SUSE-SU-2024:4103-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47589: igbvf: fix double free in `igbvf_probe` (bsc#1226557). - CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). - CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). - CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). - CVE-2022-48967: NFC: nci: Bounds check struct nfc_target arrays (bsc#1232304). - CVE-2022-48988: memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344 bsc#1232069). - CVE-2022-48991: khugepaged: retract_page_tables() remember to test exit (bsc#1232070). - CVE-2022-49003: nvme: fix SRCU protection of nvme_ns_head list (bsc#1232136). - CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1231890). - CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). - CVE-2022-49023: wifi: cfg80211: fix buffer overflow in elem comparison (bsc#1231961). - CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table (bsc#1231960). - CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). - CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). - CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). - CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). - CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). - CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). - CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). - CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). - CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). - CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). - CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). - CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). - CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). - CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). - CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). - CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). - CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). The following non-security bugs were fixed: - initrd: Revert 'build initrd without systemd' (bsc#1195775). - bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). - kernel-binary.spec.in: Enable klp_symbols on openSUSE Tumbleweed (boo#1229042). - kernel-binary: generate and install compile_commands.json (bsc#1228971). - net: mana: Fix the extra HZ in mana_hwc_send_request (bsc#1232033). - rpm/check-for-config-changes: Exclude ARCH_USING_PATCHABLE_FUNCTION_ENTRY gcc version dependent, at least on ppc - rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK. - rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression. - rpm/kernel-binary.spec.in: fix klp_symbols macro The commit below removed openSUSE filter from %ifs of the klp_symbols definition (boo#1229042). - rpm/kernel-obs-build.spec.in: Some builds do not just create an iso9660 image, but also mount it during build (bsc#1226212). - rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211). - rpm/release-projects: Add SLFO projects (bsc#1231293).
Affected Systems
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.209.1.150200.9.109.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.209.1.150200.9.109.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.209.1.150200.9.109.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP2
< 5.3.18-150200.24.209.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP2
< 5.3.18-150200.24.209.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.209.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.209.2
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.209.2
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.209.2
- suse•kernel-livepatch-SLE15-SP2_Update_54&distro=SUSE Linux Enterprise Live Patching 15 SP2
< 1-150200.5.3.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.209.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.209.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.209.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.209.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.209.1
References (103)
- https://www.suse.com/support/update/announcement/2024/suse-su-20244103-1/
- https://bugzilla.suse.com/1195775
- https://bugzilla.suse.com/1204171
- https://bugzilla.suse.com/1205796
- https://bugzilla.suse.com/1206344
- https://bugzilla.suse.com/1209290
- https://bugzilla.suse.com/1218562
- https://bugzilla.suse.com/1219125
- https://bugzilla.suse.com/1223384
- https://bugzilla.suse.com/1223524
- https://bugzilla.suse.com/1223824
- https://bugzilla.suse.com/1225336
- https://bugzilla.suse.com/1225611
- https://bugzilla.suse.com/1226211
- https://bugzilla.suse.com/1226212
- https://bugzilla.suse.com/1226557
- https://bugzilla.suse.com/1228743
- https://bugzilla.suse.com/1229042
- https://bugzilla.suse.com/1229454
- https://bugzilla.suse.com/1229456
- https://bugzilla.suse.com/1230429
- https://bugzilla.suse.com/1231073
- https://bugzilla.suse.com/1231191
- https://bugzilla.suse.com/1231197
- https://bugzilla.suse.com/1231200
- https://bugzilla.suse.com/1231203
- https://bugzilla.suse.com/1231293
- https://bugzilla.suse.com/1231375
- https://bugzilla.suse.com/1231502
- https://bugzilla.suse.com/1231673
- https://bugzilla.suse.com/1231861
- https://bugzilla.suse.com/1231887
- https://bugzilla.suse.com/1231890
- https://bugzilla.suse.com/1231893
- https://bugzilla.suse.com/1231895
- https://bugzilla.suse.com/1231936
- https://bugzilla.suse.com/1231938
- https://bugzilla.suse.com/1231942
- https://bugzilla.suse.com/1231960
- https://bugzilla.suse.com/1231961
- https://bugzilla.suse.com/1231979
- https://bugzilla.suse.com/1231987
- https://bugzilla.suse.com/1231988
- https://bugzilla.suse.com/1232033
- https://bugzilla.suse.com/1232069
- https://bugzilla.suse.com/1232070
- https://bugzilla.suse.com/1232097
- https://bugzilla.suse.com/1232136
- https://bugzilla.suse.com/1232145
- https://bugzilla.suse.com/1232262
- https://bugzilla.suse.com/1232282
- https://bugzilla.suse.com/1232286
- https://bugzilla.suse.com/1232304
- https://bugzilla.suse.com/1232383
- https://bugzilla.suse.com/1232418
- https://bugzilla.suse.com/1232424
- https://bugzilla.suse.com/1232432
- https://www.suse.com/security/cve/CVE-2021-47416
- https://www.suse.com/security/cve/CVE-2021-47589
- https://www.suse.com/security/cve/CVE-2022-3435
- https://www.suse.com/security/cve/CVE-2022-45934
- https://www.suse.com/security/cve/CVE-2022-48664
- https://www.suse.com/security/cve/CVE-2022-48947
- https://www.suse.com/security/cve/CVE-2022-48956
- https://www.suse.com/security/cve/CVE-2022-48960
- https://www.suse.com/security/cve/CVE-2022-48962
- https://www.suse.com/security/cve/CVE-2022-48967
- https://www.suse.com/security/cve/CVE-2022-48970
- https://www.suse.com/security/cve/CVE-2022-48988
- https://www.suse.com/security/cve/CVE-2022-48991
- https://www.suse.com/security/cve/CVE-2022-48999
- https://www.suse.com/security/cve/CVE-2022-49003
- https://www.suse.com/security/cve/CVE-2022-49014
- https://www.suse.com/security/cve/CVE-2022-49015
- https://www.suse.com/security/cve/CVE-2022-49023
- https://www.suse.com/security/cve/CVE-2022-49025
- https://www.suse.com/security/cve/CVE-2023-28327
- https://www.suse.com/security/cve/CVE-2023-46343
- https://www.suse.com/security/cve/CVE-2023-52881
- https://www.suse.com/security/cve/CVE-2023-52919
- https://www.suse.com/security/cve/CVE-2023-6270
- https://www.suse.com/security/cve/CVE-2024-27043
- https://www.suse.com/security/cve/CVE-2024-42145
- https://www.suse.com/security/cve/CVE-2024-44947
- https://www.suse.com/security/cve/CVE-2024-45016
- https://www.suse.com/security/cve/CVE-2024-46813
- https://www.suse.com/security/cve/CVE-2024-46816
- https://www.suse.com/security/cve/CVE-2024-46817
- https://www.suse.com/security/cve/CVE-2024-46818
- https://www.suse.com/security/cve/CVE-2024-46849
- https://www.suse.com/security/cve/CVE-2024-47668
- https://www.suse.com/security/cve/CVE-2024-47674
- https://www.suse.com/security/cve/CVE-2024-47684
- https://www.suse.com/security/cve/CVE-2024-47706
- https://www.suse.com/security/cve/CVE-2024-47747
- https://www.suse.com/security/cve/CVE-2024-49860
- https://www.suse.com/security/cve/CVE-2024-49867
- https://www.suse.com/security/cve/CVE-2024-49936
- https://www.suse.com/security/cve/CVE-2024-49974
- https://www.suse.com/security/cve/CVE-2024-49982
- https://www.suse.com/security/cve/CVE-2024-49991
- https://www.suse.com/security/cve/CVE-2024-49995
- https://www.suse.com/security/cve/CVE-2024-50047