[SUSE-SU-2024:2384-1] Security update for the Linux Kernel

Severity Important

CVEs 68

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.


The following security bugs were fixed:

- CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865).
- CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010).
- CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161).
- CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).
- CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2022-2938: psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1202623).
- CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712).
- CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). polled (bsc#1202623).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).

The following non-security bugs were fixed:

- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- psi: Fix uaf issue when psi trigger is destroyed while being
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).

ID

SUSE-SU-2024:2384-1

Severity

important

URL

https://www.suse.com/support/update/announcement/2024/suse-su-20242384-1/

Published

2024-07-10T12:03:43
(2 months ago)

Modified

2024-07-10T12:03:43
(2 months ago)

Rights

Other Advisories

Source	Name	URL
Suse	SUSE ratings	https://www.suse.com/support/security/rating/
Suse	URL of this CSAF notice	https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2384-1.json
Suse	URL for SUSE-SU-2024:2384-1	https://www.suse.com/support/update/announcement/2024/suse-su-20242384-1/
Suse	E-Mail link for SUSE-SU-2024:2384-1	https://lists.suse.com/pipermail/sle-updates/2024-July/035906.html
Bugzilla	SUSE Bug 1156395	https://bugzilla.suse.com/1156395
Bugzilla	SUSE Bug 1171988	https://bugzilla.suse.com/1171988
Bugzilla	SUSE Bug 1176447	https://bugzilla.suse.com/1176447
Bugzilla	SUSE Bug 1176774	https://bugzilla.suse.com/1176774
Bugzilla	SUSE Bug 1181147	https://bugzilla.suse.com/1181147
Bugzilla	SUSE Bug 1191958	https://bugzilla.suse.com/1191958
Bugzilla	SUSE Bug 1195065	https://bugzilla.suse.com/1195065
Bugzilla	SUSE Bug 1195254	https://bugzilla.suse.com/1195254
Bugzilla	SUSE Bug 1195798	https://bugzilla.suse.com/1195798
Bugzilla	SUSE Bug 1202623	https://bugzilla.suse.com/1202623
Bugzilla	SUSE Bug 1218148	https://bugzilla.suse.com/1218148
Bugzilla	SUSE Bug 1219224	https://bugzilla.suse.com/1219224
Bugzilla	SUSE Bug 1219633	https://bugzilla.suse.com/1219633
Bugzilla	SUSE Bug 1222015	https://bugzilla.suse.com/1222015
Bugzilla	SUSE Bug 1223011	https://bugzilla.suse.com/1223011
Bugzilla	SUSE Bug 1224671	https://bugzilla.suse.com/1224671
Bugzilla	SUSE Bug 1224703	https://bugzilla.suse.com/1224703
Bugzilla	SUSE Bug 1224749	https://bugzilla.suse.com/1224749
Bugzilla	SUSE Bug 1224764	https://bugzilla.suse.com/1224764
Bugzilla	SUSE Bug 1224765	https://bugzilla.suse.com/1224765
Bugzilla	SUSE Bug 1224766	https://bugzilla.suse.com/1224766
Bugzilla	SUSE Bug 1224865	https://bugzilla.suse.com/1224865
Bugzilla	SUSE Bug 1225010	https://bugzilla.suse.com/1225010
Bugzilla	SUSE Bug 1225047	https://bugzilla.suse.com/1225047
Bugzilla	SUSE Bug 1225109	https://bugzilla.suse.com/1225109
Bugzilla	SUSE Bug 1225161	https://bugzilla.suse.com/1225161
Bugzilla	SUSE Bug 1225184	https://bugzilla.suse.com/1225184
Bugzilla	SUSE Bug 1225203	https://bugzilla.suse.com/1225203
Bugzilla	SUSE Bug 1225487	https://bugzilla.suse.com/1225487
Bugzilla	SUSE Bug 1225518	https://bugzilla.suse.com/1225518
Bugzilla	SUSE Bug 1225611	https://bugzilla.suse.com/1225611
Bugzilla	SUSE Bug 1225732	https://bugzilla.suse.com/1225732
Bugzilla	SUSE Bug 1225749	https://bugzilla.suse.com/1225749
Bugzilla	SUSE Bug 1225840	https://bugzilla.suse.com/1225840
Bugzilla	SUSE Bug 1225866	https://bugzilla.suse.com/1225866
Bugzilla	SUSE Bug 1226226	https://bugzilla.suse.com/1226226
Bugzilla	SUSE Bug 1226537	https://bugzilla.suse.com/1226537
Bugzilla	SUSE Bug 1226552	https://bugzilla.suse.com/1226552
Bugzilla	SUSE Bug 1226554	https://bugzilla.suse.com/1226554
Bugzilla	SUSE Bug 1226557	https://bugzilla.suse.com/1226557
Bugzilla	SUSE Bug 1226558	https://bugzilla.suse.com/1226558
Bugzilla	SUSE Bug 1226562	https://bugzilla.suse.com/1226562
Bugzilla	SUSE Bug 1226563	https://bugzilla.suse.com/1226563
Bugzilla	SUSE Bug 1226575	https://bugzilla.suse.com/1226575
Bugzilla	SUSE Bug 1226583	https://bugzilla.suse.com/1226583
Bugzilla	SUSE Bug 1226585	https://bugzilla.suse.com/1226585
Bugzilla	SUSE Bug 1226587	https://bugzilla.suse.com/1226587
Bugzilla	SUSE Bug 1226595	https://bugzilla.suse.com/1226595
Bugzilla	SUSE Bug 1226614	https://bugzilla.suse.com/1226614
Bugzilla	SUSE Bug 1226619	https://bugzilla.suse.com/1226619
Bugzilla	SUSE Bug 1226621	https://bugzilla.suse.com/1226621
Bugzilla	SUSE Bug 1226624	https://bugzilla.suse.com/1226624
Bugzilla	SUSE Bug 1226643	https://bugzilla.suse.com/1226643
Bugzilla	SUSE Bug 1226644	https://bugzilla.suse.com/1226644
Bugzilla	SUSE Bug 1226645	https://bugzilla.suse.com/1226645
Bugzilla	SUSE Bug 1226647	https://bugzilla.suse.com/1226647
Bugzilla	SUSE Bug 1226650	https://bugzilla.suse.com/1226650
Bugzilla	SUSE Bug 1226669	https://bugzilla.suse.com/1226669
Bugzilla	SUSE Bug 1226670	https://bugzilla.suse.com/1226670
Bugzilla	SUSE Bug 1226672	https://bugzilla.suse.com/1226672
Bugzilla	SUSE Bug 1226674	https://bugzilla.suse.com/1226674
Bugzilla	SUSE Bug 1226679	https://bugzilla.suse.com/1226679
Bugzilla	SUSE Bug 1226686	https://bugzilla.suse.com/1226686
Bugzilla	SUSE Bug 1226691	https://bugzilla.suse.com/1226691
Bugzilla	SUSE Bug 1226692	https://bugzilla.suse.com/1226692
Bugzilla	SUSE Bug 1226698	https://bugzilla.suse.com/1226698
Bugzilla	SUSE Bug 1226703	https://bugzilla.suse.com/1226703
Bugzilla	SUSE Bug 1226708	https://bugzilla.suse.com/1226708
Bugzilla	SUSE Bug 1226709	https://bugzilla.suse.com/1226709
Bugzilla	SUSE Bug 1226711	https://bugzilla.suse.com/1226711
Bugzilla	SUSE Bug 1226712	https://bugzilla.suse.com/1226712
Bugzilla	SUSE Bug 1226713	https://bugzilla.suse.com/1226713
Bugzilla	SUSE Bug 1226715	https://bugzilla.suse.com/1226715
Bugzilla	SUSE Bug 1226716	https://bugzilla.suse.com/1226716
Bugzilla	SUSE Bug 1226720	https://bugzilla.suse.com/1226720
Bugzilla	SUSE Bug 1226721	https://bugzilla.suse.com/1226721
Bugzilla	SUSE Bug 1226732	https://bugzilla.suse.com/1226732
Bugzilla	SUSE Bug 1226762	https://bugzilla.suse.com/1226762
Bugzilla	SUSE Bug 1226785	https://bugzilla.suse.com/1226785
Bugzilla	SUSE Bug 1226786	https://bugzilla.suse.com/1226786
Bugzilla	SUSE Bug 1226962	https://bugzilla.suse.com/1226962
CVE	SUSE CVE CVE-2021-43389 page	https://www.suse.com/security/cve/CVE-2021-43389/
CVE	SUSE CVE CVE-2021-4439 page	https://www.suse.com/security/cve/CVE-2021-4439/
CVE	SUSE CVE CVE-2021-47247 page	https://www.suse.com/security/cve/CVE-2021-47247/
CVE	SUSE CVE CVE-2021-47311 page	https://www.suse.com/security/cve/CVE-2021-47311/
CVE	SUSE CVE CVE-2021-47328 page	https://www.suse.com/security/cve/CVE-2021-47328/
CVE	SUSE CVE CVE-2021-47368 page	https://www.suse.com/security/cve/CVE-2021-47368/
CVE	SUSE CVE CVE-2021-47372 page	https://www.suse.com/security/cve/CVE-2021-47372/
CVE	SUSE CVE CVE-2021-47379 page	https://www.suse.com/security/cve/CVE-2021-47379/
CVE	SUSE CVE CVE-2021-47571 page	https://www.suse.com/security/cve/CVE-2021-47571/
CVE	SUSE CVE CVE-2021-47576 page	https://www.suse.com/security/cve/CVE-2021-47576/
CVE	SUSE CVE CVE-2021-47583 page	https://www.suse.com/security/cve/CVE-2021-47583/
CVE	SUSE CVE CVE-2021-47589 page	https://www.suse.com/security/cve/CVE-2021-47589/
CVE	SUSE CVE CVE-2021-47595 page	https://www.suse.com/security/cve/CVE-2021-47595/
CVE	SUSE CVE CVE-2021-47596 page	https://www.suse.com/security/cve/CVE-2021-47596/
CVE	SUSE CVE CVE-2021-47600 page	https://www.suse.com/security/cve/CVE-2021-47600/
CVE	SUSE CVE CVE-2021-47602 page	https://www.suse.com/security/cve/CVE-2021-47602/
CVE	SUSE CVE CVE-2021-47609 page	https://www.suse.com/security/cve/CVE-2021-47609/
CVE	SUSE CVE CVE-2021-47611 page	https://www.suse.com/security/cve/CVE-2021-47611/
CVE	SUSE CVE CVE-2021-47612 page	https://www.suse.com/security/cve/CVE-2021-47612/
CVE	SUSE CVE CVE-2021-47617 page	https://www.suse.com/security/cve/CVE-2021-47617/
CVE	SUSE CVE CVE-2021-47618 page	https://www.suse.com/security/cve/CVE-2021-47618/
CVE	SUSE CVE CVE-2021-47619 page	https://www.suse.com/security/cve/CVE-2021-47619/
CVE	SUSE CVE CVE-2021-47620 page	https://www.suse.com/security/cve/CVE-2021-47620/
CVE	SUSE CVE CVE-2022-2938 page	https://www.suse.com/security/cve/CVE-2022-2938/
CVE	SUSE CVE CVE-2022-48711 page	https://www.suse.com/security/cve/CVE-2022-48711/
CVE	SUSE CVE CVE-2022-48715 page	https://www.suse.com/security/cve/CVE-2022-48715/
CVE	SUSE CVE CVE-2022-48717 page	https://www.suse.com/security/cve/CVE-2022-48717/
CVE	SUSE CVE CVE-2022-48722 page	https://www.suse.com/security/cve/CVE-2022-48722/
CVE	SUSE CVE CVE-2022-48724 page	https://www.suse.com/security/cve/CVE-2022-48724/
CVE	SUSE CVE CVE-2022-48726 page	https://www.suse.com/security/cve/CVE-2022-48726/
CVE	SUSE CVE CVE-2022-48728 page	https://www.suse.com/security/cve/CVE-2022-48728/
CVE	SUSE CVE CVE-2022-48730 page	https://www.suse.com/security/cve/CVE-2022-48730/
CVE	SUSE CVE CVE-2022-48732 page	https://www.suse.com/security/cve/CVE-2022-48732/
CVE	SUSE CVE CVE-2022-48736 page	https://www.suse.com/security/cve/CVE-2022-48736/
CVE	SUSE CVE CVE-2022-48737 page	https://www.suse.com/security/cve/CVE-2022-48737/
CVE	SUSE CVE CVE-2022-48738 page	https://www.suse.com/security/cve/CVE-2022-48738/
CVE	SUSE CVE CVE-2022-48746 page	https://www.suse.com/security/cve/CVE-2022-48746/
CVE	SUSE CVE CVE-2022-48747 page	https://www.suse.com/security/cve/CVE-2022-48747/
CVE	SUSE CVE CVE-2022-48748 page	https://www.suse.com/security/cve/CVE-2022-48748/
CVE	SUSE CVE CVE-2022-48749 page	https://www.suse.com/security/cve/CVE-2022-48749/
CVE	SUSE CVE CVE-2022-48752 page	https://www.suse.com/security/cve/CVE-2022-48752/
CVE	SUSE CVE CVE-2022-48754 page	https://www.suse.com/security/cve/CVE-2022-48754/
CVE	SUSE CVE CVE-2022-48756 page	https://www.suse.com/security/cve/CVE-2022-48756/
CVE	SUSE CVE CVE-2022-48758 page	https://www.suse.com/security/cve/CVE-2022-48758/
CVE	SUSE CVE CVE-2022-48759 page	https://www.suse.com/security/cve/CVE-2022-48759/
CVE	SUSE CVE CVE-2022-48760 page	https://www.suse.com/security/cve/CVE-2022-48760/
CVE	SUSE CVE CVE-2022-48767 page	https://www.suse.com/security/cve/CVE-2022-48767/
CVE	SUSE CVE CVE-2022-48768 page	https://www.suse.com/security/cve/CVE-2022-48768/
CVE	SUSE CVE CVE-2022-48771 page	https://www.suse.com/security/cve/CVE-2022-48771/
CVE	SUSE CVE CVE-2023-24023 page	https://www.suse.com/security/cve/CVE-2023-24023/
CVE	SUSE CVE CVE-2023-52707 page	https://www.suse.com/security/cve/CVE-2023-52707/
CVE	SUSE CVE CVE-2023-52752 page	https://www.suse.com/security/cve/CVE-2023-52752/
CVE	SUSE CVE CVE-2023-52881 page	https://www.suse.com/security/cve/CVE-2023-52881/
CVE	SUSE CVE CVE-2024-26822 page	https://www.suse.com/security/cve/CVE-2024-26822/
CVE	SUSE CVE CVE-2024-35789 page	https://www.suse.com/security/cve/CVE-2024-35789/
CVE	SUSE CVE CVE-2024-35861 page	https://www.suse.com/security/cve/CVE-2024-35861/
CVE	SUSE CVE CVE-2024-35862 page	https://www.suse.com/security/cve/CVE-2024-35862/
CVE	SUSE CVE CVE-2024-35864 page	https://www.suse.com/security/cve/CVE-2024-35864/
CVE	SUSE CVE CVE-2024-35878 page	https://www.suse.com/security/cve/CVE-2024-35878/
CVE	SUSE CVE CVE-2024-35950 page	https://www.suse.com/security/cve/CVE-2024-35950/
CVE	SUSE CVE CVE-2024-36894 page	https://www.suse.com/security/cve/CVE-2024-36894/
CVE	SUSE CVE CVE-2024-36904 page	https://www.suse.com/security/cve/CVE-2024-36904/
CVE	SUSE CVE CVE-2024-36940 page	https://www.suse.com/security/cve/CVE-2024-36940/
CVE	SUSE CVE CVE-2024-36964 page	https://www.suse.com/security/cve/CVE-2024-36964/
CVE	SUSE CVE CVE-2024-38541 page	https://www.suse.com/security/cve/CVE-2024-38541/
CVE	SUSE CVE CVE-2024-38545 page	https://www.suse.com/security/cve/CVE-2024-38545/
CVE	SUSE CVE CVE-2024-38559 page	https://www.suse.com/security/cve/CVE-2024-38559/
CVE	SUSE CVE CVE-2024-38560 page	https://www.suse.com/security/cve/CVE-2024-38560/

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date