1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:2365-1

[SUSE-SU-2024:2365-1] Security update for the Linux Kernel

Severity Important
CVEs 38
Info References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865).
  • CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010).
  • CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161).
  • CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).
  • CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).
  • CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
  • CVE-2022-2938: psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1202623).
  • CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712).
  • CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109).
  • CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
  • CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
  • CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
  • CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
  • CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
  • CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
  • CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
  • CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
  • CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
  • CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
  • CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
  • CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
  • CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
  • CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595)
  • CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758).
  • CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).

The following non-security bugs were fixed:

  • ocfs2: adjust enabling place for la window (bsc#1219224).
  • ocfs2: fix sparse warnings (bsc#1219224).
  • ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
  • ocfs2: speed up chain-list searching (bsc#1219224).
  • x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
  • x86/xen: Drop USERGS_SYSRET64 paravirt call (git-fixes).
ID
SUSE-SU-2024:2365-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20242365-1/
Published
2024-07-09T14:03:50
(2 months ago)
Modified
2024-07-09T14:03:50
(2 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2365-1.json
Suse URL for SUSE-SU-2024:2365-1 https://www.suse.com/support/update/announcement/2024/suse-su-20242365-1/
Suse E-Mail link for SUSE-SU-2024:2365-1 https://lists.suse.com/pipermail/sle-updates/2024-July/035864.html
Bugzilla SUSE Bug 1171988 https://bugzilla.suse.com/1171988
Bugzilla SUSE Bug 1191958 https://bugzilla.suse.com/1191958
Bugzilla SUSE Bug 1195065 https://bugzilla.suse.com/1195065
Bugzilla SUSE Bug 1195254 https://bugzilla.suse.com/1195254
Bugzilla SUSE Bug 1202623 https://bugzilla.suse.com/1202623
Bugzilla SUSE Bug 1218148 https://bugzilla.suse.com/1218148
Bugzilla SUSE Bug 1219224 https://bugzilla.suse.com/1219224
Bugzilla SUSE Bug 1222015 https://bugzilla.suse.com/1222015
Bugzilla SUSE Bug 1223138 https://bugzilla.suse.com/1223138
Bugzilla SUSE Bug 1223384 https://bugzilla.suse.com/1223384
Bugzilla SUSE Bug 1224671 https://bugzilla.suse.com/1224671
Bugzilla SUSE Bug 1224703 https://bugzilla.suse.com/1224703
Bugzilla SUSE Bug 1224749 https://bugzilla.suse.com/1224749
Bugzilla SUSE Bug 1224764 https://bugzilla.suse.com/1224764
Bugzilla SUSE Bug 1224765 https://bugzilla.suse.com/1224765
Bugzilla SUSE Bug 1224766 https://bugzilla.suse.com/1224766
Bugzilla SUSE Bug 1224865 https://bugzilla.suse.com/1224865
Bugzilla SUSE Bug 1225010 https://bugzilla.suse.com/1225010
Bugzilla SUSE Bug 1225047 https://bugzilla.suse.com/1225047
Bugzilla SUSE Bug 1225109 https://bugzilla.suse.com/1225109
Bugzilla SUSE Bug 1225161 https://bugzilla.suse.com/1225161
Bugzilla SUSE Bug 1225184 https://bugzilla.suse.com/1225184
Bugzilla SUSE Bug 1225203 https://bugzilla.suse.com/1225203
Bugzilla SUSE Bug 1225487 https://bugzilla.suse.com/1225487
Bugzilla SUSE Bug 1225518 https://bugzilla.suse.com/1225518
Bugzilla SUSE Bug 1225611 https://bugzilla.suse.com/1225611
Bugzilla SUSE Bug 1225732 https://bugzilla.suse.com/1225732
Bugzilla SUSE Bug 1225749 https://bugzilla.suse.com/1225749
Bugzilla SUSE Bug 1225840 https://bugzilla.suse.com/1225840
Bugzilla SUSE Bug 1225866 https://bugzilla.suse.com/1225866
Bugzilla SUSE Bug 1226563 https://bugzilla.suse.com/1226563
Bugzilla SUSE Bug 1226587 https://bugzilla.suse.com/1226587
Bugzilla SUSE Bug 1226595 https://bugzilla.suse.com/1226595
Bugzilla SUSE Bug 1226670 https://bugzilla.suse.com/1226670
Bugzilla SUSE Bug 1226672 https://bugzilla.suse.com/1226672
Bugzilla SUSE Bug 1226712 https://bugzilla.suse.com/1226712
Bugzilla SUSE Bug 1226732 https://bugzilla.suse.com/1226732
Bugzilla SUSE Bug 1226758 https://bugzilla.suse.com/1226758
Bugzilla SUSE Bug 1226786 https://bugzilla.suse.com/1226786
Bugzilla SUSE Bug 1226962 https://bugzilla.suse.com/1226962
CVE SUSE CVE CVE-2020-10135 page https://www.suse.com/security/cve/CVE-2020-10135/
CVE SUSE CVE CVE-2021-3896 page https://www.suse.com/security/cve/CVE-2021-3896/
CVE SUSE CVE CVE-2021-43389 page https://www.suse.com/security/cve/CVE-2021-43389/
CVE SUSE CVE CVE-2021-4439 page https://www.suse.com/security/cve/CVE-2021-4439/
CVE SUSE CVE CVE-2021-47247 page https://www.suse.com/security/cve/CVE-2021-47247/
CVE SUSE CVE CVE-2021-47311 page https://www.suse.com/security/cve/CVE-2021-47311/
CVE SUSE CVE CVE-2021-47328 page https://www.suse.com/security/cve/CVE-2021-47328/
CVE SUSE CVE CVE-2021-47368 page https://www.suse.com/security/cve/CVE-2021-47368/
CVE SUSE CVE CVE-2021-47372 page https://www.suse.com/security/cve/CVE-2021-47372/
CVE SUSE CVE CVE-2021-47379 page https://www.suse.com/security/cve/CVE-2021-47379/
CVE SUSE CVE CVE-2021-47571 page https://www.suse.com/security/cve/CVE-2021-47571/
CVE SUSE CVE CVE-2021-47583 page https://www.suse.com/security/cve/CVE-2021-47583/
CVE SUSE CVE CVE-2022-0435 page https://www.suse.com/security/cve/CVE-2022-0435/
CVE SUSE CVE CVE-2022-22942 page https://www.suse.com/security/cve/CVE-2022-22942/
CVE SUSE CVE CVE-2022-2938 page https://www.suse.com/security/cve/CVE-2022-2938/
CVE SUSE CVE CVE-2022-48711 page https://www.suse.com/security/cve/CVE-2022-48711/
CVE SUSE CVE CVE-2022-48760 page https://www.suse.com/security/cve/CVE-2022-48760/
CVE SUSE CVE CVE-2022-48771 page https://www.suse.com/security/cve/CVE-2022-48771/
CVE SUSE CVE CVE-2023-24023 page https://www.suse.com/security/cve/CVE-2023-24023/
CVE SUSE CVE CVE-2023-52707 page https://www.suse.com/security/cve/CVE-2023-52707/
CVE SUSE CVE CVE-2023-52752 page https://www.suse.com/security/cve/CVE-2023-52752/
CVE SUSE CVE CVE-2023-52881 page https://www.suse.com/security/cve/CVE-2023-52881/
CVE SUSE CVE CVE-2024-26921 page https://www.suse.com/security/cve/CVE-2024-26921/
CVE SUSE CVE CVE-2024-26923 page https://www.suse.com/security/cve/CVE-2024-26923/
CVE SUSE CVE CVE-2024-35789 page https://www.suse.com/security/cve/CVE-2024-35789/
CVE SUSE CVE CVE-2024-35861 page https://www.suse.com/security/cve/CVE-2024-35861/
CVE SUSE CVE CVE-2024-35862 page https://www.suse.com/security/cve/CVE-2024-35862/
CVE SUSE CVE CVE-2024-35864 page https://www.suse.com/security/cve/CVE-2024-35864/
CVE SUSE CVE CVE-2024-35878 page https://www.suse.com/security/cve/CVE-2024-35878/
CVE SUSE CVE CVE-2024-35950 page https://www.suse.com/security/cve/CVE-2024-35950/
CVE SUSE CVE CVE-2024-36894 page https://www.suse.com/security/cve/CVE-2024-36894/
CVE SUSE CVE CVE-2024-36904 page https://www.suse.com/security/cve/CVE-2024-36904/
CVE SUSE CVE CVE-2024-36940 page https://www.suse.com/security/cve/CVE-2024-36940/
CVE SUSE CVE CVE-2024-36964 page https://www.suse.com/security/cve/CVE-2024-36964/
CVE SUSE CVE CVE-2024-38541 page https://www.suse.com/security/cve/CVE-2024-38541/
CVE SUSE CVE CVE-2024-38545 page https://www.suse.com/security/cve/CVE-2024-38545/
CVE SUSE CVE CVE-2024-38559 page https://www.suse.com/security/cve/CVE-2024-38559/
CVE SUSE CVE CVE-2024-38560 page https://www.suse.com/security/cve/CVE-2024-38560/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date