1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:2495-1

[SUSE-SU-2024:2495-1] Security update for the Linux Kernel

Severity Important
CVEs 28
Info References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
  • CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
  • CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
  • CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
  • CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
  • CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
  • CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
  • CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634,).
  • CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595)
  • CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
  • CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).
  • CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
  • CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
  • CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
  • CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).
  • CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()(bsc#1224766).
  • CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
  • CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
  • CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
  • CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
  • CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
  • CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
  • CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
  • CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
  • CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
  • CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
  • CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
  • CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).

The following non-security bugs were fixed:

  • Revert 'build initrd without systemd' (bsc#1195775)'
  • cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
  • cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
  • cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
  • cgroup: Remove unnecessary list_empty() (bsc#1222254).
  • cgroup: preserve KABI of cgroup_root (bsc#1222254).
  • ocfs2: adjust enabling place for la window (bsc#1219224).
  • ocfs2: fix sparse warnings (bsc#1219224).
  • ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
  • ocfs2: speed up chain-list searching (bsc#1219224).
  • random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
  • rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212).
  • rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211).
  • scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1216124).
  • smb: client: ensure to try all targets when finding nested links (bsc#1224020).
  • x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
  • xfs: do not include bnobt blocks when reserving free block pool (bsc#1226270).
ID
SUSE-SU-2024:2495-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20242495-1/
Published
2024-07-16T07:30:13
(2 months ago)
Modified
2024-07-16T07:30:13
(2 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2495-1.json
Suse URL for SUSE-SU-2024:2495-1 https://www.suse.com/support/update/announcement/2024/suse-su-20242495-1/
Suse E-Mail link for SUSE-SU-2024:2495-1 https://lists.suse.com/pipermail/sle-security-updates/2024-July/018982.html
Bugzilla SUSE Bug 1195775 https://bugzilla.suse.com/1195775
Bugzilla SUSE Bug 1216124 https://bugzilla.suse.com/1216124
Bugzilla SUSE Bug 1218148 https://bugzilla.suse.com/1218148
Bugzilla SUSE Bug 1219224 https://bugzilla.suse.com/1219224
Bugzilla SUSE Bug 1220492 https://bugzilla.suse.com/1220492
Bugzilla SUSE Bug 1222015 https://bugzilla.suse.com/1222015
Bugzilla SUSE Bug 1222254 https://bugzilla.suse.com/1222254
Bugzilla SUSE Bug 1222678 https://bugzilla.suse.com/1222678
Bugzilla SUSE Bug 1223384 https://bugzilla.suse.com/1223384
Bugzilla SUSE Bug 1224020 https://bugzilla.suse.com/1224020
Bugzilla SUSE Bug 1224679 https://bugzilla.suse.com/1224679
Bugzilla SUSE Bug 1224696 https://bugzilla.suse.com/1224696
Bugzilla SUSE Bug 1224703 https://bugzilla.suse.com/1224703
Bugzilla SUSE Bug 1224749 https://bugzilla.suse.com/1224749
Bugzilla SUSE Bug 1224764 https://bugzilla.suse.com/1224764
Bugzilla SUSE Bug 1224765 https://bugzilla.suse.com/1224765
Bugzilla SUSE Bug 1224766 https://bugzilla.suse.com/1224766
Bugzilla SUSE Bug 1224935 https://bugzilla.suse.com/1224935
Bugzilla SUSE Bug 1225098 https://bugzilla.suse.com/1225098
Bugzilla SUSE Bug 1225467 https://bugzilla.suse.com/1225467
Bugzilla SUSE Bug 1225487 https://bugzilla.suse.com/1225487
Bugzilla SUSE Bug 1225518 https://bugzilla.suse.com/1225518
Bugzilla SUSE Bug 1225611 https://bugzilla.suse.com/1225611
Bugzilla SUSE Bug 1225732 https://bugzilla.suse.com/1225732
Bugzilla SUSE Bug 1225737 https://bugzilla.suse.com/1225737
Bugzilla SUSE Bug 1225749 https://bugzilla.suse.com/1225749
Bugzilla SUSE Bug 1225840 https://bugzilla.suse.com/1225840
Bugzilla SUSE Bug 1225866 https://bugzilla.suse.com/1225866
Bugzilla SUSE Bug 1226145 https://bugzilla.suse.com/1226145
Bugzilla SUSE Bug 1226211 https://bugzilla.suse.com/1226211
Bugzilla SUSE Bug 1226212 https://bugzilla.suse.com/1226212
Bugzilla SUSE Bug 1226270 https://bugzilla.suse.com/1226270
Bugzilla SUSE Bug 1226587 https://bugzilla.suse.com/1226587
Bugzilla SUSE Bug 1226595 https://bugzilla.suse.com/1226595
Bugzilla SUSE Bug 1226634 https://bugzilla.suse.com/1226634
Bugzilla SUSE Bug 1226758 https://bugzilla.suse.com/1226758
Bugzilla SUSE Bug 1226785 https://bugzilla.suse.com/1226785
Bugzilla SUSE Bug 1226786 https://bugzilla.suse.com/1226786
Bugzilla SUSE Bug 1226789 https://bugzilla.suse.com/1226789
Bugzilla SUSE Bug 1226953 https://bugzilla.suse.com/1226953
Bugzilla SUSE Bug 1226962 https://bugzilla.suse.com/1226962
CVE SUSE CVE CVE-2021-47555 page https://www.suse.com/security/cve/CVE-2021-47555/
CVE SUSE CVE CVE-2021-47571 page https://www.suse.com/security/cve/CVE-2021-47571/
CVE SUSE CVE CVE-2023-24023 page https://www.suse.com/security/cve/CVE-2023-24023/
CVE SUSE CVE CVE-2023-52670 page https://www.suse.com/security/cve/CVE-2023-52670/
CVE SUSE CVE CVE-2023-52752 page https://www.suse.com/security/cve/CVE-2023-52752/
CVE SUSE CVE CVE-2023-52837 page https://www.suse.com/security/cve/CVE-2023-52837/
CVE SUSE CVE CVE-2023-52846 page https://www.suse.com/security/cve/CVE-2023-52846/
CVE SUSE CVE CVE-2023-52881 page https://www.suse.com/security/cve/CVE-2023-52881/
CVE SUSE CVE CVE-2024-26745 page https://www.suse.com/security/cve/CVE-2024-26745/
CVE SUSE CVE CVE-2024-26923 page https://www.suse.com/security/cve/CVE-2024-26923/
CVE SUSE CVE CVE-2024-35789 page https://www.suse.com/security/cve/CVE-2024-35789/
CVE SUSE CVE CVE-2024-35861 page https://www.suse.com/security/cve/CVE-2024-35861/
CVE SUSE CVE CVE-2024-35862 page https://www.suse.com/security/cve/CVE-2024-35862/
CVE SUSE CVE CVE-2024-35864 page https://www.suse.com/security/cve/CVE-2024-35864/
CVE SUSE CVE CVE-2024-35869 page https://www.suse.com/security/cve/CVE-2024-35869/
CVE SUSE CVE CVE-2024-35950 page https://www.suse.com/security/cve/CVE-2024-35950/
CVE SUSE CVE CVE-2024-36894 page https://www.suse.com/security/cve/CVE-2024-36894/
CVE SUSE CVE CVE-2024-36899 page https://www.suse.com/security/cve/CVE-2024-36899/
CVE SUSE CVE CVE-2024-36904 page https://www.suse.com/security/cve/CVE-2024-36904/
CVE SUSE CVE CVE-2024-36940 page https://www.suse.com/security/cve/CVE-2024-36940/
CVE SUSE CVE CVE-2024-36964 page https://www.suse.com/security/cve/CVE-2024-36964/
CVE SUSE CVE CVE-2024-36971 page https://www.suse.com/security/cve/CVE-2024-36971/
CVE SUSE CVE CVE-2024-38541 page https://www.suse.com/security/cve/CVE-2024-38541/
CVE SUSE CVE CVE-2024-38545 page https://www.suse.com/security/cve/CVE-2024-38545/
CVE SUSE CVE CVE-2024-38559 page https://www.suse.com/security/cve/CVE-2024-38559/
CVE SUSE CVE CVE-2024-38560 page https://www.suse.com/security/cve/CVE-2024-38560/
CVE SUSE CVE CVE-2024-38564 page https://www.suse.com/security/cve/CVE-2024-38564/
CVE SUSE CVE CVE-2024-38578 page https://www.suse.com/security/cve/CVE-2024-38578/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date