SUSE-SU-2024:3227-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20243227-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:3227-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:3227-1
Related
Published
2024-09-12T13:26:12Z
Modified
2024-09-12T13:26:12Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576).
  • CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454).
  • CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707).
  • CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500).
  • CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326).
  • CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792).
  • CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466).
  • CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
  • CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619)
  • CVE-2022-48912: Fix use-after-free in _nfregisternethook() (bsc#1229641)
  • CVE-2024-42271: Fixed a use after free in iucvsockclose(). (bsc#1229400)
  • CVE-2024-42232: Fixed a race between delayedwork() and cephmonc_stop(). (bsc#1228959)
  • CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832).
  • CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020).

The following non-security bugs were fixed:

  • Bluetooth: L2CAP: Fix deadlock (git-fixes).
  • mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
  • mm: prevent derefencing NULL ptr in pfnsectionvalid() (git-fixes).
  • nvme_core: scan namespaces asynchronously (bsc#1224105).
References

Affected packages

SUSE:Linux Enterprise Micro 5.3 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.91.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.91.3",
            "kernel-rt": "5.14.21-150400.15.91.3"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.3 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.91.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.91.3",
            "kernel-rt": "5.14.21-150400.15.91.3"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.91.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.91.3",
            "kernel-rt": "5.14.21-150400.15.91.3"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.91.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.91.3",
            "kernel-rt": "5.14.21-150400.15.91.3"
        }
    ]
}