SUSE-SU-2024:2010-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20242010-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:2010-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:2010-1
Related
Published
2024-06-12T16:39:35Z
Modified
2024-06-12T16:39:35Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
  • CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).
  • CVE-2021-47496: Fix flipped sign in tlserrabort() calls (bsc#1225354)
  • CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301)
  • CVE-2022-48673: kABI workarounds for struct smc_link (bsc#1223934).
  • CVE-2023-52871: Handle a second device without data corruption (bsc#1225534)
  • CVE-2024-26828: Fixed underflow in parseserverinterfaces() (bsc#1223084).
  • CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).
  • CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).
  • CVE-2024-27413: Fixed incorrect allocation size (bsc#1224438).
  • CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208).
  • CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).
  • CVE-2023-52840: Fix use after free in rmiunregisterfunction() (bsc#1224928).
  • CVE-2021-47261: Fix initializing CQ fragments buffer (bsc#1224954)
  • CVE-2021-47254: Fix use-after-free in gfs2glockshrink_scan (bsc#1224888).
  • CVE-2024-27398: Fixed use-after-free bugs caused by scosocktimeout (bsc#1224174).
  • CVE-2024-26929: Fixed double free of fcport (bsc#1223715).
  • CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223626).
  • CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).
  • CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
  • CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
  • CVE-2023-52686: Fix a null pointer in opaleventinit() (bsc#1065729).

The following non-security bugs were fixed:

  • afunix: annote lockless accesses to unixtotinflight & gcin_progress (bsc#1223384).
  • afunix: Do not use atomic ops for unixsk(sk)->inflight (bsc#1223384).
  • afunix: Replace BUGON() with WARNONONCE() (bsc#1223384).
  • btrfs: do not start relocation until in progress drops are done (bsc#1222251).
  • btrfs: do not start relocation until in progress drops are done (bsc#1222251).
  • cifs: add missing spinlock around tcon refcount (bsc#1213476).
  • cifs: avoid dup prefix path in dfsgetautomount_devname() (bsc#1213476).
  • cifs: avoid race conditions with parallel reconnects (bsc#1213476).
  • cifs: avoid re-lookups in dfscachefind() (bsc#1213476).
  • cifs: avoid use of global locks for high contention data (bsc#1213476).
  • cifs: check only tcon status on tcon related functions (bsc#1213476).
  • cifs: do all necessary checks for credits within or before locking (bsc#1213476).
  • cifs: do not block in dfscachenorequpdatetgthint() (bsc#1213476).
  • cifs: do not refresh cached referrals from unactive mounts (bsc#1213476).
  • cifs: do not take exclusive lock for updating target hints (bsc#1213476).
  • cifs: fix confusing debug message (bsc#1213476).
  • cifs: fix missing unloadnls() in smb2reconnect() (bsc#1213476).
  • cifs: fix potential deadlock in cacherefreshpath() (bsc#1213476).
  • cifs: fix refresh of cached referrals (bsc#1213476).
  • cifs: fix return of uninitialized rc in dfscacheupdate_tgthint() (bsc#1213476).
  • cifs: fix source pathname comparison of dfs supers (bsc#1213476).
  • cifs: fix status checks in cifstreeconnect (bsc#1213476).
  • cifs: fix use-after-free bug in refreshcacheworker() (bsc#1213476).
  • cifs: get rid of dns resolve worker (bsc#1213476).
  • cifs: get rid of mount options string parsing (bsc#1213476).
  • cifs: handle cache lookup errors different than -ENOENT (bsc#1213476).
  • cifs: ignore ipc reconnect failures during dfs failover (bsc#1213476).
  • cifs: match even the scope id for ipv6 addresses (bsc#1213476).
  • cifs: optimize reconnect of nested links (bsc#1213476).
  • cifs: prevent data race in smb2_reconnect() (bsc#1213476).
  • cifs: refresh root referrals (bsc#1213476).
  • cifs: remove duplicate code in _refreshtcon() (bsc#1213476).
  • cifs: remove unused function (bsc#1213476).
  • cifs: remove unused smb3fscontext::mount_options (bsc#1213476).
  • cifs: return DFS root session id in DebugData (bsc#1213476).
  • cifs: reuse cifsmatchipaddr for comparison of dstaddr too (bsc#1213476).
  • cifs: set correct ipc status after initial tree connect (bsc#1213476).
  • cifs: set correct status of tcon ipc when reconnecting (bsc#1213476).
  • cifs: set correct tcon status after initial tree connect (bsc#1213476).
  • cifs: set DFS root session in cifsgetsmb_ses() (bsc#1213476).
  • cifs: set resolved ip in sockaddr (bsc#1213476).
  • cifs: share dfs connections and supers (bsc#1213476).
  • cifs: split out ses and tcon retrieval from mountgetconns() (bsc#1213476).
  • cifs: use fs_context for automounts (bsc#1213476).
  • cifs: use origin fullpath for automounts (bsc#1213476).
  • cifs: use tcon allocation functions even for dummy tcon (bsc#1213476).
  • netfilter: nf_tables: defer gc run if previous batch is still pending (git-fixes).
  • netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path (git-fixes).
  • netfilter: nf_tables: fix kdoc warnings after gc rework (git-fixes).
  • netfilter: nf_tables: fix memleak when more than 255 elements expired (git-fixes).
  • netfilter: nf_tables: GC transaction race with abort path (git-fixes).
  • netfilter: nf_tables: GC transaction race with netns dismantle (git-fixes).
  • netfilter: nf_tables: mark newset as dead on transaction abort (git-fixes).
  • netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (git-fixes).
  • netfilter: nftables: nftset_rbtree: fix spurious insertion failure (git-fixes).
  • netfilter: nftables: release mutex after nftgcseqend from abort path (git-fixes).
  • netfilter: nf_tables: skip dead set elements in netlink dump (git-fixes).
  • netfilter: nftables: use correct lock to protect gclist (git-fixes).
  • netfilter: nftsethash: try later when GC hits EAGAIN on iteration (git-fixes).
  • netfilter: nftsetrbtree: Add missing expired checks (git-fixes).
  • netfilter: nftsetrbtree: bogus lookup/get on consecutive elements in named sets (git-fixes).
  • netfilter: nftsetrbtree: Detect partial overlap with start endpoint match (git-fixes).
  • netfilter: nftsetrbtree: Detect partial overlaps on insertion (git-fixes).
  • netfilter: nftsetrbtree: Do not account for expired elements on insertion (git-fixes).
  • netfilter: nftsetrbtree: Drop spurious condition for overlap detection on insertion (git-fixes).
  • netfilter: nftsetrbtree: fix null deref on element insertion (git-fixes).
  • netfilter: nftsetrbtree: fix overlap expiration walk (git-fixes).
  • netfilter: nftsetrbtree: Handle outcomes of tree rotations in overlap detection (git-fixes).
  • netfilter: nftsetrbtree: Introduce and use nftrbtreeinterval_start() (git-fixes).
  • netfilter: nftsetrbtree: overlap detection with element re-addition after deletion (git-fixes).
  • netfilter: nftsetrbtree: skip elements in transaction from garbage collection (git-fixes).
  • netfilter: nftsetrbtree: skip end interval element from gc (git-fixes).
  • netfilter: nftsetrbtree: skip sync GC for new elements in this transaction (git-fixes).
  • netfilter: nftsetrbtree: Switch to node list walk for overlap detection (git-fixes).
  • netfilter: nftsetrbtree: use read spinlock to avoid datapath contention (git-fixes).
  • NFC: nxp: add NXP1002 (bsc#1185589).
  • PCI: rpaphp: Add MODULE_DESCRIPTION (bsc#1176869 ltc#188243).
  • smb: client: fix dfs link mount against w2k8 (git-fixes).
  • smb: client: fix null auth (bsc#1213476).
  • smb: client: set correct id, uid and cruid for multiuser automounts (git-fixes).
  • x86/xen: Drop USERGS_SYSRET64 paravirt call (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Micro 5.1 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.172.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.172.1",
            "kernel-rt": "5.3.18-150300.172.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.172.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.172.1",
            "kernel-rt": "5.3.18-150300.172.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.172.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.172.1",
            "kernel-rt": "5.3.18-150300.172.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.172.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-source-rt": "5.3.18-150300.172.1",
            "kernel-rt": "5.3.18-150300.172.1"
        }
    ]
}