SUSE-SU-2024:1647-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2024/suse-su-20241647-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:1647-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2024:1647-1
Related
Published
2024-05-14T14:30:56Z
Modified
2025-05-08T17:29:31.320967Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
  • CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
  • CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
  • CVE-2024-23848: Fixed media/cec for possible use-after-free in cecqueuemsg_fh (bsc#1219104).
  • CVE-2022-48662: Fixed a general protection fault (GPF) in i915perfopen_ioctl (bsc#1223505).
  • CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
  • CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpiecinit (bsc#1221612).
  • CVE-2024-26816: Fixed relocations in .notes section when building with CONFIGXENPV=y by ignoring them (bsc#1222624).
  • CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
  • CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
  • CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435).
  • CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
  • CVE-2024-26764: Fixed IOCBAIORW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
  • CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4mbtrybestfound() (bsc#1222618).
  • CVE-2024-26766: Fixed SDMA off-by-one error in padsdmatxdescs() (bsc#1222726).
  • CVE-2024-26689: Fixed a use-after-free in encodecapmsg() (bsc#1222503).
  • CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
  • CVE-2023-52500: Fixed information leaking when processing OPCINBSETCONTROLLERCONFIG command (bsc#1220883).
  • CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
  • CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
  • CVE-2023-7192: Fixed a memory leak problem in ctnetlinkcreateconntrack in net/netfilter/nfconntracknetlink.c (bsc#1218479).
  • CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
  • CVE-2023-52607: Fixed NULL pointer dereference in pgtablecacheadd kasprintf() (bsc#1221061).
  • CVE-2023-7042: Fixed a null-pointer-dereference in ath10kwmitlvoppullmgmttxcomplev() (bsc#1218336).
  • CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).

The following non-security bugs were fixed:

  • Call flushdelayedfput() from nfsd main-loop (bsc#1223380).
  • ibmvfc: make 'max_sectors' a module option (bsc#1216223).
  • scsi: Update maxhwsectors on rescan (bsc#1216223).
References

Affected packages

SUSE:Linux Enterprise Micro 5.3 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.79.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.79.1",
            "kernel-rt": "5.14.21-150400.15.79.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.3 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.79.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.79.1",
            "kernel-rt": "5.14.21-150400.15.79.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.79.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.79.1",
            "kernel-rt": "5.14.21-150400.15.79.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.79.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-source-rt": "5.14.21-150400.15.79.1",
            "kernel-rt": "5.14.21-150400.15.79.1"
        }
    ]
}

openSUSE:Leap Micro 5.3 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.79.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-rt": "5.14.21-150400.15.79.1"
        }
    ]
}

openSUSE:Leap Micro 5.4 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.14.21-150400.15.79.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-rt": "5.14.21-150400.15.79.1"
        }
    ]
}