SUSE-SU-2024:0463-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434). - CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730). - CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836). - CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412). - CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). - CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). - CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). - CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702). - CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120). - CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053). - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832). - CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804). - CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752). - CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757). The following non-security bugs were fixed: - Store the old kernel changelog entries in kernel-docs package (bsc#1218713). - x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
Affected Systems
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.1
< 5.3.18-150300.158.1
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.2
< 5.3.18-150300.158.1
References (33)
- https://www.suse.com/support/update/announcement/2024/suse-su-20240463-1/
- https://bugzilla.suse.com/1108281
- https://bugzilla.suse.com/1193285
- https://bugzilla.suse.com/1216702
- https://bugzilla.suse.com/1217987
- https://bugzilla.suse.com/1217988
- https://bugzilla.suse.com/1217989
- https://bugzilla.suse.com/1218713
- https://bugzilla.suse.com/1218730
- https://bugzilla.suse.com/1218752
- https://bugzilla.suse.com/1218757
- https://bugzilla.suse.com/1218768
- https://bugzilla.suse.com/1218804
- https://bugzilla.suse.com/1218832
- https://bugzilla.suse.com/1218836
- https://bugzilla.suse.com/1219053
- https://bugzilla.suse.com/1219120
- https://bugzilla.suse.com/1219412
- https://bugzilla.suse.com/1219434
- https://www.suse.com/security/cve/CVE-2021-33631
- https://www.suse.com/security/cve/CVE-2023-46838
- https://www.suse.com/security/cve/CVE-2023-47233
- https://www.suse.com/security/cve/CVE-2023-51043
- https://www.suse.com/security/cve/CVE-2023-51780
- https://www.suse.com/security/cve/CVE-2023-51782
- https://www.suse.com/security/cve/CVE-2023-6040
- https://www.suse.com/security/cve/CVE-2023-6356
- https://www.suse.com/security/cve/CVE-2023-6535
- https://www.suse.com/security/cve/CVE-2023-6536
- https://www.suse.com/security/cve/CVE-2023-6915
- https://www.suse.com/security/cve/CVE-2024-0565
- https://www.suse.com/security/cve/CVE-2024-0775
- https://www.suse.com/security/cve/CVE-2024-1086