SUSE-SU-2024:2493-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20242493-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:2493-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:2493-1
Related
Published
2024-07-16T01:38:11Z
Modified
2024-07-16T01:38:11Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

  • CVE-2021-47145: btrfs: do not BUGON in linktofixupdir (bsc#1222005).
  • CVE-2021-47201: iavf: free qvectors before queues in iavfdisable_vf (bsc#1222792).
  • CVE-2021-47275: bcache: avoid oversized read request in cache missing code path (bsc#1224965).
  • CVE-2021-47438: net/mlx5e: nullify cq->dbg pointer in mlx5debugcq_remove() (bsc#1225229)
  • CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend (bsc#1225357).
  • CVE-2021-47520: can: pchcan: pchcanrxnormal: fix use after free (bsc#1225431).
  • CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
  • CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
  • CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
  • CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627).
  • CVE-2023-52693: ACPI: video: check for error while searching for backlight device parent (bsc#1224686).
  • CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator (bsc#1225478).
  • CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (bsc#1225569).
  • CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (bsc#1225530).
  • CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (bsc#1225532).
  • CVE-2024-26635: llc: Drop support for ETHPTR8022 (bsc#1221656).
  • CVE-2024-26636: llc: make llcuisendmsg() more robust against bonding changes (bsc#1221659).
  • CVE-2024-26880: dm: call the resume method on internal suspend (bsc#1223188).
  • CVE-2024-35805: dm snapshot: fix lockup in dmexceptiontable_exit (bsc#1224743).
  • CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683).
  • CVE-2024-35828: wifi: libertas: fix some memleaks in lbsallocatecmd_buffer() (bsc#1224622).
  • CVE-2024-35947: dyndbg: fix old BUG_ON in >control parser (bsc#1224647).
  • CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference (bsc#1225593).
  • CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule (bsc#1225835).
  • CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
  • CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized (bsc#1226861).
  • CVE-2024-39301: net/9p: fix uninit-value in p9clientrpc() (bsc#1226994).
  • CVE-2024-39475: fbdev: savage: Handle err return when savagefbcheckvar failed (bsc#1227435)

The following non-security bugs were fixed:

  • PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity check (git-fixes).
  • SUNRPC: Fix gssfreeintokenpages() (git-fixes).
  • SUNRPC: Fix loop termination condition in gssfreeintokenpages() (git-fixes).
  • drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes).
  • kgdb: Add kgdbhashit_break function (git-fixes).
  • kgdb: Move the extern declaration kgdbhashit_break() to generic kgdb.h (git-fixes).
  • net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021).
  • nfs: Handle error of rpcprocregister() in nfsnetinit() (git-fixes).
  • powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
  • sched/deadline: Fix BUG_ON condition for deboosted tasks (bsc#1227407).
  • sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
  • x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys (git-fixes).
  • x86/boot/e820: Fix typo in e820.c comment (git-fixes).
  • x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes).
  • x86/fpu: Return proper error codes from user access functions (git-fixes).
  • x86/ioremap: Fix page aligned size calculation in _ioremapcaller() (git-fixes).
  • x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git-fixes).
  • x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git-fixes).
  • x86/msr: Fix wr/rdmsrsaferegsoncpu() prototypes (git-fixes).
  • x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes).
  • x86: _memcpyflushcache: fix wrong alignment if size > 2^32 (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.194.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.194.1",
            "dlm-kmp-rt": "4.12.14-10.194.1",
            "gfs2-kmp-rt": "4.12.14-10.194.1",
            "kernel-rt_debug": "4.12.14-10.194.1",
            "kernel-rt-devel": "4.12.14-10.194.1",
            "cluster-md-kmp-rt": "4.12.14-10.194.1",
            "kernel-rt_debug-devel": "4.12.14-10.194.1",
            "kernel-source-rt": "4.12.14-10.194.1",
            "kernel-rt": "4.12.14-10.194.1",
            "ocfs2-kmp-rt": "4.12.14-10.194.1",
            "kernel-syms-rt": "4.12.14-10.194.1",
            "kernel-rt-base": "4.12.14-10.194.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.194.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.194.1",
            "dlm-kmp-rt": "4.12.14-10.194.1",
            "gfs2-kmp-rt": "4.12.14-10.194.1",
            "kernel-rt_debug": "4.12.14-10.194.1",
            "kernel-rt-devel": "4.12.14-10.194.1",
            "cluster-md-kmp-rt": "4.12.14-10.194.1",
            "kernel-rt_debug-devel": "4.12.14-10.194.1",
            "kernel-source-rt": "4.12.14-10.194.1",
            "kernel-rt": "4.12.14-10.194.1",
            "ocfs2-kmp-rt": "4.12.14-10.194.1",
            "kernel-syms-rt": "4.12.14-10.194.1",
            "kernel-rt-base": "4.12.14-10.194.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.194.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.194.1",
            "dlm-kmp-rt": "4.12.14-10.194.1",
            "gfs2-kmp-rt": "4.12.14-10.194.1",
            "kernel-rt_debug": "4.12.14-10.194.1",
            "kernel-rt-devel": "4.12.14-10.194.1",
            "cluster-md-kmp-rt": "4.12.14-10.194.1",
            "kernel-rt_debug-devel": "4.12.14-10.194.1",
            "kernel-source-rt": "4.12.14-10.194.1",
            "kernel-rt": "4.12.14-10.194.1",
            "ocfs2-kmp-rt": "4.12.14-10.194.1",
            "kernel-syms-rt": "4.12.14-10.194.1",
            "kernel-rt-base": "4.12.14-10.194.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.194.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.194.1",
            "dlm-kmp-rt": "4.12.14-10.194.1",
            "gfs2-kmp-rt": "4.12.14-10.194.1",
            "kernel-rt_debug": "4.12.14-10.194.1",
            "kernel-rt-devel": "4.12.14-10.194.1",
            "cluster-md-kmp-rt": "4.12.14-10.194.1",
            "kernel-rt_debug-devel": "4.12.14-10.194.1",
            "kernel-source-rt": "4.12.14-10.194.1",
            "kernel-rt": "4.12.14-10.194.1",
            "ocfs2-kmp-rt": "4.12.14-10.194.1",
            "kernel-syms-rt": "4.12.14-10.194.1",
            "kernel-rt-base": "4.12.14-10.194.1"
        }
    ]
}