SUSE-SU-2024:4038-1
- Source
- https://www.suse.com/support/update/announcement/2024/suse-su-20244038-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:4038-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2024:4038-1
- Related
- Published
- 2024-11-19T08:50:10Z
- Modified
- 2024-11-19T08:50:10Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47589: igbvf: fix double free in
igbvf_probe(bsc#1226557). - CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).
- CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673).
- CVE-2024-47757: nilfs2: fix potential oob read in nilfsbtreecheck_delete() (bsc#1232187).
- CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861).
The following non-security bugs were fixed:
- config: Disable NILFS2 (bsc#1232187)
- CVE-2021-47589: igbvf: fix double free in
- References
-
- https://www.suse.com/support/update/announcement/2024/suse-su-20244038-1/
- https://bugzilla.suse.com/1218562
- https://bugzilla.suse.com/1223016
- https://bugzilla.suse.com/1223384
- https://bugzilla.suse.com/1223824
- https://bugzilla.suse.com/1224526
- https://bugzilla.suse.com/1226557
- https://bugzilla.suse.com/1226848
- https://bugzilla.suse.com/1228743
- https://bugzilla.suse.com/1229454
- https://bugzilla.suse.com/1229456
- https://bugzilla.suse.com/1231673
- https://bugzilla.suse.com/1231861
- https://bugzilla.suse.com/1232097
- https://bugzilla.suse.com/1232187
- https://www.suse.com/security/cve/CVE-2021-47589
- https://www.suse.com/security/cve/CVE-2023-6270
- https://www.suse.com/security/cve/CVE-2024-26898
- https://www.suse.com/security/cve/CVE-2024-27043
- https://www.suse.com/security/cve/CVE-2024-35937
- https://www.suse.com/security/cve/CVE-2024-38599
- https://www.suse.com/security/cve/CVE-2024-42145
- https://www.suse.com/security/cve/CVE-2024-44947
- https://www.suse.com/security/cve/CVE-2024-47674
- https://www.suse.com/security/cve/CVE-2024-47757
- https://www.suse.com/security/cve/CVE-2024-49860
- https://www.suse.com/security/cve/CVE-2024-49982
Affected packages
SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-default
Package
- Name
- kernel-default
- Purl
- pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.168.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.168.1",
"kernel-ec2": "3.0.101-108.168.1",
"kernel-default": "3.0.101-108.168.1",
"kernel-source": "3.0.101-108.168.1",
"kernel-syms": "3.0.101-108.168.1",
"kernel-trace": "3.0.101-108.168.1",
"kernel-trace-devel": "3.0.101-108.168.1",
"kernel-ec2-devel": "3.0.101-108.168.1",
"kernel-ec2-base": "3.0.101-108.168.1",
"kernel-xen-devel": "3.0.101-108.168.1",
"kernel-xen-base": "3.0.101-108.168.1",
"kernel-trace-base": "3.0.101-108.168.1",
"kernel-xen": "3.0.101-108.168.1",
"kernel-default-devel": "3.0.101-108.168.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-ec2
Package
- Name
- kernel-ec2
- Purl
- pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.168.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.168.1",
"kernel-ec2": "3.0.101-108.168.1",
"kernel-default": "3.0.101-108.168.1",
"kernel-source": "3.0.101-108.168.1",
"kernel-syms": "3.0.101-108.168.1",
"kernel-trace": "3.0.101-108.168.1",
"kernel-trace-devel": "3.0.101-108.168.1",
"kernel-ec2-devel": "3.0.101-108.168.1",
"kernel-ec2-base": "3.0.101-108.168.1",
"kernel-xen-devel": "3.0.101-108.168.1",
"kernel-xen-base": "3.0.101-108.168.1",
"kernel-trace-base": "3.0.101-108.168.1",
"kernel-xen": "3.0.101-108.168.1",
"kernel-default-devel": "3.0.101-108.168.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-source
Package
- Name
- kernel-source
- Purl
- pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.168.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.168.1",
"kernel-ec2": "3.0.101-108.168.1",
"kernel-default": "3.0.101-108.168.1",
"kernel-source": "3.0.101-108.168.1",
"kernel-syms": "3.0.101-108.168.1",
"kernel-trace": "3.0.101-108.168.1",
"kernel-trace-devel": "3.0.101-108.168.1",
"kernel-ec2-devel": "3.0.101-108.168.1",
"kernel-ec2-base": "3.0.101-108.168.1",
"kernel-xen-devel": "3.0.101-108.168.1",
"kernel-xen-base": "3.0.101-108.168.1",
"kernel-trace-base": "3.0.101-108.168.1",
"kernel-xen": "3.0.101-108.168.1",
"kernel-default-devel": "3.0.101-108.168.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-syms
Package
- Name
- kernel-syms
- Purl
- pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.168.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.168.1",
"kernel-ec2": "3.0.101-108.168.1",
"kernel-default": "3.0.101-108.168.1",
"kernel-source": "3.0.101-108.168.1",
"kernel-syms": "3.0.101-108.168.1",
"kernel-trace": "3.0.101-108.168.1",
"kernel-trace-devel": "3.0.101-108.168.1",
"kernel-ec2-devel": "3.0.101-108.168.1",
"kernel-ec2-base": "3.0.101-108.168.1",
"kernel-xen-devel": "3.0.101-108.168.1",
"kernel-xen-base": "3.0.101-108.168.1",
"kernel-trace-base": "3.0.101-108.168.1",
"kernel-xen": "3.0.101-108.168.1",
"kernel-default-devel": "3.0.101-108.168.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-trace
Package
- Name
- kernel-trace
- Purl
- pkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.168.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.168.1",
"kernel-ec2": "3.0.101-108.168.1",
"kernel-default": "3.0.101-108.168.1",
"kernel-source": "3.0.101-108.168.1",
"kernel-syms": "3.0.101-108.168.1",
"kernel-trace": "3.0.101-108.168.1",
"kernel-trace-devel": "3.0.101-108.168.1",
"kernel-ec2-devel": "3.0.101-108.168.1",
"kernel-ec2-base": "3.0.101-108.168.1",
"kernel-xen-devel": "3.0.101-108.168.1",
"kernel-xen-base": "3.0.101-108.168.1",
"kernel-trace-base": "3.0.101-108.168.1",
"kernel-xen": "3.0.101-108.168.1",
"kernel-default-devel": "3.0.101-108.168.1"
}
]
}
SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE / kernel-xen
Package
- Name
- kernel-xen
- Purl
- pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.101-108.168.1
Ecosystem specific
{
"binaries": [
{
"kernel-default-base": "3.0.101-108.168.1",
"kernel-ec2": "3.0.101-108.168.1",
"kernel-default": "3.0.101-108.168.1",
"kernel-source": "3.0.101-108.168.1",
"kernel-syms": "3.0.101-108.168.1",
"kernel-trace": "3.0.101-108.168.1",
"kernel-trace-devel": "3.0.101-108.168.1",
"kernel-ec2-devel": "3.0.101-108.168.1",
"kernel-ec2-base": "3.0.101-108.168.1",
"kernel-xen-devel": "3.0.101-108.168.1",
"kernel-xen-base": "3.0.101-108.168.1",
"kernel-trace-base": "3.0.101-108.168.1",
"kernel-xen": "3.0.101-108.168.1",
"kernel-default-devel": "3.0.101-108.168.1"
}
]
}