[SUSE-SU-2024:1650-1] Security update for the Linux Kernel
Severity
Important
CVEs
37
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
- CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).
- CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).
- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
- CVE-2024-26906: Disallowed vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
- CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
- CVE-2021-47041: Don't set sk_user_data without write_lock (bsc#1220755).
- CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).
- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449).
The following non-security bugs were fixed:
- net/tls: Remove the context from the list in tls_device_down (bsc#1221545).
- tls: Fix context leak on tls_device_down (bsc#1221545).
- ID
- SUSE-SU-2024:1650-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
- Published
-
2024-05-14T22:06:24
(4 months ago) - Modified
-
2024-05-14T22:06:24
(4 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2022-1636
- ALAS-2022-1645
- ALAS-2023-1827
- ALAS-2024-1923
- ALAS2-2021-1685
- ALAS2-2021-1727
- ALAS2-2022-1852
- ALAS2-2022-1876
- ALAS2-2023-2268
- ALAS2-2024-2475
- ALAS2-2024-2549
- ALSA-2024:3138
- ALSA-2024:3618
- ALSA-2024:4211
- ALSA-2024:5101
- DSA-5658-1
- DSA-5681-1
- ELSA-2024-12606
- ELSA-2024-2394
- ELSA-2024-3138
- ELSA-2024-3618
- ELSA-2024-4211
- ELSA-2024-4928
- ELSA-2024-5101
- FEDORA-2024-5db5954a5e
- FEDORA-2024-f797f1540e
- MS:CVE-2023-2860
- RHSA-2024:2950
- RHSA-2024:3138
- RHSA-2024:3618
- RHSA-2024:3627
- RHSA-2024:4211
- RHSA-2024:4352
- RHSA-2024:5101
- RHSA-2024:5102
- RLSA-2024:3138
- RLSA-2024:3618
- RLSA-2024:4211
- RLSA-2024:4928
- RLSA-2024:5101
- SSA:2024-157-01
- SUSE-SU-2023:4343-1
- SUSE-SU-2023:4414-1
- SUSE-SU-2024:0855-1
- SUSE-SU-2024:0900-1
- SUSE-SU-2024:0900-2
- SUSE-SU-2024:0977-1
- SUSE-SU-2024:1322-1
- SUSE-SU-2024:1454-1
- SUSE-SU-2024:1465-1
- SUSE-SU-2024:1466-1
- SUSE-SU-2024:1480-1
- SUSE-SU-2024:1489-1
- SUSE-SU-2024:1490-1
- SUSE-SU-2024:1641-1
- SUSE-SU-2024:1642-1
- SUSE-SU-2024:1643-1
- SUSE-SU-2024:1644-1
- SUSE-SU-2024:1645-1
- SUSE-SU-2024:1646-1
- SUSE-SU-2024:1647-1
- SUSE-SU-2024:1648-1
- SUSE-SU-2024:1659-1
- SUSE-SU-2024:1663-1
- SUSE-SU-2024:1669-1
- SUSE-SU-2024:1677-1
- SUSE-SU-2024:1679-1
- SUSE-SU-2024:1680-1
- SUSE-SU-2024:1682-1
- SUSE-SU-2024:1683-1
- SUSE-SU-2024:1685-1
- SUSE-SU-2024:1686-1
- SUSE-SU-2024:1692-1
- SUSE-SU-2024:1694-1
- SUSE-SU-2024:1695-1
- SUSE-SU-2024:1696-1
- SUSE-SU-2024:1705-1
- SUSE-SU-2024:1706-1
- SUSE-SU-2024:1707-1
- SUSE-SU-2024:1708-1
- SUSE-SU-2024:1709-1
- SUSE-SU-2024:1711-1
- SUSE-SU-2024:1712-1
- SUSE-SU-2024:1713-1
- SUSE-SU-2024:1719-1
- SUSE-SU-2024:1720-1
- SUSE-SU-2024:1723-1
- SUSE-SU-2024:1726-1
- SUSE-SU-2024:1729-1
- SUSE-SU-2024:1730-1
- SUSE-SU-2024:1731-1
- SUSE-SU-2024:1732-1
- SUSE-SU-2024:1735-1
- SUSE-SU-2024:1736-1
- SUSE-SU-2024:1738-1
- SUSE-SU-2024:1739-1
- SUSE-SU-2024:1740-1
- SUSE-SU-2024:1742-1
- SUSE-SU-2024:1746-1
- SUSE-SU-2024:1748-1
- SUSE-SU-2024:1749-1
- SUSE-SU-2024:1750-1
- SUSE-SU-2024:1751-1
- SUSE-SU-2024:1753-1
- SUSE-SU-2024:1757-1
- SUSE-SU-2024:1759-1
- SUSE-SU-2024:1760-1
- SUSE-SU-2024:1870-1
- SUSE-SU-2024:1979-1
- SUSE-SU-2024:1983-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2011-1
- SUSE-SU-2024:2091-1
- SUSE-SU-2024:2092-1
- SUSE-SU-2024:2094-1
- SUSE-SU-2024:2096-1
- SUSE-SU-2024:2099-1
- SUSE-SU-2024:2100-1
- SUSE-SU-2024:2101-1
- SUSE-SU-2024:2109-1
- SUSE-SU-2024:2115-1
- SUSE-SU-2024:2120-1
- SUSE-SU-2024:2121-1
- SUSE-SU-2024:2123-1
- SUSE-SU-2024:2124-1
- SUSE-SU-2024:2130-1
- SUSE-SU-2024:2135-1
- SUSE-SU-2024:2139-1
- SUSE-SU-2024:2143-1
- SUSE-SU-2024:2145-1
- SUSE-SU-2024:2147-1
- SUSE-SU-2024:2148-1
- SUSE-SU-2024:2156-1
- SUSE-SU-2024:2160-1
- SUSE-SU-2024:2162-1
- SUSE-SU-2024:2163-1
- SUSE-SU-2024:2164-1
- SUSE-SU-2024:2165-1
- SUSE-SU-2024:2166-1
- SUSE-SU-2024:2184-1
- SUSE-SU-2024:2189-1
- SUSE-SU-2024:2190-1
- SUSE-SU-2024:2191-1
- SUSE-SU-2024:2202-1
- SUSE-SU-2024:2203-1
- SUSE-SU-2024:2205-1
- SUSE-SU-2024:2207-1
- SUSE-SU-2024:2208-1
- SUSE-SU-2024:2209-1
- SUSE-SU-2024:2216-1
- SUSE-SU-2024:2217-1
- SUSE-SU-2024:2221-1
- SUSE-SU-2024:2326-1
- SUSE-SU-2024:2335-1
- SUSE-SU-2024:2337-1
- SUSE-SU-2024:2338-1
- SUSE-SU-2024:2341-1
- SUSE-SU-2024:2342-1
- SUSE-SU-2024:2343-1
- SUSE-SU-2024:2344-1
- SUSE-SU-2024:2357-1
- SUSE-SU-2024:2358-1
- SUSE-SU-2024:2368-1
- SUSE-SU-2024:2373-1
- SUSE-SU-2024:2382-1
- SUSE-SU-2024:2396-1
- SUSE-SU-2024:2437-1
- SUSE-SU-2024:2446-1
- SUSE-SU-2024:2447-1
- SUSE-SU-2024:2448-1
- SUSE-SU-2024:2449-1
- SUSE-SU-2024:2472-1
- SUSE-SU-2024:2473-1
- SUSE-SU-2024:2487-1
- SUSE-SU-2024:2488-1
- SUSE-SU-2024:2493-1
- SUSE-SU-2024:2530-1
- SUSE-SU-2024:2549-1
- SUSE-SU-2024:2558-1
- SUSE-SU-2024:2559-1
- SUSE-SU-2024:2561-1
- SUSE-SU-2024:2722-1
- SUSE-SU-2024:2725-1
- SUSE-SU-2024:2740-1
- SUSE-SU-2024:2751-1
- SUSE-SU-2024:2755-1
- SUSE-SU-2024:2758-1
- SUSE-SU-2024:2773-1
- SUSE-SU-2024:2821-1
- SUSE-SU-2024:2822-1
- SUSE-SU-2024:2824-1
- SUSE-SU-2024:2825-1
- SUSE-SU-2024:2840-1
- SUSE-SU-2024:2841-1
- SUSE-SU-2024:2843-1
- SUSE-SU-2024:2850-1
- SUSE-SU-2024:2851-1
- SUSE-SU-2024:2892-1
- SUSE-SU-2024:2901-1
- SUSE-SU-2024:2940-1
- SUSE-SU-2024:2973-1
- SUSE-SU-2024:3015-1
- SUSE-SU-2024:3034-1
- SUSE-SU-2024:3037-1
- SUSE-SU-2024:3043-1
- SUSE-SU-2024:3044-1
- SUSE-SU-2024:3048-1
- USN-6247-1
- USN-6739-1
- USN-6740-1
- USN-6766-1
- USN-6766-2
- USN-6766-3
- USN-6795-1
- USN-6816-1
- USN-6817-1
- USN-6817-2
- USN-6817-3
- USN-6820-1
- USN-6820-2
- USN-6821-1
- USN-6821-2
- USN-6821-3
- USN-6821-4
- USN-6828-1
- USN-6831-1
- USN-6865-1
- USN-6866-1
- USN-6866-2
- USN-6866-3
- USN-6867-1
- USN-6871-1
- USN-6878-1
- USN-6892-1
- USN-6895-1
- USN-6895-2
- USN-6895-3
- USN-6895-4
- USN-6896-1
- USN-6896-2
- USN-6896-3
- USN-6896-4
- USN-6896-5
- USN-6898-1
- USN-6898-2
- USN-6898-3
- USN-6898-4
- USN-6900-1
- USN-6917-1
- USN-6919-1
- USN-6924-1
- USN-6924-2
- USN-6926-1
- USN-6926-2
- USN-6926-3
- USN-6927-1
- USN-6938-1
- USN-6953-1
- USN-6972-1
- USN-6972-2
- USN-6972-3
- USN-6972-4
- USN-6976-1
- USN-6979-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |