SUSE-SU-2024:4131-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) - CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224) - CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165). - CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117). - CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556). - CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). - CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976). - CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). - CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). - CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070). - CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). - CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). - CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). - CVE-2024-45026: s390/dasd: fix error recovery leading to data corruption on ESE devices (bsc#1230454). - CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715). - CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). - CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). - CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195). - CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). - CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). - CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). - CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). - CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). - CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). - CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). - CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). - CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). - CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174). - CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). - CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260). - CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). - CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). - CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). - CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). - CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). - CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). - CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). The following non-security bugs were fixed: - NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). - PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). - RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (bsc#1232036). - bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). - dn_route: set rt neigh to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). - initramfs: avoid filename buffer overrun (bsc#1232436). - ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813). - ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813). - net: mana: Fix the extra HZ in mana_hwc_send_request (bsc#1232033). - x86/kexec: Add EFI config table identity mapping for kexec kernel (bsc#1220382). - x86/mm/ident_map: Use gbpages only where full GB page should be mapped (bsc#1220382). - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813).
Affected Systems
- suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.141.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-64kb&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.141.1.150400.24.68.2
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.141.1.150400.24.68.2
- suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.24.141.1.150400.24.68.2
- suse•kernel-default-base&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.24.141.1.150400.24.68.2
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.141.1.150400.24.68.2
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.141.1.150400.24.68.2
- suse•kernel-default-base&distro=SUSE Manager Proxy 4.3
< 5.14.21-150400.24.141.1.150400.24.68.2
- suse•kernel-default-base&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.141.1.150400.24.68.2
- suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP4
< 5.14.21-150400.24.141.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.141.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP4
< 5.14.21-150400.24.141.1
- suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.3
< 5.14.21-150400.24.141.1
- suse•kernel-default&distro=SUSE Linux Enterprise Micro 5.4
< 5.14.21-150400.24.141.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.141.1
- suse•kernel-default&distro=SUSE Manager Proxy 4.3
< 5.14.21-150400.24.141.1
- suse•kernel-default&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.141.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.141.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.141.1
- suse•kernel-livepatch-SLE15-SP4_Update_33&distro=SUSE Linux Enterprise Live Patching 15 SP4
< 1-150400.9.5.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.141.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.141.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.141.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.141.1
- suse•kernel-source&distro=SUSE Manager Proxy 4.3
< 5.14.21-150400.24.141.1
- suse•kernel-source&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.141.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
< 5.14.21-150400.24.141.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP4
< 5.14.21-150400.24.141.1
- suse•kernel-syms&distro=SUSE Manager Proxy 4.3
< 5.14.21-150400.24.141.1
- suse•kernel-syms&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.141.1
- suse•kernel-zfcpdump&distro=SUSE Linux Enterprise Server 15 SP4-LTSS
< 5.14.21-150400.24.141.1
- suse•kernel-zfcpdump&distro=SUSE Manager Server 4.3
< 5.14.21-150400.24.141.1
References (230)
- https://www.suse.com/support/update/announcement/2024/suse-su-20244131-1/
- https://bugzilla.suse.com/1204171
- https://bugzilla.suse.com/1205796
- https://bugzilla.suse.com/1206188
- https://bugzilla.suse.com/1206344
- https://bugzilla.suse.com/1209290
- https://bugzilla.suse.com/1210449
- https://bugzilla.suse.com/1210627
- https://bugzilla.suse.com/1213034
- https://bugzilla.suse.com/1216223
- https://bugzilla.suse.com/1216813
- https://bugzilla.suse.com/1218562
- https://bugzilla.suse.com/1220382
- https://bugzilla.suse.com/1223384
- https://bugzilla.suse.com/1223524
- https://bugzilla.suse.com/1223824
- https://bugzilla.suse.com/1225189
- https://bugzilla.suse.com/1225336
- https://bugzilla.suse.com/1225611
- https://bugzilla.suse.com/1226666
- https://bugzilla.suse.com/1228743
- https://bugzilla.suse.com/1229345
- https://bugzilla.suse.com/1229452
- https://bugzilla.suse.com/1229454
- https://bugzilla.suse.com/1229456
- https://bugzilla.suse.com/1229556
- https://bugzilla.suse.com/1230429
- https://bugzilla.suse.com/1230442
- https://bugzilla.suse.com/1230454
- https://bugzilla.suse.com/1230600
- https://bugzilla.suse.com/1230620
- https://bugzilla.suse.com/1230715
- https://bugzilla.suse.com/1230903
- https://bugzilla.suse.com/1231016
- https://bugzilla.suse.com/1231073
- https://bugzilla.suse.com/1231191
- https://bugzilla.suse.com/1231193
- https://bugzilla.suse.com/1231195
- https://bugzilla.suse.com/1231197
- https://bugzilla.suse.com/1231200
- https://bugzilla.suse.com/1231203
- https://bugzilla.suse.com/1231293
- https://bugzilla.suse.com/1231375
- https://bugzilla.suse.com/1231502
- https://bugzilla.suse.com/1231673
- https://bugzilla.suse.com/1231861
- https://bugzilla.suse.com/1231883
- https://bugzilla.suse.com/1231885
- https://bugzilla.suse.com/1231887
- https://bugzilla.suse.com/1231888
- https://bugzilla.suse.com/1231890
- https://bugzilla.suse.com/1231892
- https://bugzilla.suse.com/1231893
- https://bugzilla.suse.com/1231895
- https://bugzilla.suse.com/1231896
- https://bugzilla.suse.com/1231897
- https://bugzilla.suse.com/1231929
- https://bugzilla.suse.com/1231936
- https://bugzilla.suse.com/1231937
- https://bugzilla.suse.com/1231938
- https://bugzilla.suse.com/1231939
- https://bugzilla.suse.com/1231940
- https://bugzilla.suse.com/1231941
- https://bugzilla.suse.com/1231942
- https://bugzilla.suse.com/1231958
- https://bugzilla.suse.com/1231960
- https://bugzilla.suse.com/1231961
- https://bugzilla.suse.com/1231962
- https://bugzilla.suse.com/1231972
- https://bugzilla.suse.com/1231976
- https://bugzilla.suse.com/1231979
- https://bugzilla.suse.com/1231987
- https://bugzilla.suse.com/1231988
- https://bugzilla.suse.com/1231991
- https://bugzilla.suse.com/1231992
- https://bugzilla.suse.com/1231995
- https://bugzilla.suse.com/1231996
- https://bugzilla.suse.com/1231997
- https://bugzilla.suse.com/1232001
- https://bugzilla.suse.com/1232005
- https://bugzilla.suse.com/1232006
- https://bugzilla.suse.com/1232007
- https://bugzilla.suse.com/1232025
- https://bugzilla.suse.com/1232026
- https://bugzilla.suse.com/1232033
- https://bugzilla.suse.com/1232035
- https://bugzilla.suse.com/1232036
- https://bugzilla.suse.com/1232037
- https://bugzilla.suse.com/1232038
- https://bugzilla.suse.com/1232039
- https://bugzilla.suse.com/1232067
- https://bugzilla.suse.com/1232069
- https://bugzilla.suse.com/1232070
- https://bugzilla.suse.com/1232071
- https://bugzilla.suse.com/1232097
- https://bugzilla.suse.com/1232108
- https://bugzilla.suse.com/1232119
- https://bugzilla.suse.com/1232120
- https://bugzilla.suse.com/1232123
- https://bugzilla.suse.com/1232133
- https://bugzilla.suse.com/1232136
- https://bugzilla.suse.com/1232145
- https://bugzilla.suse.com/1232150
- https://bugzilla.suse.com/1232163
- https://bugzilla.suse.com/1232165
- https://bugzilla.suse.com/1232170
- https://bugzilla.suse.com/1232172
- https://bugzilla.suse.com/1232174
- https://bugzilla.suse.com/1232224
- https://bugzilla.suse.com/1232229
- https://bugzilla.suse.com/1232237
- https://bugzilla.suse.com/1232260
- https://bugzilla.suse.com/1232262
- https://bugzilla.suse.com/1232281
- https://bugzilla.suse.com/1232282
- https://bugzilla.suse.com/1232286
- https://bugzilla.suse.com/1232304
- https://bugzilla.suse.com/1232383
- https://bugzilla.suse.com/1232395
- https://bugzilla.suse.com/1232418
- https://bugzilla.suse.com/1232424
- https://bugzilla.suse.com/1232432
- https://bugzilla.suse.com/1232436
- https://bugzilla.suse.com/1232519
- https://bugzilla.suse.com/1233117
- https://www.suse.com/security/cve/CVE-2021-47416
- https://www.suse.com/security/cve/CVE-2021-47534
- https://www.suse.com/security/cve/CVE-2022-3435
- https://www.suse.com/security/cve/CVE-2022-45934
- https://www.suse.com/security/cve/CVE-2022-48664
- https://www.suse.com/security/cve/CVE-2022-48879
- https://www.suse.com/security/cve/CVE-2022-48946
- https://www.suse.com/security/cve/CVE-2022-48947
- https://www.suse.com/security/cve/CVE-2022-48948
- https://www.suse.com/security/cve/CVE-2022-48949
- https://www.suse.com/security/cve/CVE-2022-48951
- https://www.suse.com/security/cve/CVE-2022-48953
- https://www.suse.com/security/cve/CVE-2022-48954
- https://www.suse.com/security/cve/CVE-2022-48955
- https://www.suse.com/security/cve/CVE-2022-48956
- https://www.suse.com/security/cve/CVE-2022-48959
- https://www.suse.com/security/cve/CVE-2022-48960
- https://www.suse.com/security/cve/CVE-2022-48961
- https://www.suse.com/security/cve/CVE-2022-48962
- https://www.suse.com/security/cve/CVE-2022-48967
- https://www.suse.com/security/cve/CVE-2022-48968
- https://www.suse.com/security/cve/CVE-2022-48969
- https://www.suse.com/security/cve/CVE-2022-48970
- https://www.suse.com/security/cve/CVE-2022-48971
- https://www.suse.com/security/cve/CVE-2022-48972
- https://www.suse.com/security/cve/CVE-2022-48973
- https://www.suse.com/security/cve/CVE-2022-48975
- https://www.suse.com/security/cve/CVE-2022-48977
- https://www.suse.com/security/cve/CVE-2022-48978
- https://www.suse.com/security/cve/CVE-2022-48981
- https://www.suse.com/security/cve/CVE-2022-48985
- https://www.suse.com/security/cve/CVE-2022-48987
- https://www.suse.com/security/cve/CVE-2022-48988
- https://www.suse.com/security/cve/CVE-2022-48991
- https://www.suse.com/security/cve/CVE-2022-48992
- https://www.suse.com/security/cve/CVE-2022-48994
- https://www.suse.com/security/cve/CVE-2022-48995
- https://www.suse.com/security/cve/CVE-2022-48997
- https://www.suse.com/security/cve/CVE-2022-48999
- https://www.suse.com/security/cve/CVE-2022-49000
- https://www.suse.com/security/cve/CVE-2022-49002
- https://www.suse.com/security/cve/CVE-2022-49003
- https://www.suse.com/security/cve/CVE-2022-49005
- https://www.suse.com/security/cve/CVE-2022-49006
- https://www.suse.com/security/cve/CVE-2022-49007
- https://www.suse.com/security/cve/CVE-2022-49010
- https://www.suse.com/security/cve/CVE-2022-49011
- https://www.suse.com/security/cve/CVE-2022-49012
- https://www.suse.com/security/cve/CVE-2022-49014
- https://www.suse.com/security/cve/CVE-2022-49015
- https://www.suse.com/security/cve/CVE-2022-49016
- https://www.suse.com/security/cve/CVE-2022-49019
- https://www.suse.com/security/cve/CVE-2022-49021
- https://www.suse.com/security/cve/CVE-2022-49022
- https://www.suse.com/security/cve/CVE-2022-49023
- https://www.suse.com/security/cve/CVE-2022-49024
- https://www.suse.com/security/cve/CVE-2022-49025
- https://www.suse.com/security/cve/CVE-2022-49026
- https://www.suse.com/security/cve/CVE-2022-49027
- https://www.suse.com/security/cve/CVE-2022-49028
- https://www.suse.com/security/cve/CVE-2022-49029
- https://www.suse.com/security/cve/CVE-2022-49031
- https://www.suse.com/security/cve/CVE-2022-49032
- https://www.suse.com/security/cve/CVE-2023-2166
- https://www.suse.com/security/cve/CVE-2023-28327
- https://www.suse.com/security/cve/CVE-2023-52766
- https://www.suse.com/security/cve/CVE-2023-52800
- https://www.suse.com/security/cve/CVE-2023-52881
- https://www.suse.com/security/cve/CVE-2023-52919
- https://www.suse.com/security/cve/CVE-2023-6270
- https://www.suse.com/security/cve/CVE-2024-27043
- https://www.suse.com/security/cve/CVE-2024-42145
- https://www.suse.com/security/cve/CVE-2024-43854
- https://www.suse.com/security/cve/CVE-2024-44947
- https://www.suse.com/security/cve/CVE-2024-45013
- https://www.suse.com/security/cve/CVE-2024-45016
- https://www.suse.com/security/cve/CVE-2024-45026
- https://www.suse.com/security/cve/CVE-2024-46716
- https://www.suse.com/security/cve/CVE-2024-46813
- https://www.suse.com/security/cve/CVE-2024-46814
- https://www.suse.com/security/cve/CVE-2024-46815
- https://www.suse.com/security/cve/CVE-2024-46816
- https://www.suse.com/security/cve/CVE-2024-46817
- https://www.suse.com/security/cve/CVE-2024-46818
- https://www.suse.com/security/cve/CVE-2024-46849
- https://www.suse.com/security/cve/CVE-2024-47668
- https://www.suse.com/security/cve/CVE-2024-47674
- https://www.suse.com/security/cve/CVE-2024-47684
- https://www.suse.com/security/cve/CVE-2024-47706
- https://www.suse.com/security/cve/CVE-2024-47747
- https://www.suse.com/security/cve/CVE-2024-47748
- https://www.suse.com/security/cve/CVE-2024-49860
- https://www.suse.com/security/cve/CVE-2024-49867
- https://www.suse.com/security/cve/CVE-2024-49925
- https://www.suse.com/security/cve/CVE-2024-49930
- https://www.suse.com/security/cve/CVE-2024-49936
- https://www.suse.com/security/cve/CVE-2024-49945
- https://www.suse.com/security/cve/CVE-2024-49960
- https://www.suse.com/security/cve/CVE-2024-49969
- https://www.suse.com/security/cve/CVE-2024-49974
- https://www.suse.com/security/cve/CVE-2024-49982
- https://www.suse.com/security/cve/CVE-2024-49991
- https://www.suse.com/security/cve/CVE-2024-49995
- https://www.suse.com/security/cve/CVE-2024-50047
- https://www.suse.com/security/cve/CVE-2024-50208