1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:2337-1

[SUSE-SU-2024:2337-1] Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

Severity Important
CVEs 13
Info References Vulnerabilities

Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-150500_13_35 fixes several issues.

The following security issues were fixed:

  • CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
  • CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681).
  • CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
  • CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).
  • CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
  • CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
  • CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
  • CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882).
  • CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832).
  • CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211).
  • CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685).
  • CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828).
  • CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296).
ID
SUSE-SU-2024:2337-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20242337-1/
Published
2024-07-08T15:03:41
(2 months ago)
Modified
2024-07-08T15:03:41
(2 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2337-1.json
Suse URL for SUSE-SU-2024:2337-1 https://www.suse.com/support/update/announcement/2024/suse-su-20242337-1/
Suse E-Mail link for SUSE-SU-2024:2337-1 https://lists.suse.com/pipermail/sle-security-updates/2024-July/018881.html
Bugzilla SUSE Bug 1219296 https://bugzilla.suse.com/1219296
Bugzilla SUSE Bug 1220145 https://bugzilla.suse.com/1220145
Bugzilla SUSE Bug 1220211 https://bugzilla.suse.com/1220211
Bugzilla SUSE Bug 1220828 https://bugzilla.suse.com/1220828
Bugzilla SUSE Bug 1220832 https://bugzilla.suse.com/1220832
Bugzilla SUSE Bug 1221302 https://bugzilla.suse.com/1221302
Bugzilla SUSE Bug 1222685 https://bugzilla.suse.com/1222685
Bugzilla SUSE Bug 1222882 https://bugzilla.suse.com/1222882
Bugzilla SUSE Bug 1223059 https://bugzilla.suse.com/1223059
Bugzilla SUSE Bug 1223363 https://bugzilla.suse.com/1223363
Bugzilla SUSE Bug 1223514 https://bugzilla.suse.com/1223514
Bugzilla SUSE Bug 1223681 https://bugzilla.suse.com/1223681
Bugzilla SUSE Bug 1223683 https://bugzilla.suse.com/1223683
CVE SUSE CVE CVE-2022-48651 page https://www.suse.com/security/cve/CVE-2022-48651/
CVE SUSE CVE CVE-2023-52340 page https://www.suse.com/security/cve/CVE-2023-52340/
CVE SUSE CVE CVE-2023-52502 page https://www.suse.com/security/cve/CVE-2023-52502/
CVE SUSE CVE CVE-2023-6546 page https://www.suse.com/security/cve/CVE-2023-6546/
CVE SUSE CVE CVE-2024-23307 page https://www.suse.com/security/cve/CVE-2024-23307/
CVE SUSE CVE CVE-2024-26585 page https://www.suse.com/security/cve/CVE-2024-26585/
CVE SUSE CVE CVE-2024-26610 page https://www.suse.com/security/cve/CVE-2024-26610/
CVE SUSE CVE CVE-2024-26622 page https://www.suse.com/security/cve/CVE-2024-26622/
CVE SUSE CVE CVE-2024-26766 page https://www.suse.com/security/cve/CVE-2024-26766/
CVE SUSE CVE CVE-2024-26828 page https://www.suse.com/security/cve/CVE-2024-26828/
CVE SUSE CVE CVE-2024-26852 page https://www.suse.com/security/cve/CVE-2024-26852/
CVE SUSE CVE CVE-2024-26923 page https://www.suse.com/security/cve/CVE-2024-26923/
CVE SUSE CVE CVE-2024-26930 page https://www.suse.com/security/cve/CVE-2024-26930/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date