SUSE-SU-2024:0463-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2024/suse-su-20240463-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0463-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:0463-1
Related
Published
2024-02-14T08:17:58Z
Modified
2025-05-02T04:31:29.501100Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).
  • CVE-2023-51780: Fixed a use-after-free in dovccioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).
  • CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).
  • CVE-2021-33631: Fixed an integer overflow in ext4writeinlinedataend() (bsc#1219412).
  • CVE-2023-6535: Fixed a NULL pointer dereference in nvmettcpexecute_request (bsc#1217988).
  • CVE-2023-6536: Fixed a NULL pointer dereference in _nvmetreq_complete (bsc#1217989).
  • CVE-2023-6356: Fixed a NULL pointer dereference in nvmettcpbuildpduiovec (bsc#1217987).
  • CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).
  • CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).
  • CVE-2024-0775: Fixed use-after-free in _ext4remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).
  • CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c (bsc#1218832).
  • CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804).
  • CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within nf_tables_newtable function (bsc#1218752).
  • CVE-2023-51782: Fixed use-after-free in roseioctl in net/rose/afrose.c because of a rose_accept race condition (bsc#1218757).

The following non-security bugs were fixed:

  • Store the old kernel changelog entries in kernel-docs package (bsc#1218713).
  • x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.158.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.158.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.158.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-rt": "5.3.18-150300.158.1"
        }
    ]
}