GoogleOSV:SUSE-SU-2024:2549-1Security update for the Linux Kernel (Live Patch 49 for SLE 12 SP5)
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
This update for the Linux Kernel 4.12.14-122_179 fixes several issues.
The following security issues were fixed:
- CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683).
- CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145).
References
bugzilla.suse.com/1220145
bugzilla.suse.com/1223363
bugzilla.suse.com/1223681
bugzilla.suse.com/1223683
bugzilla.suse.com/1225211
www.suse.com/security/cve/CVE-2021-47383
www.suse.com/security/cve/CVE-2024-23307
www.suse.com/security/cve/CVE-2024-26828
www.suse.com/security/cve/CVE-2024-26923
www.suse.com/security/cve/CVE-2024-26930
www.suse.com/support/update/announcement/2024/suse-su-20242549-1/
Related
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low