SUSE-SU-2024:4081-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2024/suse-su-20244081-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:4081-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:4081-1
Related
Published
2024-11-27T14:22:35Z
Modified
2025-05-02T04:32:11.706780Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893).
  • CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979).
  • CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisifemacrx() (bsc#1232286).
  • CVE-2022-48967: NFC: nci: Bounds check struct nfc_target arrays (bsc#1232304).
  • CVE-2022-48988: memcg: Fix possible use-after-free in memcgwriteevent_control() (bsc#1232069).
  • CVE-2022-48991: mm/khugepaged: fix collapseptemappedthp() to allow anonvma (bsc#1232070).
  • CVE-2022-49003: nvme: fix SRCU protection of nvmenshead list (bsc#1232136).
  • CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1231890).
  • CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938).
  • CVE-2022-49023: wifi: cfg80211: fix buffer overflow in elem comparison (bsc#1231961).
  • CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table (bsc#1231960).
  • CVE-2024-36971: Fixed _dstnegative_advice() race (bsc#1226145).
  • CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429).
  • CVE-2024-45026: s390/dasd: fix error recovery leading to data corruption on ESE devices (bsc#1230454).
  • CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
  • CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193).
  • CVE-2024-46815: drm/amd/display: Check numvalidsets before accessing readerwmsets (bsc#1231195).
  • CVE-2024-46816: drm/amd/display: Stop amdgpudm initialize when link nums greater than maxlinks (bsc#1231197).
  • CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200).
  • CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203).
  • CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073).
  • CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in _genradixptr_alloc() (bsc#1231502).
  • CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
  • CVE-2024-47684: tcp: check skb is non-NULL in tcprtodelta_us() (bsc#1231987).
  • CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
  • CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145).
  • CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861).
  • CVE-2024-49936: net/xen-netback: prevent UAF in xenvifflushhash() (bsc#1232424).
  • CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519).
  • CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383).
  • CVE-2024-49991: drm/amdkfd: amdkfdfreegtt_mem clear the correct pointer (bsc#1232282).
  • CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
  • CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).

The following non-security bugs were fixed:

  • kernel-binary: generate and install compile_commands.json (bsc#1228971)
  • kernel-binary: vdso: Own module_dir
  • bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375).
  • mkspec-dtb: add toplevel symlinks also on arm
  • net: mana: Fix the extra HZ in manahwcsend_request (bsc#1232033).
  • scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.191.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.191.1",
            "kernel-rt": "5.3.18-150300.191.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.191.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.191.1",
            "kernel-rt": "5.3.18-150300.191.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.191.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.191.1",
            "kernel-rt": "5.3.18-150300.191.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.191.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.191.1",
            "kernel-rt": "5.3.18-150300.191.1"
        }
    ]
}