SUSE-SU-2024:2183-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355). - CVE-2021-47500: Fixed trigger reference couting (bsc#1225360). - CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208). - CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411). - CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174). - CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420). - CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420). - CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335). - CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201). - CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354) - CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301) - CVE-2022-48673: kABI workarounds for struct smc_link (bsc#1223934). - CVE-2023-52871: Handle a second device without data corruption (bsc#1225534) - CVE-2024-26828: Fix underflow in parse_server_interfaces() (bsc#1223084). - CVE-2024-27413: Fix incorrect allocation size (bsc#1224438). - CVE-2023-52840: Fix use after free in rmi_unregister_function() (bsc#1224928). - CVE-2021-47261: Fix initializing CQ fragments buffer (bsc#1224954) - CVE-2021-47254: Fix use-after-free in gfs2_glock_shrink_scan (bsc#1224888). - CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169). - CVE-2023-52686: Fix a null pointer in opal_event_init() (bsc#1065729). The following non-security bugs were fixed: - NFC: nxp: add NXP1002 (bsc#1185589). - PCI: rpaphp: Add MODULE_DESCRIPTION (bsc#1176869 ltc#188243). - af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384). - af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384). - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384). - btrfs: do not start relocation until in progress drops are done (bsc#1222251). - md: Replace snprintf with scnprintf (git-fixes). - netfilter: nf_tables: GC transaction race with abort path (git-fixes). - netfilter: nf_tables: GC transaction race with netns dismantle (git-fixes). - netfilter: nf_tables: defer gc run if previous batch is still pending (git-fixes). - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path (git-fixes). - netfilter: nf_tables: fix kdoc warnings after gc rework (git-fixes). - netfilter: nf_tables: fix memleak when more than 255 elements expired (git-fixes). - netfilter: nf_tables: mark newset as dead on transaction abort (git-fixes). - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (git-fixes). - netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure (git-fixes). - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path (git-fixes). - netfilter: nf_tables: skip dead set elements in netlink dump (git-fixes). - netfilter: nf_tables: use correct lock to protect gc_list (git-fixes). - netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes). - netfilter: nft_set_rbtree: Add missing expired checks (git-fixes). - netfilter: nft_set_rbtree: Detect partial overlap with start endpoint match (git-fixes). - netfilter: nft_set_rbtree: Detect partial overlaps on insertion (git-fixes). - netfilter: nft_set_rbtree: Do not account for expired elements on insertion (git-fixes). - netfilter: nft_set_rbtree: Drop spurious condition for overlap detection on insertion (git-fixes). - netfilter: nft_set_rbtree: Handle outcomes of tree rotations in overlap detection (git-fixes). - netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() (git-fixes). - netfilter: nft_set_rbtree: Switch to node list walk for overlap detection (git-fixes). - netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets (git-fixes). - netfilter: nft_set_rbtree: fix null deref on element insertion (git-fixes). - netfilter: nft_set_rbtree: fix overlap expiration walk (git-fixes). - netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion (git-fixes). - netfilter: nft_set_rbtree: skip elements in transaction from garbage collection (git-fixes). - netfilter: nft_set_rbtree: skip end interval element from gc (git-fixes). - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction (git-fixes). - netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes). - x86/pkeys: Revert a5eff7259790 ('x86/pkeys: Add PKRU value to init_fpstate') (bsc#1215356).
Affected Systems
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.194.1.150200.9.99.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.194.1.150200.9.99.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.194.1.150200.9.99.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP2
< 5.3.18-150200.24.194.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP2
< 5.3.18-150200.24.194.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.194.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.194.1
- suse•kernel-livepatch-SLE15-SP2_Update_49&distro=SUSE Linux Enterprise Live Patching 15 SP2
< 1-150200.5.3.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.194.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.194.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.194.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.194.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.194.1
References (275)
- https://www.suse.com/support/update/announcement/2024/suse-su-20242183-1/
- https://bugzilla.suse.com/1065729
- https://bugzilla.suse.com/1151927
- https://bugzilla.suse.com/1154353
- https://bugzilla.suse.com/1156395
- https://bugzilla.suse.com/1174585
- https://bugzilla.suse.com/1176869
- https://bugzilla.suse.com/1184631
- https://bugzilla.suse.com/1185589
- https://bugzilla.suse.com/1185902
- https://bugzilla.suse.com/1188616
- https://bugzilla.suse.com/1188772
- https://bugzilla.suse.com/1189883
- https://bugzilla.suse.com/1190795
- https://bugzilla.suse.com/1191452
- https://bugzilla.suse.com/1192107
- https://bugzilla.suse.com/1194288
- https://bugzilla.suse.com/1196956
- https://bugzilla.suse.com/1200619
- https://bugzilla.suse.com/1208813
- https://bugzilla.suse.com/1209657
- https://bugzilla.suse.com/1210335
- https://bugzilla.suse.com/1210629
- https://bugzilla.suse.com/1215356
- https://bugzilla.suse.com/1215420
- https://bugzilla.suse.com/1216702
- https://bugzilla.suse.com/1217169
- https://bugzilla.suse.com/1220137
- https://bugzilla.suse.com/1220144
- https://bugzilla.suse.com/1220754
- https://bugzilla.suse.com/1220877
- https://bugzilla.suse.com/1220960
- https://bugzilla.suse.com/1221044
- https://bugzilla.suse.com/1221829
- https://bugzilla.suse.com/1222251
- https://bugzilla.suse.com/1222619
- https://bugzilla.suse.com/1223084
- https://bugzilla.suse.com/1223384
- https://bugzilla.suse.com/1223390
- https://bugzilla.suse.com/1223934
- https://bugzilla.suse.com/1224099
- https://bugzilla.suse.com/1224174
- https://bugzilla.suse.com/1224438
- https://bugzilla.suse.com/1224482
- https://bugzilla.suse.com/1224511
- https://bugzilla.suse.com/1224592
- https://bugzilla.suse.com/1224831
- https://bugzilla.suse.com/1224832
- https://bugzilla.suse.com/1224834
- https://bugzilla.suse.com/1224841
- https://bugzilla.suse.com/1224843
- https://bugzilla.suse.com/1224846
- https://bugzilla.suse.com/1224849
- https://bugzilla.suse.com/1224854
- https://bugzilla.suse.com/1224859
- https://bugzilla.suse.com/1224882
- https://bugzilla.suse.com/1224888
- https://bugzilla.suse.com/1224889
- https://bugzilla.suse.com/1224891
- https://bugzilla.suse.com/1224892
- https://bugzilla.suse.com/1224893
- https://bugzilla.suse.com/1224904
- https://bugzilla.suse.com/1224907
- https://bugzilla.suse.com/1224909
- https://bugzilla.suse.com/1224916
- https://bugzilla.suse.com/1224917
- https://bugzilla.suse.com/1224922
- https://bugzilla.suse.com/1224923
- https://bugzilla.suse.com/1224924
- https://bugzilla.suse.com/1224928
- https://bugzilla.suse.com/1224953
- https://bugzilla.suse.com/1224954
- https://bugzilla.suse.com/1224961
- https://bugzilla.suse.com/1224963
- https://bugzilla.suse.com/1224965
- https://bugzilla.suse.com/1224966
- https://bugzilla.suse.com/1224968
- https://bugzilla.suse.com/1224981
- https://bugzilla.suse.com/1224982
- https://bugzilla.suse.com/1224984
- https://bugzilla.suse.com/1224987
- https://bugzilla.suse.com/1224990
- https://bugzilla.suse.com/1224993
- https://bugzilla.suse.com/1224996
- https://bugzilla.suse.com/1224997
- https://bugzilla.suse.com/1225026
- https://bugzilla.suse.com/1225030
- https://bugzilla.suse.com/1225058
- https://bugzilla.suse.com/1225060
- https://bugzilla.suse.com/1225084
- https://bugzilla.suse.com/1225091
- https://bugzilla.suse.com/1225112
- https://bugzilla.suse.com/1225113
- https://bugzilla.suse.com/1225140
- https://bugzilla.suse.com/1225143
- https://bugzilla.suse.com/1225164
- https://bugzilla.suse.com/1225177
- https://bugzilla.suse.com/1225181
- https://bugzilla.suse.com/1225192
- https://bugzilla.suse.com/1225193
- https://bugzilla.suse.com/1225201
- https://bugzilla.suse.com/1225206
- https://bugzilla.suse.com/1225207
- https://bugzilla.suse.com/1225208
- https://bugzilla.suse.com/1225214
- https://bugzilla.suse.com/1225223
- https://bugzilla.suse.com/1225224
- https://bugzilla.suse.com/1225232
- https://bugzilla.suse.com/1225238
- https://bugzilla.suse.com/1225244
- https://bugzilla.suse.com/1225251
- https://bugzilla.suse.com/1225256
- https://bugzilla.suse.com/1225261
- https://bugzilla.suse.com/1225262
- https://bugzilla.suse.com/1225263
- https://bugzilla.suse.com/1225301
- https://bugzilla.suse.com/1225303
- https://bugzilla.suse.com/1225318
- https://bugzilla.suse.com/1225321
- https://bugzilla.suse.com/1225326
- https://bugzilla.suse.com/1225327
- https://bugzilla.suse.com/1225328
- https://bugzilla.suse.com/1225336
- https://bugzilla.suse.com/1225341
- https://bugzilla.suse.com/1225346
- https://bugzilla.suse.com/1225351
- https://bugzilla.suse.com/1225354
- https://bugzilla.suse.com/1225355
- https://bugzilla.suse.com/1225360
- https://bugzilla.suse.com/1225366
- https://bugzilla.suse.com/1225367
- https://bugzilla.suse.com/1225384
- https://bugzilla.suse.com/1225390
- https://bugzilla.suse.com/1225393
- https://bugzilla.suse.com/1225400
- https://bugzilla.suse.com/1225404
- https://bugzilla.suse.com/1225411
- https://bugzilla.suse.com/1225427
- https://bugzilla.suse.com/1225437
- https://bugzilla.suse.com/1225448
- https://bugzilla.suse.com/1225453
- https://bugzilla.suse.com/1225455
- https://bugzilla.suse.com/1225499
- https://bugzilla.suse.com/1225500
- https://bugzilla.suse.com/1225534
- https://www.suse.com/security/cve/CVE-2021-3743
- https://www.suse.com/security/cve/CVE-2021-39698
- https://www.suse.com/security/cve/CVE-2021-43056
- https://www.suse.com/security/cve/CVE-2021-43527
- https://www.suse.com/security/cve/CVE-2021-47104
- https://www.suse.com/security/cve/CVE-2021-47220
- https://www.suse.com/security/cve/CVE-2021-47229
- https://www.suse.com/security/cve/CVE-2021-47231
- https://www.suse.com/security/cve/CVE-2021-47236
- https://www.suse.com/security/cve/CVE-2021-47239
- https://www.suse.com/security/cve/CVE-2021-47240
- https://www.suse.com/security/cve/CVE-2021-47246
- https://www.suse.com/security/cve/CVE-2021-47252
- https://www.suse.com/security/cve/CVE-2021-47254
- https://www.suse.com/security/cve/CVE-2021-47255
- https://www.suse.com/security/cve/CVE-2021-47259
- https://www.suse.com/security/cve/CVE-2021-47260
- https://www.suse.com/security/cve/CVE-2021-47261
- https://www.suse.com/security/cve/CVE-2021-47267
- https://www.suse.com/security/cve/CVE-2021-47269
- https://www.suse.com/security/cve/CVE-2021-47270
- https://www.suse.com/security/cve/CVE-2021-47274
- https://www.suse.com/security/cve/CVE-2021-47275
- https://www.suse.com/security/cve/CVE-2021-47276
- https://www.suse.com/security/cve/CVE-2021-47280
- https://www.suse.com/security/cve/CVE-2021-47284
- https://www.suse.com/security/cve/CVE-2021-47285
- https://www.suse.com/security/cve/CVE-2021-47288
- https://www.suse.com/security/cve/CVE-2021-47289
- https://www.suse.com/security/cve/CVE-2021-47296
- https://www.suse.com/security/cve/CVE-2021-47301
- https://www.suse.com/security/cve/CVE-2021-47302
- https://www.suse.com/security/cve/CVE-2021-47305
- https://www.suse.com/security/cve/CVE-2021-47307
- https://www.suse.com/security/cve/CVE-2021-47308
- https://www.suse.com/security/cve/CVE-2021-47314
- https://www.suse.com/security/cve/CVE-2021-47315
- https://www.suse.com/security/cve/CVE-2021-47320
- https://www.suse.com/security/cve/CVE-2021-47321
- https://www.suse.com/security/cve/CVE-2021-47323
- https://www.suse.com/security/cve/CVE-2021-47324
- https://www.suse.com/security/cve/CVE-2021-47330
- https://www.suse.com/security/cve/CVE-2021-47332
- https://www.suse.com/security/cve/CVE-2021-47333
- https://www.suse.com/security/cve/CVE-2021-47334
- https://www.suse.com/security/cve/CVE-2021-47338
- https://www.suse.com/security/cve/CVE-2021-47341
- https://www.suse.com/security/cve/CVE-2021-47344
- https://www.suse.com/security/cve/CVE-2021-47347
- https://www.suse.com/security/cve/CVE-2021-47350
- https://www.suse.com/security/cve/CVE-2021-47354
- https://www.suse.com/security/cve/CVE-2021-47356
- https://www.suse.com/security/cve/CVE-2021-47369
- https://www.suse.com/security/cve/CVE-2021-47375
- https://www.suse.com/security/cve/CVE-2021-47378
- https://www.suse.com/security/cve/CVE-2021-47381
- https://www.suse.com/security/cve/CVE-2021-47382
- https://www.suse.com/security/cve/CVE-2021-47383
- https://www.suse.com/security/cve/CVE-2021-47388
- https://www.suse.com/security/cve/CVE-2021-47391
- https://www.suse.com/security/cve/CVE-2021-47393
- https://www.suse.com/security/cve/CVE-2021-47395
- https://www.suse.com/security/cve/CVE-2021-47396
- https://www.suse.com/security/cve/CVE-2021-47399
- https://www.suse.com/security/cve/CVE-2021-47402
- https://www.suse.com/security/cve/CVE-2021-47404
- https://www.suse.com/security/cve/CVE-2021-47405
- https://www.suse.com/security/cve/CVE-2021-47416
- https://www.suse.com/security/cve/CVE-2021-47423
- https://www.suse.com/security/cve/CVE-2021-47424
- https://www.suse.com/security/cve/CVE-2021-47425
- https://www.suse.com/security/cve/CVE-2021-47431
- https://www.suse.com/security/cve/CVE-2021-47434
- https://www.suse.com/security/cve/CVE-2021-47436
- https://www.suse.com/security/cve/CVE-2021-47441
- https://www.suse.com/security/cve/CVE-2021-47442
- https://www.suse.com/security/cve/CVE-2021-47443
- https://www.suse.com/security/cve/CVE-2021-47445
- https://www.suse.com/security/cve/CVE-2021-47456
- https://www.suse.com/security/cve/CVE-2021-47460
- https://www.suse.com/security/cve/CVE-2021-47464
- https://www.suse.com/security/cve/CVE-2021-47465
- https://www.suse.com/security/cve/CVE-2021-47468
- https://www.suse.com/security/cve/CVE-2021-47473
- https://www.suse.com/security/cve/CVE-2021-47482
- https://www.suse.com/security/cve/CVE-2021-47483
- https://www.suse.com/security/cve/CVE-2021-47485
- https://www.suse.com/security/cve/CVE-2021-47495
- https://www.suse.com/security/cve/CVE-2021-47496
- https://www.suse.com/security/cve/CVE-2021-47497
- https://www.suse.com/security/cve/CVE-2021-47500
- https://www.suse.com/security/cve/CVE-2021-47505
- https://www.suse.com/security/cve/CVE-2021-47506
- https://www.suse.com/security/cve/CVE-2021-47511
- https://www.suse.com/security/cve/CVE-2021-47516
- https://www.suse.com/security/cve/CVE-2021-47522
- https://www.suse.com/security/cve/CVE-2021-47538
- https://www.suse.com/security/cve/CVE-2021-47541
- https://www.suse.com/security/cve/CVE-2021-47542
- https://www.suse.com/security/cve/CVE-2021-47562
- https://www.suse.com/security/cve/CVE-2021-47563
- https://www.suse.com/security/cve/CVE-2021-47565
- https://www.suse.com/security/cve/CVE-2022-20132
- https://www.suse.com/security/cve/CVE-2022-48673
- https://www.suse.com/security/cve/CVE-2023-0160
- https://www.suse.com/security/cve/CVE-2023-1829
- https://www.suse.com/security/cve/CVE-2023-2176
- https://www.suse.com/security/cve/CVE-2023-4244
- https://www.suse.com/security/cve/CVE-2023-47233
- https://www.suse.com/security/cve/CVE-2023-52433
- https://www.suse.com/security/cve/CVE-2023-52581
- https://www.suse.com/security/cve/CVE-2023-52591
- https://www.suse.com/security/cve/CVE-2023-52654
- https://www.suse.com/security/cve/CVE-2023-52655
- https://www.suse.com/security/cve/CVE-2023-52686
- https://www.suse.com/security/cve/CVE-2023-52840
- https://www.suse.com/security/cve/CVE-2023-52871
- https://www.suse.com/security/cve/CVE-2023-52880
- https://www.suse.com/security/cve/CVE-2023-6531
- https://www.suse.com/security/cve/CVE-2024-26581
- https://www.suse.com/security/cve/CVE-2024-26643
- https://www.suse.com/security/cve/CVE-2024-26828
- https://www.suse.com/security/cve/CVE-2024-26925
- https://www.suse.com/security/cve/CVE-2024-26929
- https://www.suse.com/security/cve/CVE-2024-26930
- https://www.suse.com/security/cve/CVE-2024-27398
- https://www.suse.com/security/cve/CVE-2024-27413
- https://www.suse.com/security/cve/CVE-2024-35811
- https://www.suse.com/security/cve/CVE-2024-35895
- https://www.suse.com/security/cve/CVE-2024-35914