1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:2343-1

[SUSE-SU-2024:2343-1] Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

Severity Important
CVEs 10
Info References Vulnerabilities

Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-150200_24_183 fixes several issues.

The following security issues were fixed:

  • CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211).
  • CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
  • CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
  • CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537).
  • CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).
  • CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
  • CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
  • CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685).
  • CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487).
  • CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619).
ID
SUSE-SU-2024:2343-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20242343-1/
Published
2024-07-09T09:33:41
(2 months ago)
Modified
2024-07-09T09:33:41
(2 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2343-1.json
Suse URL for SUSE-SU-2024:2343-1 https://www.suse.com/support/update/announcement/2024/suse-su-20242343-1/
Suse E-Mail link for SUSE-SU-2024:2343-1 https://lists.suse.com/pipermail/sle-updates/2024-July/035860.html
Bugzilla SUSE Bug 1210619 https://bugzilla.suse.com/1210619
Bugzilla SUSE Bug 1218487 https://bugzilla.suse.com/1218487
Bugzilla SUSE Bug 1220145 https://bugzilla.suse.com/1220145
Bugzilla SUSE Bug 1220537 https://bugzilla.suse.com/1220537
Bugzilla SUSE Bug 1222685 https://bugzilla.suse.com/1222685
Bugzilla SUSE Bug 1223059 https://bugzilla.suse.com/1223059
Bugzilla SUSE Bug 1223363 https://bugzilla.suse.com/1223363
Bugzilla SUSE Bug 1223514 https://bugzilla.suse.com/1223514
Bugzilla SUSE Bug 1223683 https://bugzilla.suse.com/1223683
Bugzilla SUSE Bug 1225211 https://bugzilla.suse.com/1225211
CVE SUSE CVE CVE-2021-46955 page https://www.suse.com/security/cve/CVE-2021-46955/
CVE SUSE CVE CVE-2021-47383 page https://www.suse.com/security/cve/CVE-2021-47383/
CVE SUSE CVE CVE-2022-48651 page https://www.suse.com/security/cve/CVE-2022-48651/
CVE SUSE CVE CVE-2023-1829 page https://www.suse.com/security/cve/CVE-2023-1829/
CVE SUSE CVE CVE-2023-6531 page https://www.suse.com/security/cve/CVE-2023-6531/
CVE SUSE CVE CVE-2023-6546 page https://www.suse.com/security/cve/CVE-2023-6546/
CVE SUSE CVE CVE-2024-23307 page https://www.suse.com/security/cve/CVE-2024-23307/
CVE SUSE CVE CVE-2024-26828 page https://www.suse.com/security/cve/CVE-2024-26828/
CVE SUSE CVE CVE-2024-26852 page https://www.suse.com/security/cve/CVE-2024-26852/
CVE SUSE CVE CVE-2024-26923 page https://www.suse.com/security/cve/CVE-2024-26923/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date