SUSE-SU-2024:2011-1

Advisory lineage Upstream: 308 Downstream: 0
Published: 12 Jun 2024, 16:39
Last modified:04 Feb 2026, 02:22

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

12 Jun 2024, 16:39
Published
Vulnerability first disclosed
04 Feb 2026, 02:22
Last Modified
Vulnerability information updated

Description

Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). - CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084). - CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). - CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057). - CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). - CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138). - CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390). - CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532). - CVE-2024-26929: Fixed double free of fcport (bsc#1223715). - CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223626). - CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174). - CVE-2024-27413: Fixed incorrect allocation size (bsc#1224438). - CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1224736). - CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). - CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664). - CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678). - CVE-2024-35904: Fixed dereference of garbage after mount failure (bsc#1224494). - CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488). - CVE-2024-36926: Fixed LPAR panics during boot up with a frozen PE (bsc#1222011). The following non-security bugs were fixed: - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384). - af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384). - af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384). - filemap: remove use of wait bookmarks (bsc#1224085). - idpf: extend tx watchdog timeout (bsc#1224137). - ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) - powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191). - powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191). - powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729). - powerpc/powernv: Add a null pointer check to scom_debug_init_one() (bsc#1194869). - powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). - powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783). - powerpc: Refactor verification of MSR_RI (bsc#1223191). - supported.conf: support tcp_dctcp module (jsc#PED-8111)

Affected Systems

  • opensusekernel-rt&distro=openSUSE Leap Micro 5.3

    < 5.14.21-150400.15.82.1

  • opensusekernel-rt&distro=openSUSE Leap Micro 5.4

    < 5.14.21-150400.15.82.1

  • susekernel-rt&distro=SUSE Linux Enterprise Micro 5.3

    < 5.14.21-150400.15.82.1

  • susekernel-rt&distro=SUSE Linux Enterprise Micro 5.4

    < 5.14.21-150400.15.82.1

  • susekernel-source-rt&distro=SUSE Linux Enterprise Micro 5.3

    < 5.14.21-150400.15.82.1

  • susekernel-source-rt&distro=SUSE Linux Enterprise Micro 5.4

    < 5.14.21-150400.15.82.1

References (643)