1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:2895-1

[SUSE-SU-2024:2895-1] Security update for the Linux Kernel

Severity Important
CVEs 13
Info References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743)
  • CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB (bsc#1226550).
  • CVE-2021-47219: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (bsc#1222824).
  • CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431).
  • CVE-2021-47600: dm btree remove: fix use after free in rebalance_children() (bsc#1226575).
  • CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
  • CVE-2024-38599: jffs2: prevent xattr node from overflowing the eraseblock (bsc#1226848).
  • CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
  • CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
  • CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).

The following non-security bugs were fixed:

  • af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
  • af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
  • af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
  • kvm: prevent kvm_clock time-warps (bsc#1197439).
  • net: unix: properly re-increment inflight counter of GC discarded candidates (bsc#1223384).
ID
SUSE-SU-2024:2895-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20242895-1/
Published
2024-08-13T14:08:42
(4 weeks ago)
Modified
2024-08-13T14:08:42
(4 weeks ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2895-1.json
Suse URL for SUSE-SU-2024:2895-1 https://www.suse.com/support/update/announcement/2024/suse-su-20242895-1/
Suse E-Mail link for SUSE-SU-2024:2895-1 https://lists.suse.com/pipermail/sle-security-updates/2024-August/019186.html
Bugzilla SUSE Bug 1191958 https://bugzilla.suse.com/1191958
Bugzilla SUSE Bug 1197439 https://bugzilla.suse.com/1197439
Bugzilla SUSE Bug 1222824 https://bugzilla.suse.com/1222824
Bugzilla SUSE Bug 1223384 https://bugzilla.suse.com/1223384
Bugzilla SUSE Bug 1225431 https://bugzilla.suse.com/1225431
Bugzilla SUSE Bug 1225487 https://bugzilla.suse.com/1225487
Bugzilla SUSE Bug 1225611 https://bugzilla.suse.com/1225611
Bugzilla SUSE Bug 1225866 https://bugzilla.suse.com/1225866
Bugzilla SUSE Bug 1226550 https://bugzilla.suse.com/1226550
Bugzilla SUSE Bug 1226575 https://bugzilla.suse.com/1226575
Bugzilla SUSE Bug 1226670 https://bugzilla.suse.com/1226670
Bugzilla SUSE Bug 1226848 https://bugzilla.suse.com/1226848
Bugzilla SUSE Bug 1227154 https://bugzilla.suse.com/1227154
Bugzilla SUSE Bug 1228743 https://bugzilla.suse.com/1228743
CVE SUSE CVE CVE-2016-20022 page https://www.suse.com/security/cve/CVE-2016-20022/
CVE SUSE CVE CVE-2021-43389 page https://www.suse.com/security/cve/CVE-2021-43389/
CVE SUSE CVE CVE-2021-4439 page https://www.suse.com/security/cve/CVE-2021-4439/
CVE SUSE CVE CVE-2021-47219 page https://www.suse.com/security/cve/CVE-2021-47219/
CVE SUSE CVE CVE-2021-47520 page https://www.suse.com/security/cve/CVE-2021-47520/
CVE SUSE CVE CVE-2021-47580 page https://www.suse.com/security/cve/CVE-2021-47580/
CVE SUSE CVE CVE-2021-47600 page https://www.suse.com/security/cve/CVE-2021-47600/
CVE SUSE CVE CVE-2023-52752 page https://www.suse.com/security/cve/CVE-2023-52752/
CVE SUSE CVE CVE-2023-52881 page https://www.suse.com/security/cve/CVE-2023-52881/
CVE SUSE CVE CVE-2024-26923 page https://www.suse.com/security/cve/CVE-2024-26923/
CVE SUSE CVE CVE-2024-36964 page https://www.suse.com/security/cve/CVE-2024-36964/
CVE SUSE CVE CVE-2024-38599 page https://www.suse.com/security/cve/CVE-2024-38599/
CVE SUSE CVE CVE-2024-42145 page https://www.suse.com/security/cve/CVE-2024-42145/
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date