel Security Update: Live Patch 36 for SLE 15 SP4 (CVE-2022-49080 & CVE-2024-57996 Fixes)

sexta-feira, 13 de junho de 2025

Critical Linux Kernel Security Update: Live Patch 36 for SLE 15 SP4 (CVE-2022-49080 & CVE-2024-57996 Fixes)

 

SUSE

SUSE has released a critical Linux Kernel security update (Live Patch 36 for SLE 15 SP4) addressing CVE-2022-49080 (memory leak) and CVE-2024-57996 (network scheduling flaw). Learn patch instructions, CVSS 8.5 vulnerabilities, and affected SUSE/OpenSUSE products.

Key Security Updates for Enterprise Linux Systems

SUSE has announced an important-rated kernel update (June 12, 2025) patching two high-severity vulnerabilities affecting SUSE Linux Enterprise 15 SP4OpenSUSE Leap 15.4, and related distributions. This patch is critical for sysadmins managing:

  • Cloud infrastructure (SUSE Micro 5.3/5.4)

  • High-performance computing (HPC) environments

  • Real-time systems and SAP applications

Vulnerabilities Patched

CVE IDCVSS 4.0 ScoreImpact
CVE-2022-490807.3 (SUSE)Memory policy leak in shared_policy_replace
CVE-2024-579968.5 (SUSE)Network scheduling flaw in sch_sfq

Technical Impact:

  • CVE-2022-49080: Kernel memory leak leading to potential privilege escalation (local attack vector).

  • CVE-2024-57996: Network packet scheduling vulnerability causing denial-of-service (DoS) risks.

Patch Instructions for SUSE & OpenSUSE

Recommended Methods

  1. YaST Online Update: Automated patching via SUSE’s native tool.

  2. Zypper CLI:

    bash
    Copy
    Download
    # SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-1927=1

# OpenSUSE Leap 15.4
zypper in -t patch SUSE-2025-1927=1

Affected Packages

  • kernel-livepatch-5_14_21-150400_24_150-default

  • kernel-livepatch-SLE15-SP4_Update_36-debugsource

Why This Update Matters for Enterprise Security

  1. Compliance: Addresses CVSS 8.5-rated flaws (CVE-2024-57996) for audit requirements.

  2. Performance: Fixes network scheduling bottlenecks in sch_sfq.

  3. Stability: Prevents kernel memory leaks in high-availability systems.

Expert Tip: For organizations using SUSE Linux Enterprise Server for SAP, prioritize patching to avoid downtime in critical financial/ERP systems.

FAQ

Q: Is this update relevant for cloud deployments?

A: Yes, especially for SUSE Linux Enterprise Micro (5.3/5.4) running containerized workloads.

Q: How urgent is the patch?

A: Critical for systems exposed to untrusted networks due to DoS risks.

Cezar Henrique at
Marcadores: Linux, Android, Segurança , , , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)