[SUSE-SU-2024:2495-1] Security update for the Linux Kernel
Severity
Important
CVEs
28
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634,).
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595)
- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
- CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()(bsc#1224766).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
- CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
- CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
The following non-security bugs were fixed:
- Revert 'build initrd without systemd' (bsc#1195775)'
- cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
- cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
- cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
- cgroup: Remove unnecessary list_empty() (bsc#1222254).
- cgroup: preserve KABI of cgroup_root (bsc#1222254).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212).
- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1216124).
- smb: client: ensure to try all targets when finding nested links (bsc#1224020).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
- xfs: do not include bnobt blocks when reserving free block pool (bsc#1226270).
- ID
- SUSE-SU-2024:2495-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20242495-1/
- Published
-
2024-07-16T07:30:13
(2 months ago) - Modified
-
2024-07-16T07:30:13
(2 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2024-1899
- ALAS2-2024-2391
- ALAS2-2024-2581
- ALAS2-2024-2622
- ALSA-2024:3138
- ALSA-2024:4211
- ALSA-2024:5101
- CISA-2024:0807
- DSA-5680-1
- DSA-5681-1
- DSA-5703-1
- DSA-5730-1
- DSA-5731-1
- ELSA-2024-12581
- ELSA-2024-12584
- ELSA-2024-12585
- ELSA-2024-12606
- ELSA-2024-12610
- ELSA-2024-12611
- ELSA-2024-12612
- ELSA-2024-2394
- ELSA-2024-3138
- ELSA-2024-4211
- ELSA-2024-4583
- ELSA-2024-5101
- ELSA-2024-5363
- MS:CVE-2023-24023
- RHSA-2024:2950
- RHSA-2024:3138
- RHSA-2024:4211
- RHSA-2024:4352
- RHSA-2024:5101
- RHSA-2024:5102
- RHSA-2024:5522
- RHSA-2024:5523
- RLSA-2024:3138
- RLSA-2024:4211
- RLSA-2024:4583
- RLSA-2024:5101
- SUSE-SU-2024:1490-1
- SUSE-SU-2024:1659-1
- SUSE-SU-2024:1663-1
- SUSE-SU-2024:1979-1
- SUSE-SU-2024:1983-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2019-1
- SUSE-SU-2024:2135-1
- SUSE-SU-2024:2184-1
- SUSE-SU-2024:2190-1
- SUSE-SU-2024:2203-1
- SUSE-SU-2024:2326-1
- SUSE-SU-2024:2335-1
- SUSE-SU-2024:2337-1
- SUSE-SU-2024:2338-1
- SUSE-SU-2024:2341-1
- SUSE-SU-2024:2342-1
- SUSE-SU-2024:2343-1
- SUSE-SU-2024:2344-1
- SUSE-SU-2024:2351-1
- SUSE-SU-2024:2357-1
- SUSE-SU-2024:2358-1
- SUSE-SU-2024:2360-1
- SUSE-SU-2024:2362-1
- SUSE-SU-2024:2365-1
- SUSE-SU-2024:2368-1
- SUSE-SU-2024:2369-1
- SUSE-SU-2024:2372-1
- SUSE-SU-2024:2373-1
- SUSE-SU-2024:2381-1
- SUSE-SU-2024:2382-1
- SUSE-SU-2024:2384-1
- SUSE-SU-2024:2385-1
- SUSE-SU-2024:2394-1
- SUSE-SU-2024:2396-1
- SUSE-SU-2024:2407-1
- SUSE-SU-2024:2410-1
- SUSE-SU-2024:2411-1
- SUSE-SU-2024:2437-1
- SUSE-SU-2024:2446-1
- SUSE-SU-2024:2447-1
- SUSE-SU-2024:2448-1
- SUSE-SU-2024:2449-1
- SUSE-SU-2024:2472-1
- SUSE-SU-2024:2473-1
- SUSE-SU-2024:2474-1
- SUSE-SU-2024:2480-1
- SUSE-SU-2024:2487-1
- SUSE-SU-2024:2488-1
- SUSE-SU-2024:2530-1
- SUSE-SU-2024:2549-1
- SUSE-SU-2024:2558-1
- SUSE-SU-2024:2559-1
- SUSE-SU-2024:2561-1
- SUSE-SU-2024:2571-1
- SUSE-SU-2024:2719-1
- SUSE-SU-2024:2722-1
- SUSE-SU-2024:2723-1
- SUSE-SU-2024:2724-1
- SUSE-SU-2024:2725-1
- SUSE-SU-2024:2726-1
- SUSE-SU-2024:2734-1
- SUSE-SU-2024:2740-1
- SUSE-SU-2024:2750-1
- SUSE-SU-2024:2751-1
- SUSE-SU-2024:2755-1
- SUSE-SU-2024:2758-1
- SUSE-SU-2024:2759-1
- SUSE-SU-2024:2760-1
- SUSE-SU-2024:2771-1
- SUSE-SU-2024:2773-1
- SUSE-SU-2024:2792-1
- SUSE-SU-2024:2793-1
- SUSE-SU-2024:2797-1
- SUSE-SU-2024:2802-1
- SUSE-SU-2024:2815-1
- SUSE-SU-2024:2818-1
- SUSE-SU-2024:2821-1
- SUSE-SU-2024:2822-1
- SUSE-SU-2024:2823-1
- SUSE-SU-2024:2824-1
- SUSE-SU-2024:2825-1
- SUSE-SU-2024:2827-1
- SUSE-SU-2024:2840-1
- SUSE-SU-2024:2841-1
- SUSE-SU-2024:2843-1
- SUSE-SU-2024:2850-1
- SUSE-SU-2024:2851-1
- SUSE-SU-2024:2852-1
- SUSE-SU-2024:2853-1
- SUSE-SU-2024:2874-1
- SUSE-SU-2024:2892-1
- SUSE-SU-2024:2894-1
- SUSE-SU-2024:2895-1
- SUSE-SU-2024:2896-1
- SUSE-SU-2024:2901-1
- SUSE-SU-2024:2923-1
- SUSE-SU-2024:2929-1
- SUSE-SU-2024:2939-1
- SUSE-SU-2024:2940-1
- SUSE-SU-2024:2947-1
- SUSE-SU-2024:2948-1
- SUSE-SU-2024:2973-1
- SUSE-SU-2024:3015-1
- SUSE-SU-2024:3034-1
- SUSE-SU-2024:3037-1
- SUSE-SU-2024:3039-1
- SUSE-SU-2024:3043-1
- SUSE-SU-2024:3044-1
- SUSE-SU-2024:3048-1
- USN-6739-1
- USN-6740-1
- USN-6741-1
- USN-6742-1
- USN-6742-2
- USN-6816-1
- USN-6817-1
- USN-6817-2
- USN-6817-3
- USN-6818-1
- USN-6818-2
- USN-6818-3
- USN-6818-4
- USN-6819-1
- USN-6819-2
- USN-6819-3
- USN-6819-4
- USN-6878-1
- USN-6893-1
- USN-6893-2
- USN-6893-3
- USN-6895-1
- USN-6895-2
- USN-6895-3
- USN-6895-4
- USN-6896-1
- USN-6896-2
- USN-6896-3
- USN-6896-4
- USN-6896-5
- USN-6898-1
- USN-6898-2
- USN-6898-3
- USN-6898-4
- USN-6900-1
- USN-6917-1
- USN-6918-1
- USN-6919-1
- USN-6923-1
- USN-6923-2
- USN-6926-1
- USN-6926-2
- USN-6926-3
- USN-6927-1
- USN-6938-1
- USN-6949-1
- USN-6949-2
- USN-6950-1
- USN-6950-2
- USN-6950-3
- USN-6950-4
- USN-6951-1
- USN-6951-2
- USN-6951-3
- USN-6951-4
- USN-6952-1
- USN-6952-2
- USN-6953-1
- USN-6955-1
- USN-6956-1
- USN-6957-1
- USN-6972-1
- USN-6972-2
- USN-6972-3
- USN-6972-4
- USN-6976-1
- USN-6979-1
- USN-6999-1
- USN-7003-1
- USN-7003-2
- USN-7003-3
- USN-7004-1
- USN-7005-1
- USN-7005-2
- USN-7006-1
- USN-7007-1
- USN-7008-1
- USN-7009-1
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |