[SUSE-SU-2024:1489-1] Security update for the Linux Kernel
Severity
Important
CVEs
157
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 LTSS kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2020-36781: Fixed reference leak when pm_runtime_get_sync fails in i2c/imx (bsc#1220557).
- CVE-2021-46911: Fixed kernel panic (bsc#1220400).
- CVE-2021-46914: Fixed unbalanced device enable/disable in suspend/resume in pci_disable_device() (bsc#1220465).
- CVE-2021-46917: Fixed wq cleanup of WQCFG registers in idxd (bsc#1220432).
- CVE-2021-46918: Fixed not clearing MSIX permission entry on shutdown in idxd (bsc#1220429).
- CVE-2021-46919: Fixed wq size store permission state in idxd (bsc#1220414).
- CVE-2021-46920: Fixed clobbering of SWERR overflow bit on writeback (bsc#1220426).
- CVE-2021-46922: Fixed TPM reservation for seal/unseal (bsc#1220475).
- CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
- CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486).
- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
- CVE-2021-46956: Fixed memory leak in virtio_fs_probe() (bsc#1220516).
- CVE-2021-46959: Fixed use-after-free with devm_spi_alloc_* (bsc#1220734).
- CVE-2021-46961: Fixed spurious interrup handling (bsc#1220529).
- CVE-2021-46971: Fixed unconditional security_locked_down() call (bsc#1220697).
- CVE-2021-46976: Fixed crash in auto_retire in drm/i915 (bsc#1220621).
- CVE-2021-46980: Fixed not retrieving all the PDOs instead of just the first 4 in usb/typec/ucsi (bsc#1220663).
- CVE-2021-46983: Fixed NULL pointer dereference when SEND is completed with error (bsc#1220639).
- CVE-2021-46988: Fixed release page in error path to avoid BUG_ON (bsc#1220706).
- CVE-2021-47001: Fixed cwnd update ordering in xprtrdma (bsc#1220670).
- CVE-2021-47003: Fixed potential null dereference on pointer status in idxd_cmd_exec (bsc#1220677).
- CVE-2021-47009: Fixed memory leak on object td (bsc#1220733).
- CVE-2021-47014: Fixed wild memory access when clearing fragments in net/sched/act_ct (bsc#1220630).
- CVE-2021-47017: Fixed use after free in ath10k_htc_send_bundle (bsc#1220678).
- CVE-2021-47026: Fixed not destroying sysfs after removing session from active list (bsc#1220685).
- CVE-2021-47035: Fixed wrong WO permissions on second-level paging entries in iommu/vt-d (bsc#1220688).
- CVE-2021-47038: Fixed deadlock between hci_dev->lock and socket lock in bluetooth (bsc#1220753).
- CVE-2021-47044: Fixed shift-out-of-bounds in load_balance() in sched/fair (bsc#1220759).
- CVE-2021-47046: Fixed off by one in hdmi_14_process_transaction() (bsc#1220758).
- CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
- CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
- CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982).
- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
- CVE-2021-47109: Fixed NUD_NOARP entries to be forced GCed (bsc#1221534).
- CVE-2021-47130: Fixed freeing unallocated p2pmem in nvmet (bsc#1221552).
- CVE-2021-47137: Fixed memory corruption in RX ring in net/lantiq (bsc#1221932).
- CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973).
- CVE-2021-47160: Fixed VLAN traffic leaks in dsa: mt7530 (bsc#1221974).
- CVE-2021-47164: Fixed null pointer dereference accessing lag dev in net/mlx5e (bsc#1221978).
- CVE-2021-47174: Fixed missing check in irq_fpu_usable() (bsc#1221990).
- CVE-2021-47175: Fixed OOB access in net/sched/fq_pie (bsc#1222003).
- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).
- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).
- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).
- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).
- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
- CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276).
- CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
- CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015).
- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
- CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).
- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).
- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
The following non-security bugs were fixed:
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264).
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
- group-source-files.pl: Quote filenames (boo#1221077).
- kernel-binary: certs: Avoid trailing space
- mm: fix gup_pud_range (bsc#1220824).
- ID
- SUSE-SU-2024:1489-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20241489-1/
- Published
-
2024-05-03T07:36:42
(4 months ago) - Modified
-
2024-05-03T07:36:42
(4 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2021-1503
- ALAS-2021-1516
- ALAS-2023-1701
- ALAS-2024-1923
- ALAS-2024-1937
- ALAS-2024-1942
- ALAS-2024-1943
- ALAS2-2021-1636
- ALAS2-2021-1685
- ALAS2-2021-1727
- ALAS2-2023-1987
- ALAS2-2023-2340
- ALAS2-2024-2475
- ALAS2-2024-2542
- ALAS2-2024-2549
- ALAS2-2024-2581
- ALAS2-2024-2584
- ALAS2-2024-2589
- ALAS2-2024-2615
- ALPINE:CVE-2023-28746
- ALSA-2021:4356
- ALSA-2023:1470
- ALSA-2023:7077
- ALSA-2023:7549
- ALSA-2024:0897
- ALSA-2024:3618
- ALSA-2024:4211
- ALSA-2024:5101
- DSA-5095-1
- DSA-5096-1
- DSA-5593-1
- DSA-5594-1
- DSA-5658-1
- DSA-5681-1
- ELSA-2021-4356
- ELSA-2021-9362
- ELSA-2021-9363
- ELSA-2021-9404
- ELSA-2021-9406
- ELSA-2021-9452
- ELSA-2021-9453
- ELSA-2022-9477
- ELSA-2022-9478
- ELSA-2023-13047
- ELSA-2023-1470
- ELSA-2023-7077
- ELSA-2023-7549
- ELSA-2023-7749
- ELSA-2024-0897
- ELSA-2024-12159
- ELSA-2024-12169
- ELSA-2024-12193
- ELSA-2024-1248
- ELSA-2024-12570
- ELSA-2024-12571
- ELSA-2024-12606
- ELSA-2024-12610
- ELSA-2024-12612
- ELSA-2024-2394
- ELSA-2024-3306
- ELSA-2024-3618
- ELSA-2024-4211
- ELSA-2024-5101
- ELSA-2024-5363
- FEDORA-2021-05152dbcf5
- FEDORA-2021-286375de1e
- FEDORA-2021-8cd093f639
- FEDORA-2021-a963f04012
- FEDORA-2021-e6b4847979
- FEDORA-2024-0eb4a61f45
- FEDORA-2024-0f89e13079
- FEDORA-2024-29f57f1b4e
- FEDORA-2024-3a36322c4b
- FEDORA-2024-50ab089b1d
- FEDORA-2024-5db5954a5e
- FEDORA-2024-96f3c3f3d3
- FEDORA-2024-9e9f53d01d
- FEDORA-2024-c4ec5006e3
- FEDORA-2024-f3692f8528
- FEDORA-2024-f797f1540e
- FREEBSD:B6DD9D93-E09B-11EE-92FC-1C697A616631
- MS:CVE-2021-23134
- MS:CVE-2021-29155
- MS:CVE-2022-0487
- MS:CVE-2023-1192
- MS:CVE-2023-28746
- openSUSE-SU-2021:0716-1
- openSUSE-SU-2021:0843-1
- openSUSE-SU-2021:0873-1
- openSUSE-SU-2021:0947-1
- openSUSE-SU-2021:1975-1
- openSUSE-SU-2021:1977-1
- openSUSE-SU-2022:0768-1
- openSUSE-SU-2022:1037-1
- openSUSE-SU-2022:1039-1
- RHSA-2021:4140
- RHSA-2021:4356
- RHSA-2023:1469
- RHSA-2023:1470
- RHSA-2023:1471
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2023:7548
- RHSA-2023:7549
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:3618
- RHSA-2024:3627
- RHSA-2024:4211
- RHSA-2024:4352
- RHSA-2024:5101
- RHSA-2024:5102
- RLSA-2023:1470
- RLSA-2023:7549
- RLSA-2024:3618
- RLSA-2024:4211
- RLSA-2024:5101
- SSA:2022-067-01
- SSA:2023-325-01
- SSA:2024-157-01
- SUSE-SU-2021:1571-1
- SUSE-SU-2021:1572-1
- SUSE-SU-2021:1573-1
- SUSE-SU-2021:1574-1
- SUSE-SU-2021:1595-1
- SUSE-SU-2021:1596-1
- SUSE-SU-2021:1605-1
- SUSE-SU-2021:1622-1
- SUSE-SU-2021:1624-1
- SUSE-SU-2021:1887-1
- SUSE-SU-2021:1888-1
- SUSE-SU-2021:1889-1
- SUSE-SU-2021:1890-1
- SUSE-SU-2021:1891-1
- SUSE-SU-2021:1899-1
- SUSE-SU-2021:1912-1
- SUSE-SU-2021:1913-1
- SUSE-SU-2021:1915-1
- SUSE-SU-2021:1975-1
- SUSE-SU-2021:1977-1
- SUSE-SU-2021:2020-1
- SUSE-SU-2021:2027-1
- SUSE-SU-2021:2057-1
- SUSE-SU-2021:2067-1
- SUSE-SU-2021:2208-1
- SUSE-SU-2021:2406-1
- SUSE-SU-2021:2421-1
- SUSE-SU-2021:2451-1
- SUSE-SU-2022:0234-1
- SUSE-SU-2022:0243-1
- SUSE-SU-2022:0255-1
- SUSE-SU-2022:0263-1
- SUSE-SU-2022:0291-1
- SUSE-SU-2022:0293-1
- SUSE-SU-2022:0296-1
- SUSE-SU-2022:0325-1
- SUSE-SU-2022:0327-1
- SUSE-SU-2022:0757-1
- SUSE-SU-2022:0759-1
- SUSE-SU-2022:0765-1
- SUSE-SU-2022:0766-1
- SUSE-SU-2022:0767-1
- SUSE-SU-2022:0768-1
- SUSE-SU-2022:0978-1
- SUSE-SU-2022:1012-1
- SUSE-SU-2022:1035-1
- SUSE-SU-2022:1037-1
- SUSE-SU-2022:1038-1
- SUSE-SU-2022:1039-1
- SUSE-SU-2022:1257-1
- SUSE-SU-2023:1800-1
- SUSE-SU-2023:1802-1
- SUSE-SU-2023:1811-1
- SUSE-SU-2023:1892-1
- SUSE-SU-2023:1897-1
- SUSE-SU-2023:1992-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2694-1
- SUSE-SU-2023:2695-1
- SUSE-SU-2023:2698-1
- SUSE-SU-2023:2701-1
- SUSE-SU-2023:2710-1
- SUSE-SU-2023:2714-1
- SUSE-SU-2023:2724-1
- SUSE-SU-2023:2727-1
- SUSE-SU-2023:2741-1
- SUSE-SU-2023:2755-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3988-1
- SUSE-SU-2023:4028-1
- SUSE-SU-2023:4030-1
- SUSE-SU-2023:4031-1
- SUSE-SU-2023:4032-1
- SUSE-SU-2023:4033-1
- SUSE-SU-2023:4057-1
- SUSE-SU-2023:4058-1
- SUSE-SU-2023:4071-1
- SUSE-SU-2023:4072-1
- SUSE-SU-2023:4072-2
- SUSE-SU-2023:4093-1
- SUSE-SU-2023:4095-1
- SUSE-SU-2023:4142-1
- SUSE-SU-2023:4347-1
- SUSE-SU-2024:0115-1
- SUSE-SU-2024:0129-1
- SUSE-SU-2024:0141-1
- SUSE-SU-2024:0156-1
- SUSE-SU-2024:0160-1
- SUSE-SU-2024:0463-1
- SUSE-SU-2024:0469-1
- SUSE-SU-2024:0474-1
- SUSE-SU-2024:0476-1
- SUSE-SU-2024:0478-1
- SUSE-SU-2024:0484-1
- SUSE-SU-2024:0514-1
- SUSE-SU-2024:0515-1
- SUSE-SU-2024:0516-1
- SUSE-SU-2024:0855-1
- SUSE-SU-2024:0856-1
- SUSE-SU-2024:0857-1
- SUSE-SU-2024:0858-1
- SUSE-SU-2024:0900-1
- SUSE-SU-2024:0900-2
- SUSE-SU-2024:0910-1
- SUSE-SU-2024:0917-1
- SUSE-SU-2024:0925-1
- SUSE-SU-2024:0926-1
- SUSE-SU-2024:0975-1
- SUSE-SU-2024:0976-1
- SUSE-SU-2024:0977-1
- SUSE-SU-2024:0986-1
- SUSE-SU-2024:0989-1
- SUSE-SU-2024:0991-1
- SUSE-SU-2024:0995-1
- SUSE-SU-2024:1017-1
- SUSE-SU-2024:1023-1
- SUSE-SU-2024:1033-1
- SUSE-SU-2024:1039-1
- SUSE-SU-2024:1040-1
- SUSE-SU-2024:1045-1
- SUSE-SU-2024:1047-1
- SUSE-SU-2024:1053-1
- SUSE-SU-2024:1054-1
- SUSE-SU-2024:1063-1
- SUSE-SU-2024:1072-1
- SUSE-SU-2024:1097-1
- SUSE-SU-2024:1101-1
- SUSE-SU-2024:1102-1
- SUSE-SU-2024:1105-1
- SUSE-SU-2024:1139-1
- SUSE-SU-2024:1152-1
- SUSE-SU-2024:1276-1
- SUSE-SU-2024:1320-1
- SUSE-SU-2024:1321-1
- SUSE-SU-2024:1322-1
- SUSE-SU-2024:1454-1
- SUSE-SU-2024:1465-1
- SUSE-SU-2024:1466-1
- SUSE-SU-2024:1480-1
- SUSE-SU-2024:1490-1
- SUSE-SU-2024:1641-1
- SUSE-SU-2024:1642-1
- SUSE-SU-2024:1643-1
- SUSE-SU-2024:1644-1
- SUSE-SU-2024:1646-1
- SUSE-SU-2024:1647-1
- SUSE-SU-2024:1648-1
- SUSE-SU-2024:1650-1
- SUSE-SU-2024:1659-1
- SUSE-SU-2024:1663-1
- SUSE-SU-2024:1669-1
- SUSE-SU-2024:1708-1
- SUSE-SU-2024:1719-1
- SUSE-SU-2024:1870-1
- SUSE-SU-2024:1979-1
- SUSE-SU-2024:1983-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2010-1
- SUSE-SU-2024:2019-1
- SUSE-SU-2024:2091-1
- SUSE-SU-2024:2094-1
- SUSE-SU-2024:2109-1
- SUSE-SU-2024:2120-1
- SUSE-SU-2024:2124-1
- SUSE-SU-2024:2135-1
- SUSE-SU-2024:2148-1
- SUSE-SU-2024:2156-1
- SUSE-SU-2024:2164-1
- SUSE-SU-2024:2183-1
- SUSE-SU-2024:2184-1
- SUSE-SU-2024:2185-1
- SUSE-SU-2024:2189-1
- SUSE-SU-2024:2190-1
- SUSE-SU-2024:2203-1
- SUSE-SU-2024:2216-1
- SUSE-SU-2024:2217-1
- SUSE-SU-2024:2343-1
- SUSE-SU-2024:2373-1
- SUSE-SU-2024:2535-1
- SUSE-SU-2024:2740-1
- SUSE-SU-2024:2755-1
- SUSE-SU-2024:2894-1
- SUSE-SU-2024:2929-1
- SUSE-SU-2024:2947-1
- SUSE-SU-2024:2973-1
- SUSE-SU-2024:3034-1
- SUSE-SU-2024:3043-1
- USN-4977-1
- USN-4983-1
- USN-4997-1
- USN-4997-2
- USN-4999-1
- USN-5000-1
- USN-5000-2
- USN-5001-1
- USN-5016-1
- USN-5018-1
- USN-5343-1
- USN-6001-1
- USN-6013-1
- USN-6014-1
- USN-6624-1
- USN-6625-1
- USN-6625-2
- USN-6625-3
- USN-6626-1
- USN-6626-2
- USN-6626-3
- USN-6628-1
- USN-6628-2
- USN-6639-1
- USN-6645-1
- USN-6646-1
- USN-6647-1
- USN-6647-2
- USN-6652-1
- USN-6688-1
- USN-6725-1
- USN-6725-2
- USN-6726-1
- USN-6726-2
- USN-6726-3
- USN-6739-1
- USN-6765-1
- USN-6766-1
- USN-6766-2
- USN-6766-3
- USN-6767-1
- USN-6767-2
- USN-6774-1
- USN-6776-1
- USN-6777-1
- USN-6777-2
- USN-6777-3
- USN-6777-4
- USN-6778-1
- USN-6795-1
- USN-6797-1
- USN-6816-1
- USN-6817-1
- USN-6817-2
- USN-6817-3
- USN-6818-1
- USN-6818-2
- USN-6818-3
- USN-6818-4
- USN-6819-1
- USN-6819-2
- USN-6819-3
- USN-6819-4
- USN-6820-1
- USN-6820-2
- USN-6821-1
- USN-6821-2
- USN-6821-3
- USN-6821-4
- USN-6828-1
- USN-6831-1
- USN-6865-1
- USN-6866-1
- USN-6866-2
- USN-6866-3
- USN-6867-1
- USN-6871-1
- USN-6878-1
- USN-6892-1
- USN-6895-1
- USN-6895-2
- USN-6895-3
- USN-6895-4
- USN-6896-1
- USN-6896-2
- USN-6896-3
- USN-6896-4
- USN-6896-5
- USN-6898-1
- USN-6898-2
- USN-6898-3
- USN-6898-4
- USN-6900-1
- USN-6917-1
- USN-6919-1
- USN-6926-1
- USN-6926-2
- USN-6926-3
- USN-6927-1
- USN-6938-1
- USN-6972-1
- USN-6972-2
- USN-6972-3
- USN-6972-4
- USN-6976-1
- XSA-452
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |