SUSE-SU-2024:4081-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20244081-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:4081-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:4081-1
Related
Published
2024-11-27T14:22:35Z
Modified
2024-11-27T14:22:35Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893).
  • CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979).
  • CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisifemacrx() (bsc#1232286).
  • CVE-2022-48967: NFC: nci: Bounds check struct nfc_target arrays (bsc#1232304).
  • CVE-2022-48988: memcg: Fix possible use-after-free in memcgwriteevent_control() (bsc#1232069).
  • CVE-2022-48991: mm/khugepaged: fix collapseptemappedthp() to allow anonvma (bsc#1232070).
  • CVE-2022-49003: nvme: fix SRCU protection of nvmenshead list (bsc#1232136).
  • CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1231890).
  • CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938).
  • CVE-2022-49023: wifi: cfg80211: fix buffer overflow in elem comparison (bsc#1231961).
  • CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table (bsc#1231960).
  • CVE-2024-36971: Fixed _dstnegative_advice() race (bsc#1226145).
  • CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
  • CVE-2024-45026: s390/dasd: fix error recovery leading to data corruption on ESE devices (bsc#1230454).
  • CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
  • CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193).
  • CVE-2024-46815: drm/amd/display: Check numvalidsets before accessing readerwmsets (bsc#1231195).
  • CVE-2024-46816: drm/amd/display: Stop amdgpudm initialize when link nums greater than maxlinks (bsc#1231197).
  • CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200).
  • CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203).
  • CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073).
  • CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in _genradixptr_alloc() (bsc#1231502).
  • CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
  • CVE-2024-47684: tcp: check skb is non-NULL in tcprtodelta_us() (bsc#1231987).
  • CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
  • CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).
  • CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861).
  • CVE-2024-49936: net/xen-netback: prevent UAF in xenvifflushhash() (bsc#1232424).
  • CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).
  • CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).
  • CVE-2024-49991: drm/amdkfd: amdkfdfreegtt_mem clear the correct pointer (bsc#1232282).
  • CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
  • CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).

The following non-security bugs were fixed:

  • kernel-binary: generate and install compile_commands.json (bsc#1228971)
  • kernel-binary: vdso: Own module_dir
  • bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375).
  • mkspec-dtb: add toplevel symlinks also on arm
  • net: mana: Fix the extra HZ in manahwcsend_request (bsc#1232033).
  • scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.191.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.191.1",
            "kernel-rt": "5.3.18-150300.191.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.191.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.191.1",
            "kernel-rt": "5.3.18-150300.191.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.191.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.191.1",
            "kernel-rt": "5.3.18-150300.191.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.191.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.191.1",
            "kernel-rt": "5.3.18-150300.191.1"
        }
    ]
}