1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:1669-1

[SUSE-SU-2024:1669-1] Security update for the Linux Kernel

Severity Important
CVEs 20
Info References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
  • CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
  • CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).
  • CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).
  • CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
  • CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).
  • CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219295).
  • CVE-2021-46932: Initialized work before appletouch device registration (bsc#1220444).
  • CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
  • CVE-2023-52475: Fixed a use-after-free in powermate_config_complete() (bsc#1220649).
  • CVE-2023-52445: Fixed a use-after-free on context disconnection in pvrusb2 (bsc#1220241).
  • CVE-2023-52429: Limited the number of targets and parameter size area for device mapper (bsc#1219146).
  • CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl() related to a vcc_recvmsg race condition (bsc#1218730).
  • CVE-2023-51782: Fixed a use-after-free in rose_ioctl() related to a rose_accept race condition (bsc#1218757).
  • CVE-2023-31083: Fixed a NULL pointer dereference in hci_uart_tty_ioctl() (bsc#1210780).

The following non-security bugs were fixed:

  • KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
  • KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
  • tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
  • x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
  • x86/bugs: Add asm helpers for executing VERW (bsc#1213456).
  • x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes).
  • x86/entry_32: Add VERW just before userspace transition (git-fixes).
  • x86/entry_64: Add VERW just before userspace transition (git-fixes).
ID
SUSE-SU-2024:1669-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20241669-1/
Published
2024-05-16T08:50:07
(4 months ago)
Modified
2024-05-16T08:50:07
(4 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1669-1.json
Suse URL for SUSE-SU-2024:1669-1 https://www.suse.com/support/update/announcement/2024/suse-su-20241669-1/
Suse E-Mail link for SUSE-SU-2024:1669-1 https://lists.suse.com/pipermail/sle-security-updates/2024-August/019269.html
Bugzilla SUSE Bug 1210780 https://bugzilla.suse.com/1210780
Bugzilla SUSE Bug 1213456 https://bugzilla.suse.com/1213456
Bugzilla SUSE Bug 1218220 https://bugzilla.suse.com/1218220
Bugzilla SUSE Bug 1218562 https://bugzilla.suse.com/1218562
Bugzilla SUSE Bug 1218730 https://bugzilla.suse.com/1218730
Bugzilla SUSE Bug 1218757 https://bugzilla.suse.com/1218757
Bugzilla SUSE Bug 1219146 https://bugzilla.suse.com/1219146
Bugzilla SUSE Bug 1219295 https://bugzilla.suse.com/1219295
Bugzilla SUSE Bug 1219827 https://bugzilla.suse.com/1219827
Bugzilla SUSE Bug 1220191 https://bugzilla.suse.com/1220191
Bugzilla SUSE Bug 1220238 https://bugzilla.suse.com/1220238
Bugzilla SUSE Bug 1220241 https://bugzilla.suse.com/1220241
Bugzilla SUSE Bug 1220416 https://bugzilla.suse.com/1220416
Bugzilla SUSE Bug 1220418 https://bugzilla.suse.com/1220418
Bugzilla SUSE Bug 1220444 https://bugzilla.suse.com/1220444
Bugzilla SUSE Bug 1220649 https://bugzilla.suse.com/1220649
Bugzilla SUSE Bug 1221044 https://bugzilla.suse.com/1221044
Bugzilla SUSE Bug 1221088 https://bugzilla.suse.com/1221088
Bugzilla SUSE Bug 1221578 https://bugzilla.suse.com/1221578
Bugzilla SUSE Bug 1221598 https://bugzilla.suse.com/1221598
Bugzilla SUSE Bug 1222585 https://bugzilla.suse.com/1222585
Bugzilla SUSE Bug 1222619 https://bugzilla.suse.com/1222619
Bugzilla SUSE Bug 1223016 https://bugzilla.suse.com/1223016
Bugzilla SUSE Bug 1223824 https://bugzilla.suse.com/1223824
CVE SUSE CVE CVE-2021-46904 page https://www.suse.com/security/cve/CVE-2021-46904/
CVE SUSE CVE CVE-2021-46905 page https://www.suse.com/security/cve/CVE-2021-46905/
CVE SUSE CVE CVE-2021-46932 page https://www.suse.com/security/cve/CVE-2021-46932/
CVE SUSE CVE CVE-2022-48619 page https://www.suse.com/security/cve/CVE-2022-48619/
CVE SUSE CVE CVE-2023-28746 page https://www.suse.com/security/cve/CVE-2023-28746/
CVE SUSE CVE CVE-2023-31083 page https://www.suse.com/security/cve/CVE-2023-31083/
CVE SUSE CVE CVE-2023-51780 page https://www.suse.com/security/cve/CVE-2023-51780/
CVE SUSE CVE CVE-2023-51782 page https://www.suse.com/security/cve/CVE-2023-51782/
CVE SUSE CVE CVE-2023-52340 page https://www.suse.com/security/cve/CVE-2023-52340/
CVE SUSE CVE CVE-2023-52429 page https://www.suse.com/security/cve/CVE-2023-52429/
CVE SUSE CVE CVE-2023-52445 page https://www.suse.com/security/cve/CVE-2023-52445/
CVE SUSE CVE CVE-2023-52449 page https://www.suse.com/security/cve/CVE-2023-52449/
CVE SUSE CVE CVE-2023-52475 page https://www.suse.com/security/cve/CVE-2023-52475/
CVE SUSE CVE CVE-2023-52590 page https://www.suse.com/security/cve/CVE-2023-52590/
CVE SUSE CVE CVE-2023-52591 page https://www.suse.com/security/cve/CVE-2023-52591/
CVE SUSE CVE CVE-2023-6270 page https://www.suse.com/security/cve/CVE-2023-6270/
CVE SUSE CVE CVE-2024-23851 page https://www.suse.com/security/cve/CVE-2024-23851/
CVE SUSE CVE CVE-2024-26733 page https://www.suse.com/security/cve/CVE-2024-26733/
CVE SUSE CVE CVE-2024-26898 page https://www.suse.com/security/cve/CVE-2024-26898/
CVE SUSE CVE CVE-2024-27043 page https://www.suse.com/security/cve/CVE-2024-27043/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date