GoogleOSV:SUSE-SU-2024:2183-1Security update for the Linux Kernel
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47497: Fixed shift-out-of-bound (UBSAN) with byte size cells (bsc#1225355).
- CVE-2021-47500: Fixed trigger reference couting (bsc#1225360).
- CVE-2021-47383: Fiedx out-of-bound vmalloc access in imageblit (bsc#1225208).
- CVE-2021-47511: Fixed negative period/buffer sizes (bsc#1225411).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
- CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
- CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420).
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
- CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225201).
- CVE-2021-47496: Fix flipped sign in tls_err_abort() calls (bsc#1225354)
- CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301)
- CVE-2022-48673: kABI workarounds for struct smc_link (bsc#1223934).
- CVE-2023-52871: Handle a second device without data corruption (bsc#1225534)
- CVE-2024-26828: Fix underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-27413: Fix incorrect allocation size (bsc#1224438).
- CVE-2023-52840: Fix use after free in rmi_unregister_function() (bsc#1224928).
- CVE-2021-47261: Fix initializing CQ fragments buffer (bsc#1224954)
- CVE-2021-47254: Fix use-after-free in gfs2_glock_shrink_scan (bsc#1224888).
- CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).
- CVE-2023-52686: Fix a null pointer in opal_event_init() (bsc#1065729).
The following non-security bugs were fixed:
- NFC: nxp: add NXP1002 (bsc#1185589).
- PCI: rpaphp: Add MODULE_DESCRIPTION (bsc#1176869 ltc#188243).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
- btrfs: do not start relocation until in progress drops are done (bsc#1222251).
- md: Replace snprintf with scnprintf (git-fixes).
- netfilter: nf_tables: GC transaction race with abort path (git-fixes).
- netfilter: nf_tables: GC transaction race with netns dismantle (git-fixes).
- netfilter: nf_tables: defer gc run if previous batch is still pending (git-fixes).
- netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path (git-fixes).
- netfilter: nf_tables: fix kdoc warnings after gc rework (git-fixes).
- netfilter: nf_tables: fix memleak when more than 255 elements expired (git-fixes).
- netfilter: nf_tables: mark newset as dead on transaction abort (git-fixes).
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (git-fixes).
- netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure (git-fixes).
- netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path (git-fixes).
- netfilter: nf_tables: skip dead set elements in netlink dump (git-fixes).
- netfilter: nf_tables: use correct lock to protect gc_list (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_rbtree: Add missing expired checks (git-fixes).
- netfilter: nft_set_rbtree: Detect partial overlap with start endpoint match (git-fixes).
- netfilter: nft_set_rbtree: Detect partial overlaps on insertion (git-fixes).
- netfilter: nft_set_rbtree: Do not account for expired elements on insertion (git-fixes).
- netfilter: nft_set_rbtree: Drop spurious condition for overlap detection on insertion (git-fixes).
- netfilter: nft_set_rbtree: Handle outcomes of tree rotations in overlap detection (git-fixes).
- netfilter: nft_set_rbtree: Introduce and use nft_rbtree_interval_start() (git-fixes).
- netfilter: nft_set_rbtree: Switch to node list walk for overlap detection (git-fixes).
- netfilter: nft_set_rbtree: bogus lookup/get on consecutive elements in named sets (git-fixes).
- netfilter: nft_set_rbtree: fix null deref on element insertion (git-fixes).
- netfilter: nft_set_rbtree: fix overlap expiration walk (git-fixes).
- netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion (git-fixes).
- netfilter: nft_set_rbtree: skip elements in transaction from garbage collection (git-fixes).
- netfilter: nft_set_rbtree: skip end interval element from gc (git-fixes).
- netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction (git-fixes).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).
- x86/pkeys: Revert a5eff7259790 (‘x86/pkeys: Add PKRU value to init_fpstate’) (bsc#1215356).
References
bugzilla.suse.com/1065729
bugzilla.suse.com/1151927
bugzilla.suse.com/1154353
bugzilla.suse.com/1156395
bugzilla.suse.com/1174585
bugzilla.suse.com/1176869
bugzilla.suse.com/1184631
bugzilla.suse.com/1185589
bugzilla.suse.com/1185902
bugzilla.suse.com/1188616
bugzilla.suse.com/1188772
bugzilla.suse.com/1189883
bugzilla.suse.com/1190795
bugzilla.suse.com/1191452
bugzilla.suse.com/1192107
bugzilla.suse.com/1194288
bugzilla.suse.com/1196956
bugzilla.suse.com/1200619
bugzilla.suse.com/1208813
bugzilla.suse.com/1209657
bugzilla.suse.com/1210335
bugzilla.suse.com/1210629
bugzilla.suse.com/1215356
bugzilla.suse.com/1215420
bugzilla.suse.com/1216702
bugzilla.suse.com/1217169
bugzilla.suse.com/1220137
bugzilla.suse.com/1220144
bugzilla.suse.com/1220754
bugzilla.suse.com/1220877
bugzilla.suse.com/1220960
bugzilla.suse.com/1221044
bugzilla.suse.com/1221829
bugzilla.suse.com/1222251
bugzilla.suse.com/1222619
bugzilla.suse.com/1223084
bugzilla.suse.com/1223384
bugzilla.suse.com/1223390
bugzilla.suse.com/1223934
bugzilla.suse.com/1224099
bugzilla.suse.com/1224174
bugzilla.suse.com/1224438
bugzilla.suse.com/1224482
bugzilla.suse.com/1224511
bugzilla.suse.com/1224592
bugzilla.suse.com/1224831
bugzilla.suse.com/1224832
bugzilla.suse.com/1224834
bugzilla.suse.com/1224841
bugzilla.suse.com/1224843
bugzilla.suse.com/1224846
bugzilla.suse.com/1224849
bugzilla.suse.com/1224854
bugzilla.suse.com/1224859
bugzilla.suse.com/1224882
bugzilla.suse.com/1224888
bugzilla.suse.com/1224889
bugzilla.suse.com/1224891
bugzilla.suse.com/1224892
bugzilla.suse.com/1224893
bugzilla.suse.com/1224904
bugzilla.suse.com/1224907
bugzilla.suse.com/1224909
bugzilla.suse.com/1224916
bugzilla.suse.com/1224917
bugzilla.suse.com/1224922
bugzilla.suse.com/1224923
bugzilla.suse.com/1224924
bugzilla.suse.com/1224928
bugzilla.suse.com/1224953
bugzilla.suse.com/1224954
bugzilla.suse.com/1224961
bugzilla.suse.com/1224963
bugzilla.suse.com/1224965
bugzilla.suse.com/1224966
bugzilla.suse.com/1224968
bugzilla.suse.com/1224981
bugzilla.suse.com/1224982
bugzilla.suse.com/1224984
bugzilla.suse.com/1224987
bugzilla.suse.com/1224990
bugzilla.suse.com/1224993
bugzilla.suse.com/1224996
bugzilla.suse.com/1224997
bugzilla.suse.com/1225026
bugzilla.suse.com/1225030
bugzilla.suse.com/1225058
bugzilla.suse.com/1225060
bugzilla.suse.com/1225084
bugzilla.suse.com/1225091
bugzilla.suse.com/1225112
bugzilla.suse.com/1225113
bugzilla.suse.com/1225140
bugzilla.suse.com/1225143
bugzilla.suse.com/1225164
bugzilla.suse.com/1225177
bugzilla.suse.com/1225181
bugzilla.suse.com/1225192
bugzilla.suse.com/1225193
bugzilla.suse.com/1225201
bugzilla.suse.com/1225206
bugzilla.suse.com/1225207
bugzilla.suse.com/1225208
bugzilla.suse.com/1225214
bugzilla.suse.com/1225223
bugzilla.suse.com/1225224
bugzilla.suse.com/1225232
bugzilla.suse.com/1225238
bugzilla.suse.com/1225244
bugzilla.suse.com/1225251
bugzilla.suse.com/1225256
bugzilla.suse.com/1225261
bugzilla.suse.com/1225262
bugzilla.suse.com/1225263
bugzilla.suse.com/1225301
bugzilla.suse.com/1225303
bugzilla.suse.com/1225318
bugzilla.suse.com/1225321
bugzilla.suse.com/1225326
bugzilla.suse.com/1225327
bugzilla.suse.com/1225328
bugzilla.suse.com/1225336
bugzilla.suse.com/1225341
bugzilla.suse.com/1225346
bugzilla.suse.com/1225351
bugzilla.suse.com/1225354
bugzilla.suse.com/1225355
bugzilla.suse.com/1225360
bugzilla.suse.com/1225366
bugzilla.suse.com/1225367
bugzilla.suse.com/1225384
bugzilla.suse.com/1225390
bugzilla.suse.com/1225393
bugzilla.suse.com/1225400
bugzilla.suse.com/1225404
bugzilla.suse.com/1225411
bugzilla.suse.com/1225427
bugzilla.suse.com/1225437
bugzilla.suse.com/1225448
bugzilla.suse.com/1225453
bugzilla.suse.com/1225455
bugzilla.suse.com/1225499
bugzilla.suse.com/1225500
bugzilla.suse.com/1225534
www.suse.com/security/cve/CVE-2021-3743
www.suse.com/security/cve/CVE-2021-39698
www.suse.com/security/cve/CVE-2021-43056
www.suse.com/security/cve/CVE-2021-43527
www.suse.com/security/cve/CVE-2021-47104
www.suse.com/security/cve/CVE-2021-47220
www.suse.com/security/cve/CVE-2021-47229
www.suse.com/security/cve/CVE-2021-47231
www.suse.com/security/cve/CVE-2021-47236
www.suse.com/security/cve/CVE-2021-47239
www.suse.com/security/cve/CVE-2021-47240
www.suse.com/security/cve/CVE-2021-47246
www.suse.com/security/cve/CVE-2021-47252
www.suse.com/security/cve/CVE-2021-47254
www.suse.com/security/cve/CVE-2021-47255
www.suse.com/security/cve/CVE-2021-47259
www.suse.com/security/cve/CVE-2021-47260
www.suse.com/security/cve/CVE-2021-47261
www.suse.com/security/cve/CVE-2021-47267
www.suse.com/security/cve/CVE-2021-47269
www.suse.com/security/cve/CVE-2021-47270
www.suse.com/security/cve/CVE-2021-47274
www.suse.com/security/cve/CVE-2021-47275
www.suse.com/security/cve/CVE-2021-47276
www.suse.com/security/cve/CVE-2021-47280
www.suse.com/security/cve/CVE-2021-47284
www.suse.com/security/cve/CVE-2021-47285
www.suse.com/security/cve/CVE-2021-47288
www.suse.com/security/cve/CVE-2021-47289
www.suse.com/security/cve/CVE-2021-47296
www.suse.com/security/cve/CVE-2021-47301
www.suse.com/security/cve/CVE-2021-47302
www.suse.com/security/cve/CVE-2021-47305
www.suse.com/security/cve/CVE-2021-47307
www.suse.com/security/cve/CVE-2021-47308
www.suse.com/security/cve/CVE-2021-47314
www.suse.com/security/cve/CVE-2021-47315
www.suse.com/security/cve/CVE-2021-47320
www.suse.com/security/cve/CVE-2021-47321
www.suse.com/security/cve/CVE-2021-47323
www.suse.com/security/cve/CVE-2021-47324
www.suse.com/security/cve/CVE-2021-47330
www.suse.com/security/cve/CVE-2021-47332
www.suse.com/security/cve/CVE-2021-47333
www.suse.com/security/cve/CVE-2021-47334
www.suse.com/security/cve/CVE-2021-47338
www.suse.com/security/cve/CVE-2021-47341
www.suse.com/security/cve/CVE-2021-47344
www.suse.com/security/cve/CVE-2021-47347
www.suse.com/security/cve/CVE-2021-47350
www.suse.com/security/cve/CVE-2021-47354
www.suse.com/security/cve/CVE-2021-47356
www.suse.com/security/cve/CVE-2021-47369
www.suse.com/security/cve/CVE-2021-47375
www.suse.com/security/cve/CVE-2021-47378
www.suse.com/security/cve/CVE-2021-47381
www.suse.com/security/cve/CVE-2021-47382
www.suse.com/security/cve/CVE-2021-47383
www.suse.com/security/cve/CVE-2021-47388
www.suse.com/security/cve/CVE-2021-47391
www.suse.com/security/cve/CVE-2021-47393
www.suse.com/security/cve/CVE-2021-47395
www.suse.com/security/cve/CVE-2021-47396
www.suse.com/security/cve/CVE-2021-47399
www.suse.com/security/cve/CVE-2021-47402
www.suse.com/security/cve/CVE-2021-47404
www.suse.com/security/cve/CVE-2021-47405
www.suse.com/security/cve/CVE-2021-47416
www.suse.com/security/cve/CVE-2021-47423
www.suse.com/security/cve/CVE-2021-47424
www.suse.com/security/cve/CVE-2021-47425
www.suse.com/security/cve/CVE-2021-47431
www.suse.com/security/cve/CVE-2021-47434
www.suse.com/security/cve/CVE-2021-47436
www.suse.com/security/cve/CVE-2021-47441
www.suse.com/security/cve/CVE-2021-47442
www.suse.com/security/cve/CVE-2021-47443
www.suse.com/security/cve/CVE-2021-47445
www.suse.com/security/cve/CVE-2021-47456
www.suse.com/security/cve/CVE-2021-47460
www.suse.com/security/cve/CVE-2021-47464
www.suse.com/security/cve/CVE-2021-47465
www.suse.com/security/cve/CVE-2021-47468
www.suse.com/security/cve/CVE-2021-47473
www.suse.com/security/cve/CVE-2021-47482
www.suse.com/security/cve/CVE-2021-47483
www.suse.com/security/cve/CVE-2021-47485
www.suse.com/security/cve/CVE-2021-47495
www.suse.com/security/cve/CVE-2021-47496
www.suse.com/security/cve/CVE-2021-47497
www.suse.com/security/cve/CVE-2021-47500
www.suse.com/security/cve/CVE-2021-47505
www.suse.com/security/cve/CVE-2021-47506
www.suse.com/security/cve/CVE-2021-47511
www.suse.com/security/cve/CVE-2021-47516
www.suse.com/security/cve/CVE-2021-47522
www.suse.com/security/cve/CVE-2021-47538
www.suse.com/security/cve/CVE-2021-47541
www.suse.com/security/cve/CVE-2021-47542
www.suse.com/security/cve/CVE-2021-47562
www.suse.com/security/cve/CVE-2021-47563
www.suse.com/security/cve/CVE-2021-47565
www.suse.com/security/cve/CVE-2022-20132
www.suse.com/security/cve/CVE-2022-48673
www.suse.com/security/cve/CVE-2023-0160
www.suse.com/security/cve/CVE-2023-1829
www.suse.com/security/cve/CVE-2023-2176
www.suse.com/security/cve/CVE-2023-4244
www.suse.com/security/cve/CVE-2023-47233
www.suse.com/security/cve/CVE-2023-52433
www.suse.com/security/cve/CVE-2023-52581
www.suse.com/security/cve/CVE-2023-52591
www.suse.com/security/cve/CVE-2023-52654
www.suse.com/security/cve/CVE-2023-52655
www.suse.com/security/cve/CVE-2023-52686
www.suse.com/security/cve/CVE-2023-52840
www.suse.com/security/cve/CVE-2023-52871
www.suse.com/security/cve/CVE-2023-52880
www.suse.com/security/cve/CVE-2023-6531
www.suse.com/security/cve/CVE-2024-26581
www.suse.com/security/cve/CVE-2024-26643
www.suse.com/security/cve/CVE-2024-26828
www.suse.com/security/cve/CVE-2024-26925
www.suse.com/security/cve/CVE-2024-26929
www.suse.com/security/cve/CVE-2024-26930
www.suse.com/security/cve/CVE-2024-27398
www.suse.com/security/cve/CVE-2024-27413
www.suse.com/security/cve/CVE-2024-35811
www.suse.com/security/cve/CVE-2024-35895
www.suse.com/security/cve/CVE-2024-35914
www.suse.com/support/update/announcement/2024/suse-su-20242183-1/
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High