SUSE-SU-2024:4100-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2024/suse-su-20244100-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:4100-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:4100-1
Related
Published
2024-11-28T12:42:12Z
Modified
2025-05-02T04:32:03.664448Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.

The Linux Enterprise 12 SP5 kernel turned LTSS (Extended Security)

The following security bugs were fixed:

  • CVE-2021-46936: Fixed use-after-free in twtimerhandler() (bsc#1220439).
  • CVE-2021-47163: kABI fix for tipc: wait and exit until all work queues are done (bsc#1221980).
  • CVE-2021-47612: nfc: fix segfault in nfcgenldumpdevicesdone (bsc#1226585).
  • CVE-2022-48809: net: fix a memleak when uncloning an skb dst and its metadata (bsc#1227947).
  • CVE-2022-48951: ASoC: ops: Correct bounds check for second channel on SX controls (bsc#1231929).
  • CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893).
  • CVE-2022-48958: ethernet: aeroflex: fix potential skb leak in grethinitrings() (bsc#1231889).
  • CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979).
  • CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisifemacrx() (bsc#1232286).
  • CVE-2022-48966: net: mvneta: Fix an out of bounds check (bsc#1232191).
  • CVE-2022-48967: NFC: nci: Bounds check struct nfc_target arrays (bsc#1232304).
  • CVE-2022-48971: Bluetooth: Fix not cleanup led when bt_init fails (bsc#1232037).
  • CVE-2022-48972: mac802154: fix missing INITLISTHEAD in ieee802154ifadd() (bsc#1232025).
  • CVE-2022-48973: gpio: amd8111: Fix PCI device reference count leak (bsc#1232039).
  • CVE-2022-48978: HID: core: fix shift-out-of-bounds in hidreportraw_event (bsc#1232038).
  • CVE-2022-48991: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths (bsc#1232070).
  • CVE-2022-48992: ASoC: soc-pcm: Add NULL check in BE reparenting (bsc#1232071).
  • CVE-2022-49000: iommu/vt-d: Fix PCI device refcount leak in hasexternalpci() (bsc#1232123).
  • CVE-2022-49002: iommu/vt-d: Fix PCI device refcount leak in dmardevscope_init() (bsc#1232133).
  • CVE-2022-49010: hwmon: (coretemp) Check for null before removing sysfs attrs (bsc#1232172).
  • CVE-2022-49011: hwmon: (coretemp) fix pci device refcount leak in nv1aramnew() (bsc#1232006).
  • CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1231890).
  • CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938).
  • CVE-2022-49020: net/9p: Fix a potential socket leak in p9socketopen (bsc#1232175).
  • CVE-2022-49021: net: phy: fix null-ptr-deref while probe() failed (bsc#1231939).
  • CVE-2022-49026: e100: Fix possible use after free in e100xmitprepare (bsc#1231997).
  • CVE-2022-49027: iavf: Fix error handling in iavfinitmodule() (bsc#1232007).
  • CVE-2022-49028: ixgbevf: Fix resource leak in ixgbevfinitmodule() (bsc#1231996).
  • CVE-2022-49029: hwmon: (ibmpex) Fix possible UAF when ibmpexregisterbmc() fails (bsc#1231995).
  • CVE-2023-52898: xhci: Fix null pointer dereference when host dies (bsc#1229568).
  • CVE-2023-52918: media: pci: cx23885: check cx23885vdevinit() return (bsc#1232047).
  • CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
  • CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
  • CVE-2024-39476: md/raid5: fix deadlock that raid5d() wait for itself to clear MDSBCHANGE_PENDING (bsc#1227437).
  • CVE-2024-40965: i2c: lpi2c: Avoid calling clkgetrate during transfer (bsc#1227885).
  • CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620).
  • CVE-2024-42114: netlink: extend policy range validation (bsc#1228564 prerequisite).
  • CVE-2024-42253: gpio: pca953x: fix pca953xirqbussyncunlock race (bsc#1229005 stable-fixes).
  • CVE-2024-44931: gpio: prevent potential speculation leaks in gpiodeviceget_desc() (bsc#1229837 stable-fixes).
  • CVE-2024-44958: sched/smt: Fix unbalance schedsmtpresent dec/inc (bsc#1230179).
  • CVE-2024-46724: drm/amdgpu: Fix out-of-bounds read of dfv17channelnumber (bsc#1230725).
  • CVE-2024-46755: wifi: mwifiex: Do not return unused priv in mwifiexgetprivbyid() (bsc#1230802).
  • CVE-2024-46802: drm/amd/display: added NULL check at start of dcvalidatestream (bsc#1231111).
  • CVE-2024-46809: drm/amd/display: Check BIOS images before it is used (bsc#1231148).
  • CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191).
  • CVE-2024-46816: drm/amd/display: Stop amdgpudm initialize when link nums greater than maxlinks (bsc#1231197).
  • CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203).
  • CVE-2024-46826: ELF: fix kernel.randomizevaspace double read (bsc#1231115).
  • CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096).
  • CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105).
  • CVE-2024-46841: btrfs: do not BUGON on ENOMEM from btrfslookupextentinfo() in walkdownproc() (bsc#1231094).
  • CVE-2024-46848: perf/x86/intel: Limit the period on Haswell (bsc#1231072).
  • CVE-2024-47672: wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (bsc#1231540).
  • CVE-2024-47673: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (bsc#1231539).
  • CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
  • CVE-2024-47684: tcp: check skb is non-NULL in tcprtodelta_us() (bsc#1231987).
  • CVE-2024-47685: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput() (bsc#1231998).
  • CVE-2024-47697: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (bsc#1231858).
  • CVE-2024-47698: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (bsc#1231859).
  • CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942).
  • CVE-2024-47707: ipv6: avoid possible NULL deref in rt6uncachedlistflushdev() (bsc#1231935).
  • CVE-2024-47713: wifi: mac80211: use two-phase skb reclamation in ieee80211dostop() (bsc#1232016).
  • CVE-2024-47735: RDMA/hns: Fix spinunlockirqrestore() called with IRQs enabled (bsc#1232111).
  • CVE-2024-47737: nfsd: call cacheput if xdrreserve_space returns NULL (bsc#1232056).
  • CVE-2024-47742: firmware_loader: Block path traversal (bsc#1232126).
  • CVE-2024-47745: mm: split critical region in remapfilepages() and invoke LSMs in between (bsc#1232135).
  • CVE-2024-49851: tpm: Clean up TPM space after command failure (bsc#1232134).
  • CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861).
  • CVE-2024-49881: ext4: update origpath in ext4find_extent() (bsc#1232201).
  • CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200).
  • CVE-2024-49883: ext4: aovid use-after-free in ext4extinsert_extent() (bsc#1232199).
  • CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217).
  • CVE-2024-49891: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1232218).
  • CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354).
  • CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221).
  • CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305).
  • CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313).
  • CVE-2024-49929: wifi: iwlwifi: mvm: avoid NULL pointer dereference (bsc#1232253).
  • CVE-2024-49936: net/xen-netback: prevent UAF in xenvifflushhash() (bsc#1232424).
  • CVE-2024-49949: net: avoid potential underflow in qdiscpktlen_init() with UFO (bsc#1232160).
  • CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151).
  • CVE-2024-49959: jbd2: stop waiting for space when jbd2cleanupjournal_tail() returns error (bsc#1232149).
  • CVE-2024-49962: ACPICA: check null return of ACPIALLOCATEZEROED() in acpidbconverttopackage() (bsc#1232314).
  • CVE-2024-49966: ocfs2: cancel dqisyncwork before freeing oinfo (bsc#1232141).
  • CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140).
  • CVE-2024-49991: drm/amdkfd: amdkfdfreegtt_mem clear the correct pointer (bsc#1232282).
  • CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432).
  • CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089).
  • CVE-2024-50006: ext4: fix idatasem unlock order in ext4indmigrate() (bsc#1232442).
  • CVE-2024-50007: ALSA: asihpi: Fix potential OOB array access (bsc#1232394).
  • CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954).
  • CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914).
  • CVE-2024-50035: ppp: fix pppasyncencode() illegal access (bsc#1232392).
  • CVE-2024-50045: netfilter: brnetfilter: fix panic with metadatadst skb (bsc#1231903).
  • CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418).
  • CVE-2024-50058: serial: protect uartportdtrrts() in uartshutdown() too (bsc#1232285).

The following non-security bugs were fixed:

  • arm64: esr: Define ESRELxEC_* constants as UL (git-fixes)
  • arm64: probes: Fix simulateldr*literal() (git-fixes)
  • arm64: probes: Fix uprobes for big-endian kernels (git-fixes)
  • arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes)
  • bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375).
  • drbd: Add NULL check for net_conf to prevent dereference in state validation (git-fixes).
  • drbd: Fix atomicity violation in drbduuidset_bm() (git-fixes).
  • ext4: fix slab-use-after-free in ext4splitextent_at() (bsc#1232201)
  • kernel-binary: generate and install compile_commands.json (bsc#1228971)
  • net: usb: usbnet: fix name regression (get-fixes).
  • nfs: fix memory leak in error path of nfs4doreclaim (git-fixes).
  • nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes).
  • x86/kaslr: Expose and use the end of the physical memory address space (bsc#1230405).
References

Affected packages

SUSE:Linux Enterprise Live Patching 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.234.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-122_234-default": "1-8.3.1",
            "kernel-default-kgraft": "4.12.14-122.234.1",
            "kernel-default-kgraft-devel": "4.12.14-122.234.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP5 / kgraft-patch-SLE12-SP5_Update_62

Package

Name
kgraft-patch-SLE12-SP5_Update_62
Purl
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_62&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-8.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-122_234-default": "1-8.3.1",
            "kernel-default-kgraft": "4.12.14-122.234.1",
            "kernel-default-kgraft-devel": "4.12.14-122.234.1"
        }
    ]
}