GoogleOSV:SUSE-SU-2024:2473-1Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues.
The following security issues were fixed:
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059).
- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514).
References
bugzilla.suse.com/1221302
bugzilla.suse.com/1223059
bugzilla.suse.com/1223363
bugzilla.suse.com/1223514
bugzilla.suse.com/1223683
www.suse.com/security/cve/CVE-2022-48651
www.suse.com/security/cve/CVE-2024-26610
www.suse.com/security/cve/CVE-2024-26828
www.suse.com/security/cve/CVE-2024-26852
www.suse.com/security/cve/CVE-2024-26923
www.suse.com/support/update/announcement/2024/suse-su-20242473-1/
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low