SUSE-SU-2025:0263-1
- Source
- https://www.suse.com/support/update/announcement/2025/suse-su-20250263-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:0263-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:0263-1
- Related
- Published
- 2025-01-27T14:33:31Z
- Modified
- 2025-01-27T14:33:31Z
- Summary
- Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)
- Details
-
This update for the Linux Kernel 6.4.0-150600_21 fixes several issues.
The following security issues were fixed:
- CVE-2024-40921: net: bridge: mst: pass vlan group directly to brmstvlansetstate (bsc#1227784).
- CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in brmstset_state (bsc#1227781).
- CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369).
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefileswithdrawcookie() (bsc#1229275).
- CVE-2024-27029: drm/amdgpu: fix mmhub client id out-of-bounds access Properly handle cid 0x140 (bsc#1226184).
- CVE-2024-36971: Fixed _dstnegative_advice() race (bsc#1226324).
- References
-
- https://www.suse.com/support/update/announcement/2025/suse-su-20250263-1/
- https://bugzilla.suse.com/1226184
- https://bugzilla.suse.com/1226324
- https://bugzilla.suse.com/1227369
- https://bugzilla.suse.com/1227781
- https://bugzilla.suse.com/1227784
- https://bugzilla.suse.com/1229275
- https://www.suse.com/security/cve/CVE-2024-27029
- https://www.suse.com/security/cve/CVE-2024-36971
- https://www.suse.com/security/cve/CVE-2024-36979
- https://www.suse.com/security/cve/CVE-2024-40920
- https://www.suse.com/security/cve/CVE-2024-40921
- https://www.suse.com/security/cve/CVE-2024-41057