SUSE-SU-2024:2923-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716). - CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644). - CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743). - CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561). - CVE-2023-52885: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (bsc#1227750). - CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task (bsc#1228013). - CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328). - CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1224918). - CVE-2021-47126: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6_nh_flush_exceptions (bsc#1221539). - CVE-2024-41011: drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (bsc#1228114). - CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574). - CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB (bsc#1226550). - CVE-2021-47219: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (bsc#1222824). - CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836). - CVE-2021-0129: Improper access control in BlueZ may have allowed an authenticated user to potentially enable information disclosure via adjacent access (bsc#1186463). - CVE-2020-26558: Fixed a flaw in the Bluetooth LE and BR/EDR secure pairing that could permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (bsc#1179610). - CVE-2022-48821: misc: fastrpc: avoid double fput() on failed usercopy (bsc#1227976). - CVE-2021-47506: nfsd: fix use-after-free due to delegation race (bsc#1225404). - CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431). - CVE-2024-26583: tls: fix use-after-free on failed backlog decryption (bsc#1220185). - CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). - CVE-2021-47600: dm btree remove: fix use after free in rebalance_children() (bsc#1226575). - CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519). The following non-security bugs were fixed: - Fix spurious WARNING caused by a qxl driver patch (bsc#1227213) - X.509: Fix the parser of extended key usage for length (bsc#1218820 bsc#1226666). - ocfs2: fix DIO failure due to insufficient transaction credits (bsc#1216834). - powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487). - powerpc/rtas: clean up includes (bsc#1227487).
Affected Systems
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.200.1.150200.9.103.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.200.1.150200.9.103.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.200.1.150200.9.103.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP2
< 5.3.18-150200.24.200.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP2
< 5.3.18-150200.24.200.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.200.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.200.1
- suse•kernel-livepatch-SLE15-SP2_Update_51&distro=SUSE Linux Enterprise Live Patching 15 SP2
< 1-150200.5.3.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.200.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.200.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.200.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.200.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.200.1
References (60)
- https://www.suse.com/support/update/announcement/2024/suse-su-20242923-1/
- https://bugzilla.suse.com/1065729
- https://bugzilla.suse.com/1179610
- https://bugzilla.suse.com/1186463
- https://bugzilla.suse.com/1216834
- https://bugzilla.suse.com/1218820
- https://bugzilla.suse.com/1220185
- https://bugzilla.suse.com/1220186
- https://bugzilla.suse.com/1220187
- https://bugzilla.suse.com/1221539
- https://bugzilla.suse.com/1222824
- https://bugzilla.suse.com/1224682
- https://bugzilla.suse.com/1224918
- https://bugzilla.suse.com/1225404
- https://bugzilla.suse.com/1225431
- https://bugzilla.suse.com/1226519
- https://bugzilla.suse.com/1226550
- https://bugzilla.suse.com/1226574
- https://bugzilla.suse.com/1226575
- https://bugzilla.suse.com/1226666
- https://bugzilla.suse.com/1226758
- https://bugzilla.suse.com/1226785
- https://bugzilla.suse.com/1227213
- https://bugzilla.suse.com/1227487
- https://bugzilla.suse.com/1227716
- https://bugzilla.suse.com/1227750
- https://bugzilla.suse.com/1227836
- https://bugzilla.suse.com/1227976
- https://bugzilla.suse.com/1228013
- https://bugzilla.suse.com/1228114
- https://bugzilla.suse.com/1228328
- https://bugzilla.suse.com/1228561
- https://bugzilla.suse.com/1228644
- https://bugzilla.suse.com/1228743
- https://www.suse.com/security/cve/CVE-2020-26558
- https://www.suse.com/security/cve/CVE-2021-0129
- https://www.suse.com/security/cve/CVE-2021-47126
- https://www.suse.com/security/cve/CVE-2021-47219
- https://www.suse.com/security/cve/CVE-2021-47291
- https://www.suse.com/security/cve/CVE-2021-47506
- https://www.suse.com/security/cve/CVE-2021-47520
- https://www.suse.com/security/cve/CVE-2021-47580
- https://www.suse.com/security/cve/CVE-2021-47598
- https://www.suse.com/security/cve/CVE-2021-47600
- https://www.suse.com/security/cve/CVE-2022-48792
- https://www.suse.com/security/cve/CVE-2022-48821
- https://www.suse.com/security/cve/CVE-2023-52686
- https://www.suse.com/security/cve/CVE-2023-52885
- https://www.suse.com/security/cve/CVE-2024-26583
- https://www.suse.com/security/cve/CVE-2024-26584
- https://www.suse.com/security/cve/CVE-2024-26585
- https://www.suse.com/security/cve/CVE-2024-36974
- https://www.suse.com/security/cve/CVE-2024-38559
- https://www.suse.com/security/cve/CVE-2024-39494
- https://www.suse.com/security/cve/CVE-2024-40937
- https://www.suse.com/security/cve/CVE-2024-41011
- https://www.suse.com/security/cve/CVE-2024-41059
- https://www.suse.com/security/cve/CVE-2024-41069
- https://www.suse.com/security/cve/CVE-2024-41090
- https://www.suse.com/security/cve/CVE-2024-42145