Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:SUSE-SU-2024:2120-1
HistoryJun 21, 2024 - 9:33 a.m.

Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2)

2024-06-2109:33:48
Google
osv.dev
1
linux kernel
security update
sle 15 sp2
cve-2021-46955
cve-2024-26852
cve-2022-48651
cve-2023-6546
cve-2023-6531
cve-2023-1829

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8

Confidence

High

JSON

This update for the Linux Kernel 5.3.18-150200_24_183 fixes several issues.

The following security issues were fixed:

  • CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537).
  • CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
  • CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
  • CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685).
  • CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector’s deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487).
  • CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619).

Related

nessus 88
osv 54
redhatcve 6
debiancve 6
prion 4
f5 2
ubuntucve 5
cvelist 6
nvd 5
vulnrichment 3
cve 6
cbl_mariner 3
redhat 5
zdi 2
openvas 3
ubuntu 1
nessus
nessus
SUSE SLES15 Security Update : kernel (Live Patch 46 for SLE 15 SP2) (SUSE-SU-2024:2120-1)
2024-06-22 00:00:00
SUSE SLES12 Security Update : kernel (Live Patch 54 for SLE 12 SP5) (SUSE-SU-2024:2130-1)
2024-06-22 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 42 for SLE 15 SP3) (SUSE-SU-2024:2148-1)
2024-06-22 00:00:00
osv
osv
Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)
2024-06-21 10:34:24
Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)
2024-06-21 09:33:58
Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)
2024-06-21 13:33:56
redhatcve
redhatcve
CVE-2021-46955
2024-02-28 03:34:19
CVE-2022-48651
2024-04-29 16:05:30
CVE-2024-26852
2024-04-17 19:54:00
debiancve
debiancve
CVE-2021-46955
2024-02-27 19:04:06
CVE-2022-48651
2024-04-28 13:15:07
CVE-2024-26852
2024-04-17 11:15:08
prion
prion
Design/Logic Flaw
2024-02-27 19:04:00
Design/Logic Flaw
2024-01-21 10:15:00
Race condition
2023-12-21 20:15:00
f5
f5
K000139876: Linux kernel vulnerability CVE-2021-46955
2024-06-03 00:00:00
K000137584 : Linux kernel vulnerability CVE-2023-1829
2023-11-15 00:00:00
ubuntucve
ubuntucve
CVE-2021-46955
2024-02-27 00:00:00
CVE-2022-48651
2024-04-28 00:00:00
CVE-2024-26852
2024-04-17 00:00:00
cvelist
cvelist
CVE-2021-46955 openvswitch: fix stack OOB read while fragmenting IPv4 packets
2024-02-27 18:46:57
CVE-2022-48651 ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
2024-04-28 13:00:42
CVE-2024-26852 net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
2024-04-17 10:17:15
nvd
nvd
CVE-2021-46955
2024-02-27 19:04:06
CVE-2022-48651
2024-04-28 13:15:07
CVE-2024-26852
2024-04-17 11:15:08
vulnrichment
vulnrichment
CVE-2021-46955 openvswitch: fix stack OOB read while fragmenting IPv4 packets
2024-02-27 18:46:57
CVE-2022-48651 ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
2024-04-28 13:00:42
CVE-2024-26852 net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
2024-04-17 10:17:15
cve
cve
CVE-2021-46955
2024-02-27 19:04:06
CVE-2022-48651
2024-04-28 13:15:07
CVE-2024-26852
2024-04-17 11:15:08
cbl_mariner
cbl_mariner
CVE-2023-6531 affecting package kernel for versions less than 5.15.148.2-2
2024-02-25 03:00:06
CVE-2023-6531 affecting package kernel for versions less than 6.6.35.1-4
2024-08-14 20:43:58
CVE-2023-6546 affecting package kernel for versions less than 5.15.148.1-1
2024-02-25 03:00:06
redhat
redhat
(RHSA-2024:4970) Important: kpatch-patch-4_18_0-305_120_1 security update
2024-08-01 07:42:26
(RHSA-2024:1612) Important: kpatch-patch security update
2024-04-02 15:31:44
(RHSA-2024:0937) Important: kpatch-patch security update
2024-02-22 02:57:41
zdi
zdi
Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability
2024-01-09 00:00:00
(Pwn2Own) Canonical Ubuntu tcindex Double-Free Local Privilege Escalation Vulnerability
2023-07-06 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6047-1)
2023-04-28 00:00:00
Ubuntu: Security Advisory (USN-6069-1)
2023-05-11 00:00:00
Ubuntu: Security Advisory (USN-6052-1)
2023-05-02 00:00:00
ubuntu
ubuntu
Linux kernel vulnerability
2023-04-27 00:00:00

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8

Confidence

High

JSON
Related for OSV:SUSE-SU-2024:2120-1
nessus88osv54redhatcve6debiancve6prion4f52ubuntucve5cvelist6nvd5vulnrichment3cve6cbl_mariner3redhat5zdi2openvas3ubuntu1