Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 CVE-2024-47684: tcp: check skb is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...

octeon_ep: Add SKB allocation failures handling in __octep_oq_process_rx()

...

net: vertexcom: mse102x: Fix possible double free of TX skb

...

vsock: Update rx_bytes on read_skb()

...

USN-7230-2 frr vulnerabilities

Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2024-44070 It was discovered that FRR re-validated all routes in...

UBUNTU-CVE-2024-57902

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangettci vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangettci to not touch skb at all, so that it can be used from many cpus on the same skb. Add a const qualifier...

CVE-2024-57902 af_packet: fix vlan_get_tci() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangettci vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangettci to not touch skb at all, so that it can be used from many cpus on the same skb. Add a const qualifier...

SUSE CVE-2024-56639

In the Linux kernel, the following vulnerability has been resolved: net: hsr: must allocate more bytes for RedBox support Blamed commit forgot to change hsrinitskb to allocate larger skb for RedBox case. Indeed, sendhsrsupervisionframe will add two additional components struct hsrsuptlv and struc...

DEBIAN-CVE-2024-56372

In the Linux kernel, the following vulnerability has been resolved: net: tun: fix tunnapiallocfrags syzbot reported the following crash 1 Issue came with the blamed commit. Instead of going through all the iov components, we keep using the first one and end up with a malformed skb. 1 kernel BUG a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a tx skb reference count contention condition in the oatc6 driver, which could lead to packet loss and memor...

SUSE CVE-2024-56648

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...

SUSE CVE-2024-56653

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: avoid UAF in btmtkprocesscoredump hcidevcdappend may lead to the release of the skb, so it cannot be accessed once it is called. ================================================================== BUG: KASAN:...

SUSE CVE-2024-56645

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...

AZL-55115 CVE-2024-55553 affecting package frr for versions less than 8.5.5-3

In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than th...

UBUNTU-CVE-2024-55553

In FRRouting FRR before 10.3 from 6.0 onward, all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size, default 4K on most OSes. An attacker can use this to trigger re-parsing of the RIB for FRR routers using RTR by causing more than th...

CVE-2024-56719 net: stmmac: fix TSO DMA API usage causing oops

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 "net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data" moved the assignment of txskbuffdma's members to be later in stmmactsoxmit. The buf dma...

SUSE CVE-2024-56541

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix use-after-free in ath12kdpcccleanup During ath12k module removal, in ath12kcoredeinit, ath12kmacdestroy un-registers ah-hw from mac80211 and frees the ah-hw as well as all the ar's in it. After this...

DEBIAN-CVE-2024-56659

In the Linux kernel, the following vulnerability has been resolved: net: lapb: increase LAPBHEADERLEN It is unclear if net/lapb code is supposed to be ready for 8021q. We can at least avoid crashes like the following : skbuff: skbunderpanic: text:ffffffff8aabe1f6 len:24 put:20 head:ffff88802824a4...

AZL-54794 CVE-2024-56659 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: net: lapb: increase LAPBHEADERLEN It is unclear if net/lapb code is supposed to be ready for 8021q. We can at least avoid crashes like the following : skbuff: skbunderpanic: text:ffffffff8aabe1f6 len:24 put:20 head:ffff88802824a4...