1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:1650-1

[SUSE-SU-2024:1650-1] Security update for the Linux Kernel

Severity Important
CVEs 37
Info References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
  • CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543).
  • CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545).
  • CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
  • CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513).
  • CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
  • CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
  • CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
  • CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475).
  • CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
  • CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
  • CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
  • CVE-2024-26906: Disallowed vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
  • CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
  • CVE-2021-47041: Don't set sk_user_data without write_lock (bsc#1220755).
  • CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854).
  • CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449).

The following non-security bugs were fixed:

  • net/tls: Remove the context from the list in tls_device_down (bsc#1221545).
  • tls: Fix context leak on tls_device_down (bsc#1221545).
ID
SUSE-SU-2024:1650-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Published
2024-05-14T22:06:24
(4 months ago)
Modified
2024-05-14T22:06:24
(4 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1650-1.json
Suse URL for SUSE-SU-2024:1650-1 https://www.suse.com/support/update/announcement/2024/suse-su-20241650-1/
Suse E-Mail link for SUSE-SU-2024:1650-1 https://lists.suse.com/pipermail/sle-updates/2024-May/035272.html
Bugzilla SUSE Bug 1190576 https://bugzilla.suse.com/1190576
Bugzilla SUSE Bug 1192145 https://bugzilla.suse.com/1192145
Bugzilla SUSE Bug 1204614 https://bugzilla.suse.com/1204614
Bugzilla SUSE Bug 1211592 https://bugzilla.suse.com/1211592
Bugzilla SUSE Bug 1218562 https://bugzilla.suse.com/1218562
Bugzilla SUSE Bug 1218917 https://bugzilla.suse.com/1218917
Bugzilla SUSE Bug 1219169 https://bugzilla.suse.com/1219169
Bugzilla SUSE Bug 1219170 https://bugzilla.suse.com/1219170
Bugzilla SUSE Bug 1219264 https://bugzilla.suse.com/1219264
Bugzilla SUSE Bug 1220513 https://bugzilla.suse.com/1220513
Bugzilla SUSE Bug 1220755 https://bugzilla.suse.com/1220755
Bugzilla SUSE Bug 1220854 https://bugzilla.suse.com/1220854
Bugzilla SUSE Bug 1221543 https://bugzilla.suse.com/1221543
Bugzilla SUSE Bug 1221545 https://bugzilla.suse.com/1221545
Bugzilla SUSE Bug 1222449 https://bugzilla.suse.com/1222449
Bugzilla SUSE Bug 1222482 https://bugzilla.suse.com/1222482
Bugzilla SUSE Bug 1222503 https://bugzilla.suse.com/1222503
Bugzilla SUSE Bug 1222559 https://bugzilla.suse.com/1222559
Bugzilla SUSE Bug 1222585 https://bugzilla.suse.com/1222585
Bugzilla SUSE Bug 1222624 https://bugzilla.suse.com/1222624
Bugzilla SUSE Bug 1222666 https://bugzilla.suse.com/1222666
Bugzilla SUSE Bug 1222669 https://bugzilla.suse.com/1222669
Bugzilla SUSE Bug 1222709 https://bugzilla.suse.com/1222709
Bugzilla SUSE Bug 1222790 https://bugzilla.suse.com/1222790
Bugzilla SUSE Bug 1222792 https://bugzilla.suse.com/1222792
Bugzilla SUSE Bug 1222829 https://bugzilla.suse.com/1222829
Bugzilla SUSE Bug 1222881 https://bugzilla.suse.com/1222881
Bugzilla SUSE Bug 1222883 https://bugzilla.suse.com/1222883
Bugzilla SUSE Bug 1222894 https://bugzilla.suse.com/1222894
Bugzilla SUSE Bug 1222976 https://bugzilla.suse.com/1222976
Bugzilla SUSE Bug 1223016 https://bugzilla.suse.com/1223016
Bugzilla SUSE Bug 1223057 https://bugzilla.suse.com/1223057
Bugzilla SUSE Bug 1223111 https://bugzilla.suse.com/1223111
Bugzilla SUSE Bug 1223187 https://bugzilla.suse.com/1223187
Bugzilla SUSE Bug 1223202 https://bugzilla.suse.com/1223202
Bugzilla SUSE Bug 1223475 https://bugzilla.suse.com/1223475
Bugzilla SUSE Bug 1223482 https://bugzilla.suse.com/1223482
Bugzilla SUSE Bug 1223513 https://bugzilla.suse.com/1223513
Bugzilla SUSE Bug 1223824 https://bugzilla.suse.com/1223824
Bugzilla SUSE Bug 1223952 https://bugzilla.suse.com/1223952
CVE SUSE CVE CVE-2021-46955 page https://www.suse.com/security/cve/CVE-2021-46955/
CVE SUSE CVE CVE-2021-47041 page https://www.suse.com/security/cve/CVE-2021-47041/
CVE SUSE CVE CVE-2021-47074 page https://www.suse.com/security/cve/CVE-2021-47074/
CVE SUSE CVE CVE-2021-47113 page https://www.suse.com/security/cve/CVE-2021-47113/
CVE SUSE CVE CVE-2021-47131 page https://www.suse.com/security/cve/CVE-2021-47131/
CVE SUSE CVE CVE-2021-47184 page https://www.suse.com/security/cve/CVE-2021-47184/
CVE SUSE CVE CVE-2021-47185 page https://www.suse.com/security/cve/CVE-2021-47185/
CVE SUSE CVE CVE-2021-47194 page https://www.suse.com/security/cve/CVE-2021-47194/
CVE SUSE CVE CVE-2021-47198 page https://www.suse.com/security/cve/CVE-2021-47198/
CVE SUSE CVE CVE-2021-47201 page https://www.suse.com/security/cve/CVE-2021-47201/
CVE SUSE CVE CVE-2021-47203 page https://www.suse.com/security/cve/CVE-2021-47203/
CVE SUSE CVE CVE-2021-47206 page https://www.suse.com/security/cve/CVE-2021-47206/
CVE SUSE CVE CVE-2021-47207 page https://www.suse.com/security/cve/CVE-2021-47207/
CVE SUSE CVE CVE-2021-47212 page https://www.suse.com/security/cve/CVE-2021-47212/
CVE SUSE CVE CVE-2022-48631 page https://www.suse.com/security/cve/CVE-2022-48631/
CVE SUSE CVE CVE-2022-48651 page https://www.suse.com/security/cve/CVE-2022-48651/
CVE SUSE CVE CVE-2022-48654 page https://www.suse.com/security/cve/CVE-2022-48654/
CVE SUSE CVE CVE-2022-48687 page https://www.suse.com/security/cve/CVE-2022-48687/
CVE SUSE CVE CVE-2023-2860 page https://www.suse.com/security/cve/CVE-2023-2860/
CVE SUSE CVE CVE-2023-6270 page https://www.suse.com/security/cve/CVE-2023-6270/
CVE SUSE CVE CVE-2024-0639 page https://www.suse.com/security/cve/CVE-2024-0639/
CVE SUSE CVE CVE-2024-0841 page https://www.suse.com/security/cve/CVE-2024-0841/
CVE SUSE CVE CVE-2024-22099 page https://www.suse.com/security/cve/CVE-2024-22099/
CVE SUSE CVE CVE-2024-23307 page https://www.suse.com/security/cve/CVE-2024-23307/
CVE SUSE CVE CVE-2024-26688 page https://www.suse.com/security/cve/CVE-2024-26688/
CVE SUSE CVE CVE-2024-26689 page https://www.suse.com/security/cve/CVE-2024-26689/
CVE SUSE CVE CVE-2024-26733 page https://www.suse.com/security/cve/CVE-2024-26733/
CVE SUSE CVE CVE-2024-26739 page https://www.suse.com/security/cve/CVE-2024-26739/
CVE SUSE CVE CVE-2024-26744 page https://www.suse.com/security/cve/CVE-2024-26744/
CVE SUSE CVE CVE-2024-26816 page https://www.suse.com/security/cve/CVE-2024-26816/
CVE SUSE CVE CVE-2024-26840 page https://www.suse.com/security/cve/CVE-2024-26840/
CVE SUSE CVE CVE-2024-26852 page https://www.suse.com/security/cve/CVE-2024-26852/
CVE SUSE CVE CVE-2024-26862 page https://www.suse.com/security/cve/CVE-2024-26862/
CVE SUSE CVE CVE-2024-26898 page https://www.suse.com/security/cve/CVE-2024-26898/
CVE SUSE CVE CVE-2024-26903 page https://www.suse.com/security/cve/CVE-2024-26903/
CVE SUSE CVE CVE-2024-26906 page https://www.suse.com/security/cve/CVE-2024-26906/
CVE SUSE CVE CVE-2024-27043 page https://www.suse.com/security/cve/CVE-2024-27043/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date