SUSE-SU-2024:4317-1
- Source
- https://www.suse.com/support/update/announcement/2024/suse-su-20244317-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:4317-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2024:4317-1
- Related
- Published
- 2024-12-13T15:32:18Z
- Modified
- 2025-05-02T04:34:05.465775Z
- Upstream
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52524: net: nfc: llcp: Add lock when modifying device list (bsc#1220927).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224).
- CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on scosocktimeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50154: tcp/dccp: Do not use timerpending() in reqskqueue_unlink() (bsc#1233070).
- CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in applyconstraintto_size() (bsc#1233293).
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50267: usb: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50290: media: cx24116: prevent overflows on SNR calculus (bsc#1233479).
- CVE-2024-50301: security/keys: fix slab-out-of-bounds in keytaskpermission (bsc#1233490).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233491).
- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).
The following non-security bugs were fixed:
- e1000e: Correct NVM checksum verification flow (jsc#SLE-8100).
- e1000e: Do not take care about recovery NVM checksum (jsc#SLE-8100).
- ena: Remove rcureadlock() around XDP program invocation (bsc#1198778).
- ethernet: amazon: ena: A typo fix in the file ena_com.h (bsc#1198778).
- initramfs: avoid filename buffer overrun (bsc#1232436).
- kernel-binary: Enable livepatch package only when livepatch is enabled (bsc#1218644).
- net: ena: Add capabilities field with support for ENI stats capability (bsc#1198778).
- net: ena: Add debug prints for invalid req_id resets (bsc#1198778).
- net: ena: Change ENI stats support check to use capabilities field (bsc#1198778).
- net: ena: Change return value of enacalcioqueuesize() to void (bsc#1198778).
- net: ena: Change the name of bad_csum variable (bsc#1198778).
- net: ena: Extract recurring driver reset code into a function (bsc#1198778).
- net: ena: Flush XDP packets on error (bsc#1198778).
- net: ena: Improve error logging in driver (bsc#1198778).
- net: ena: Move reset completion print to the reset function (bsc#1198778).
- net: ena: Remove enacalcqueuesizectx struct (bsc#1198778).
- net: ena: Remove module param and change message severity (bsc#1198778).
- net: ena: Remove redundant return code check (bsc#1198778).
- net: ena: Remove unused code (bsc#1198778).
- net: ena: Set tx_info->xdpf value to NULL (bsc#1198778).
- net: ena: Update XDP verdict upon failure (bsc#1198778).
- net: ena: Use bitmask to indicate packet redirection (bsc#1198778).
- net: ena: Use dev_alloc() in RX buffer allocation (bsc#1198778).
- net: ena: add device distinct log prefix to files (bsc#1198778).
- net: ena: add jiffies of last napi call to stats (bsc#1198778).
- net: ena: aggregate doorbell common operations into a function (bsc#1198778).
- net: ena: aggregate stats increase into a function (bsc#1198778).
- net: ena: fix DMA mapping function issues in XDP (bsc#1198778).
- net: ena: fix coding style nits (bsc#1198778).
- net: ena: fix inaccurate print type (bsc#1198778).
- net: ena: introduce XDP redirect implementation (bsc#1198778).
- net: ena: introduce ndoxdpxmit() function for XDP_REDIRECT (bsc#1198778).
- net: ena: make symbol 'enaallocmap_page' static (bsc#1198778).
- net: ena: re-organize code to improve readability (bsc#1198778).
- net: ena: remove extra words from comments (bsc#1198778).
- net: ena: store values in their appropriate variables types (bsc#1198778).
- net: ena: use build_skb() in RX path (bsc#1198778).
- net: ena: use constant value for net_device allocation (bsc#1198778).
- net: ena: use xdp_frame in XDP TX flow (bsc#1198778).
- net: ena: use xdpreturnframe() to free xdp frames (bsc#1198778).
- tools headers: Grab copy of linux/const.h, needed by linux/bits.h (bsc#1154353).
- References
-
- https://www.suse.com/support/update/announcement/2024/suse-su-20244317-1/
- https://bugzilla.suse.com/1154353
- https://bugzilla.suse.com/1198778
- https://bugzilla.suse.com/1218644
- https://bugzilla.suse.com/1220927
- https://bugzilla.suse.com/1231939
- https://bugzilla.suse.com/1231940
- https://bugzilla.suse.com/1231958
- https://bugzilla.suse.com/1231962
- https://bugzilla.suse.com/1231991
- https://bugzilla.suse.com/1231992
- https://bugzilla.suse.com/1231995
- https://bugzilla.suse.com/1232006
- https://bugzilla.suse.com/1232163
- https://bugzilla.suse.com/1232172
- https://bugzilla.suse.com/1232224
- https://bugzilla.suse.com/1232436
- https://bugzilla.suse.com/1232860
- https://bugzilla.suse.com/1232907
- https://bugzilla.suse.com/1232919
- https://bugzilla.suse.com/1232928
- https://bugzilla.suse.com/1233070
- https://bugzilla.suse.com/1233117
- https://bugzilla.suse.com/1233293
- https://bugzilla.suse.com/1233453
- https://bugzilla.suse.com/1233456
- https://bugzilla.suse.com/1233468
- https://bugzilla.suse.com/1233479
- https://bugzilla.suse.com/1233490
- https://bugzilla.suse.com/1233491
- https://bugzilla.suse.com/1233555
- https://bugzilla.suse.com/1233557
- https://www.suse.com/security/cve/CVE-2022-48985
- https://www.suse.com/security/cve/CVE-2022-49006
- https://www.suse.com/security/cve/CVE-2022-49010
- https://www.suse.com/security/cve/CVE-2022-49011
- https://www.suse.com/security/cve/CVE-2022-49019
- https://www.suse.com/security/cve/CVE-2022-49021
- https://www.suse.com/security/cve/CVE-2022-49022
- https://www.suse.com/security/cve/CVE-2022-49029
- https://www.suse.com/security/cve/CVE-2022-49031
- https://www.suse.com/security/cve/CVE-2022-49032
- https://www.suse.com/security/cve/CVE-2023-52524
- https://www.suse.com/security/cve/CVE-2024-49925
- https://www.suse.com/security/cve/CVE-2024-50089
- https://www.suse.com/security/cve/CVE-2024-50115
- https://www.suse.com/security/cve/CVE-2024-50125
- https://www.suse.com/security/cve/CVE-2024-50127
- https://www.suse.com/security/cve/CVE-2024-50154
- https://www.suse.com/security/cve/CVE-2024-50205
- https://www.suse.com/security/cve/CVE-2024-50208
- https://www.suse.com/security/cve/CVE-2024-50264
- https://www.suse.com/security/cve/CVE-2024-50267
- https://www.suse.com/security/cve/CVE-2024-50279
- https://www.suse.com/security/cve/CVE-2024-50290
- https://www.suse.com/security/cve/CVE-2024-50301
- https://www.suse.com/security/cve/CVE-2024-50302
- https://www.suse.com/security/cve/CVE-2024-53061
- https://www.suse.com/security/cve/CVE-2024-53063
Affected packages
SUSE:Linux Enterprise Micro 5.1 / kernel-rt
Package
- Name
- kernel-rt
- Purl
- pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1
SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt
Package
- Name
- kernel-source-rt
- Purl
- pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1
SUSE:Linux Enterprise Micro 5.2 / kernel-rt
Package
- Name
- kernel-rt
- Purl
- pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2