SUSE-SU-2024:4317-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20244317-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:4317-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:4317-1
Related
Published
2024-12-13T15:32:18Z
Modified
2025-05-02T04:34:05.465775Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2023-52524: net: nfc: llcp: Add lock when modifying device list (bsc#1220927).
  • CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224).
  • CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860).
  • CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
  • CVE-2024-50125: Bluetooth: SCO: Fix UAF on scosocktimeout (bsc#1232928).
  • CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
  • CVE-2024-50154: tcp/dccp: Do not use timerpending() in reqskqueue_unlink() (bsc#1233070).
  • CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstraintto_size() (bsc#1233293).
  • CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117).
  • CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
  • CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
  • CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
  • CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
  • CVE-2024-50301: security/keys: fix slab-out-of-bounds in keytaskpermission (bsc#1233490).
  • CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).
  • CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
  • CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).

The following non-security bugs were fixed:

  • e1000e: Correct NVM checksum verification flow (jsc#SLE-8100).
  • e1000e: Do not take care about recovery NVM checksum (jsc#SLE-8100).
  • ena: Remove rcureadlock() around XDP program invocation (bsc#1198778).
  • ethernet: amazon: ena: A typo fix in the file ena_com.h (bsc#1198778).
  • initramfs: avoid filename buffer overrun (bsc#1232436).
  • kernel-binary: Enable livepatch package only when livepatch is enabled (bsc#1218644).
  • net: ena: Add capabilities field with support for ENI stats capability (bsc#1198778).
  • net: ena: Add debug prints for invalid req_id resets (bsc#1198778).
  • net: ena: Change ENI stats support check to use capabilities field (bsc#1198778).
  • net: ena: Change return value of enacalcioqueuesize() to void (bsc#1198778).
  • net: ena: Change the name of bad_csum variable (bsc#1198778).
  • net: ena: Extract recurring driver reset code into a function (bsc#1198778).
  • net: ena: Flush XDP packets on error (bsc#1198778).
  • net: ena: Improve error logging in driver (bsc#1198778).
  • net: ena: Move reset completion print to the reset function (bsc#1198778).
  • net: ena: Remove enacalcqueuesizectx struct (bsc#1198778).
  • net: ena: Remove module param and change message severity (bsc#1198778).
  • net: ena: Remove redundant return code check (bsc#1198778).
  • net: ena: Remove unused code (bsc#1198778).
  • net: ena: Set tx_info->xdpf value to NULL (bsc#1198778).
  • net: ena: Update XDP verdict upon failure (bsc#1198778).
  • net: ena: Use bitmask to indicate packet redirection (bsc#1198778).
  • net: ena: Use dev_alloc() in RX buffer allocation (bsc#1198778).
  • net: ena: add device distinct log prefix to files (bsc#1198778).
  • net: ena: add jiffies of last napi call to stats (bsc#1198778).
  • net: ena: aggregate doorbell common operations into a function (bsc#1198778).
  • net: ena: aggregate stats increase into a function (bsc#1198778).
  • net: ena: fix DMA mapping function issues in XDP (bsc#1198778).
  • net: ena: fix coding style nits (bsc#1198778).
  • net: ena: fix inaccurate print type (bsc#1198778).
  • net: ena: introduce XDP redirect implementation (bsc#1198778).
  • net: ena: introduce ndoxdpxmit() function for XDP_REDIRECT (bsc#1198778).
  • net: ena: make symbol 'enaallocmap_page' static (bsc#1198778).
  • net: ena: re-organize code to improve readability (bsc#1198778).
  • net: ena: remove extra words from comments (bsc#1198778).
  • net: ena: store values in their appropriate variables types (bsc#1198778).
  • net: ena: use build_skb() in RX path (bsc#1198778).
  • net: ena: use constant value for net_device allocation (bsc#1198778).
  • net: ena: use xdp_frame in XDP TX flow (bsc#1198778).
  • net: ena: use xdpreturnframe() to free xdp frames (bsc#1198778).
  • tools headers: Grab copy of linux/const.h, needed by linux/bits.h (bsc#1154353).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.194.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.194.1",
            "kernel-rt": "5.3.18-150300.194.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.194.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.194.1",
            "kernel-rt": "5.3.18-150300.194.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.194.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.194.1",
            "kernel-rt": "5.3.18-150300.194.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.194.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.194.1",
            "kernel-rt": "5.3.18-150300.194.1"
        }
    ]
}