SUSE-SU-2024:4082-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556). - CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). - CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976). - CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). - CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). - CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070). - CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). - CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). - CVE-2024-45026: s390/dasd: fix error recovery leading to data corruption on ESE devices (bsc#1230454). - CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715). - CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). - CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). - CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195). - CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). - CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). - CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). - CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). - CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). - CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). - CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). - CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). - CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). - CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174). - CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). - CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260). - CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). - CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). - CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). - CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). - CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). - CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). - CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). The following non-security bugs were fixed: - NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). - PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). - RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (bsc#1232036). - bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). - dn_route: set rt neigh to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). - ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813). - ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813). - net: mana: Fix the extra HZ in mana_hwc_send_request (bsc#1232033). - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813).
Affected Systems
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.15.100.1
- suse•kernel-rt&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.15.100.1
- suse•kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.15.100.1
- suse•kernel-source-rt&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.15.100.1
References (218)
- https://www.suse.com/support/update/announcement/2024/suse-su-20244082-1/
- https://bugzilla.suse.com/1204171
- https://bugzilla.suse.com/1205796
- https://bugzilla.suse.com/1206188
- https://bugzilla.suse.com/1206344
- https://bugzilla.suse.com/1209290
- https://bugzilla.suse.com/1210449
- https://bugzilla.suse.com/1210627
- https://bugzilla.suse.com/1213034
- https://bugzilla.suse.com/1216223
- https://bugzilla.suse.com/1216813
- https://bugzilla.suse.com/1218562
- https://bugzilla.suse.com/1223384
- https://bugzilla.suse.com/1223524
- https://bugzilla.suse.com/1223824
- https://bugzilla.suse.com/1225189
- https://bugzilla.suse.com/1225336
- https://bugzilla.suse.com/1225611
- https://bugzilla.suse.com/1226666
- https://bugzilla.suse.com/1228743
- https://bugzilla.suse.com/1229454
- https://bugzilla.suse.com/1229456
- https://bugzilla.suse.com/1229556
- https://bugzilla.suse.com/1230429
- https://bugzilla.suse.com/1230442
- https://bugzilla.suse.com/1230454
- https://bugzilla.suse.com/1230600
- https://bugzilla.suse.com/1230620
- https://bugzilla.suse.com/1230715
- https://bugzilla.suse.com/1230903
- https://bugzilla.suse.com/1231016
- https://bugzilla.suse.com/1231073
- https://bugzilla.suse.com/1231191
- https://bugzilla.suse.com/1231193
- https://bugzilla.suse.com/1231195
- https://bugzilla.suse.com/1231197
- https://bugzilla.suse.com/1231200
- https://bugzilla.suse.com/1231203
- https://bugzilla.suse.com/1231293
- https://bugzilla.suse.com/1231375
- https://bugzilla.suse.com/1231502
- https://bugzilla.suse.com/1231673
- https://bugzilla.suse.com/1231861
- https://bugzilla.suse.com/1231883
- https://bugzilla.suse.com/1231885
- https://bugzilla.suse.com/1231887
- https://bugzilla.suse.com/1231888
- https://bugzilla.suse.com/1231890
- https://bugzilla.suse.com/1231892
- https://bugzilla.suse.com/1231893
- https://bugzilla.suse.com/1231895
- https://bugzilla.suse.com/1231896
- https://bugzilla.suse.com/1231897
- https://bugzilla.suse.com/1231929
- https://bugzilla.suse.com/1231936
- https://bugzilla.suse.com/1231937
- https://bugzilla.suse.com/1231938
- https://bugzilla.suse.com/1231939
- https://bugzilla.suse.com/1231940
- https://bugzilla.suse.com/1231941
- https://bugzilla.suse.com/1231942
- https://bugzilla.suse.com/1231958
- https://bugzilla.suse.com/1231960
- https://bugzilla.suse.com/1231961
- https://bugzilla.suse.com/1231962
- https://bugzilla.suse.com/1231972
- https://bugzilla.suse.com/1231976
- https://bugzilla.suse.com/1231979
- https://bugzilla.suse.com/1231987
- https://bugzilla.suse.com/1231988
- https://bugzilla.suse.com/1231991
- https://bugzilla.suse.com/1231992
- https://bugzilla.suse.com/1231995
- https://bugzilla.suse.com/1231996
- https://bugzilla.suse.com/1231997
- https://bugzilla.suse.com/1232001
- https://bugzilla.suse.com/1232005
- https://bugzilla.suse.com/1232006
- https://bugzilla.suse.com/1232007
- https://bugzilla.suse.com/1232025
- https://bugzilla.suse.com/1232026
- https://bugzilla.suse.com/1232033
- https://bugzilla.suse.com/1232035
- https://bugzilla.suse.com/1232036
- https://bugzilla.suse.com/1232037
- https://bugzilla.suse.com/1232038
- https://bugzilla.suse.com/1232039
- https://bugzilla.suse.com/1232067
- https://bugzilla.suse.com/1232069
- https://bugzilla.suse.com/1232070
- https://bugzilla.suse.com/1232071
- https://bugzilla.suse.com/1232097
- https://bugzilla.suse.com/1232108
- https://bugzilla.suse.com/1232119
- https://bugzilla.suse.com/1232120
- https://bugzilla.suse.com/1232123
- https://bugzilla.suse.com/1232133
- https://bugzilla.suse.com/1232136
- https://bugzilla.suse.com/1232145
- https://bugzilla.suse.com/1232150
- https://bugzilla.suse.com/1232163
- https://bugzilla.suse.com/1232170
- https://bugzilla.suse.com/1232172
- https://bugzilla.suse.com/1232174
- https://bugzilla.suse.com/1232229
- https://bugzilla.suse.com/1232237
- https://bugzilla.suse.com/1232260
- https://bugzilla.suse.com/1232262
- https://bugzilla.suse.com/1232282
- https://bugzilla.suse.com/1232286
- https://bugzilla.suse.com/1232304
- https://bugzilla.suse.com/1232383
- https://bugzilla.suse.com/1232395
- https://bugzilla.suse.com/1232418
- https://bugzilla.suse.com/1232424
- https://bugzilla.suse.com/1232432
- https://bugzilla.suse.com/1232519
- https://www.suse.com/security/cve/CVE-2021-47416
- https://www.suse.com/security/cve/CVE-2021-47534
- https://www.suse.com/security/cve/CVE-2022-3435
- https://www.suse.com/security/cve/CVE-2022-45934
- https://www.suse.com/security/cve/CVE-2022-48664
- https://www.suse.com/security/cve/CVE-2022-48879
- https://www.suse.com/security/cve/CVE-2022-48946
- https://www.suse.com/security/cve/CVE-2022-48947
- https://www.suse.com/security/cve/CVE-2022-48948
- https://www.suse.com/security/cve/CVE-2022-48949
- https://www.suse.com/security/cve/CVE-2022-48951
- https://www.suse.com/security/cve/CVE-2022-48953
- https://www.suse.com/security/cve/CVE-2022-48954
- https://www.suse.com/security/cve/CVE-2022-48955
- https://www.suse.com/security/cve/CVE-2022-48956
- https://www.suse.com/security/cve/CVE-2022-48959
- https://www.suse.com/security/cve/CVE-2022-48960
- https://www.suse.com/security/cve/CVE-2022-48961
- https://www.suse.com/security/cve/CVE-2022-48962
- https://www.suse.com/security/cve/CVE-2022-48967
- https://www.suse.com/security/cve/CVE-2022-48968
- https://www.suse.com/security/cve/CVE-2022-48969
- https://www.suse.com/security/cve/CVE-2022-48970
- https://www.suse.com/security/cve/CVE-2022-48971
- https://www.suse.com/security/cve/CVE-2022-48972
- https://www.suse.com/security/cve/CVE-2022-48973
- https://www.suse.com/security/cve/CVE-2022-48975
- https://www.suse.com/security/cve/CVE-2022-48977
- https://www.suse.com/security/cve/CVE-2022-48978
- https://www.suse.com/security/cve/CVE-2022-48981
- https://www.suse.com/security/cve/CVE-2022-48985
- https://www.suse.com/security/cve/CVE-2022-48987
- https://www.suse.com/security/cve/CVE-2022-48988
- https://www.suse.com/security/cve/CVE-2022-48991
- https://www.suse.com/security/cve/CVE-2022-48992
- https://www.suse.com/security/cve/CVE-2022-48994
- https://www.suse.com/security/cve/CVE-2022-48995
- https://www.suse.com/security/cve/CVE-2022-48997
- https://www.suse.com/security/cve/CVE-2022-48999
- https://www.suse.com/security/cve/CVE-2022-49000
- https://www.suse.com/security/cve/CVE-2022-49002
- https://www.suse.com/security/cve/CVE-2022-49003
- https://www.suse.com/security/cve/CVE-2022-49005
- https://www.suse.com/security/cve/CVE-2022-49006
- https://www.suse.com/security/cve/CVE-2022-49007
- https://www.suse.com/security/cve/CVE-2022-49010
- https://www.suse.com/security/cve/CVE-2022-49011
- https://www.suse.com/security/cve/CVE-2022-49012
- https://www.suse.com/security/cve/CVE-2022-49014
- https://www.suse.com/security/cve/CVE-2022-49015
- https://www.suse.com/security/cve/CVE-2022-49016
- https://www.suse.com/security/cve/CVE-2022-49019
- https://www.suse.com/security/cve/CVE-2022-49021
- https://www.suse.com/security/cve/CVE-2022-49022
- https://www.suse.com/security/cve/CVE-2022-49023
- https://www.suse.com/security/cve/CVE-2022-49024
- https://www.suse.com/security/cve/CVE-2022-49025
- https://www.suse.com/security/cve/CVE-2022-49026
- https://www.suse.com/security/cve/CVE-2022-49027
- https://www.suse.com/security/cve/CVE-2022-49028
- https://www.suse.com/security/cve/CVE-2022-49029
- https://www.suse.com/security/cve/CVE-2022-49031
- https://www.suse.com/security/cve/CVE-2022-49032
- https://www.suse.com/security/cve/CVE-2023-2166
- https://www.suse.com/security/cve/CVE-2023-28327
- https://www.suse.com/security/cve/CVE-2023-52766
- https://www.suse.com/security/cve/CVE-2023-52800
- https://www.suse.com/security/cve/CVE-2023-52881
- https://www.suse.com/security/cve/CVE-2023-52919
- https://www.suse.com/security/cve/CVE-2023-6270
- https://www.suse.com/security/cve/CVE-2024-27043
- https://www.suse.com/security/cve/CVE-2024-42145
- https://www.suse.com/security/cve/CVE-2024-44947
- https://www.suse.com/security/cve/CVE-2024-45013
- https://www.suse.com/security/cve/CVE-2024-45016
- https://www.suse.com/security/cve/CVE-2024-45026
- https://www.suse.com/security/cve/CVE-2024-46716
- https://www.suse.com/security/cve/CVE-2024-46813
- https://www.suse.com/security/cve/CVE-2024-46814
- https://www.suse.com/security/cve/CVE-2024-46815
- https://www.suse.com/security/cve/CVE-2024-46816
- https://www.suse.com/security/cve/CVE-2024-46817
- https://www.suse.com/security/cve/CVE-2024-46818
- https://www.suse.com/security/cve/CVE-2024-46849
- https://www.suse.com/security/cve/CVE-2024-47668
- https://www.suse.com/security/cve/CVE-2024-47674
- https://www.suse.com/security/cve/CVE-2024-47684
- https://www.suse.com/security/cve/CVE-2024-47706
- https://www.suse.com/security/cve/CVE-2024-47747
- https://www.suse.com/security/cve/CVE-2024-47748
- https://www.suse.com/security/cve/CVE-2024-49860
- https://www.suse.com/security/cve/CVE-2024-49867
- https://www.suse.com/security/cve/CVE-2024-49930
- https://www.suse.com/security/cve/CVE-2024-49936
- https://www.suse.com/security/cve/CVE-2024-49960
- https://www.suse.com/security/cve/CVE-2024-49969
- https://www.suse.com/security/cve/CVE-2024-49974
- https://www.suse.com/security/cve/CVE-2024-49982
- https://www.suse.com/security/cve/CVE-2024-49991
- https://www.suse.com/security/cve/CVE-2024-49995
- https://www.suse.com/security/cve/CVE-2024-50047