SUSE-SU-2024:3694-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE-SU-2024:3375-1 Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: - CVE-2023-52846: Prevent use after free in prpcreatetaggedframe bsc1225099. - CVE-2022-48662: Fixed a general protection fault GPF in i915perfopenioctl bsc1223521. - CVE-2024-3581...

SUSE SLES12 Security Update : kernel (Live Patch 45 for SLE 12 SP5) (SUSE-SU-2024:2818-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2818-1 advisory. This update for the Linux Kernel 4.12.14-122165 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed...

SUSE SLES12 / SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP5) (SUSE-SU-2024:2827-1)

The remote SUSE Linux SLES12 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2827-1 advisory. This update for the Linux Kernel 4.12.14-122176 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixe...

SUSE-SU-2024:2843-1 Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005559 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed use-after-free bug caused by scosocktimeout bsc1225013. - CVE-2024-35950: drm/client: Fully protect modes with dev-modeconfig.mutex bsc1225310. -...

SUSE SLES15 Security Update : kernel (Live Patch 43 for SLE 15 SP2) (SUSE-SU-2024:2760-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2760-1 advisory. This update for the Linux Kernel 5.3.18-15020024172 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed...

SUSE-SU-2024:2793-1 Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059138 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed use-after-free bug caused by scosocktimeout bsc1225013. - CVE-2024-35950: drm/client: Fully protect modes with dev-modeconfig.mutex bsc1225310...

SUSE SLES15 Security Update : kernel (Live Patch 44 for SLE 15 SP2) (SUSE-SU-2024:2734-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2734-1 advisory. This update for the Linux Kernel 5.14.21-1505001311 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed...

SUSE SLES15 Security Update : kernel RT (Live Patch 7 for SLE 15 SP5) (SUSE-SU-2024:2724-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2724-1 advisory. This update for the Linux Kernel 5.14.21-1505001324 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed...

SUSE-SU-2024:2760-1 Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024172 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed use-after-free bug caused by scosocktimeout bsc1225013. - CVE-2024-35950: drm/client: Fully protect modes with dev-modeconfig.mutex bsc1225310...

SUSE-SU-2024:2750-1 Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001318 fixes several issues. The following security issues were fixed: - CVE-2024-27398: Fixed use-after-free bug caused by scosocktimeout bsc1225013. - CVE-2024-35950: drm/client: Fully protect modes with dev-modeconfig.mutex bsc1225310...

CVE-2024-35950 drm/client: Fully protect modes[] with dev->mode_config.mutex

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes with dev-modeconfig.mutex The modes array contains pointers to modes on the connectors' mode lists, which are protected by dev-modeconfig.mutex. Thus we need to extend modes the same protection or ...

CVE-2024-35950

CVE-2024-35950 concerns a Linux kernel DRM issue where the modes[] array (points to connectors’ mode list entries) was not protected by the same mutex as mode_config, risking use-after-free if elements reference freed memory. The fix extends protection to modes[] via dev->mode_config.mutex, ad...

CVE-2024-35950 drm/client: Fully protect modes[] with dev->mode_config.mutex

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fully protect modes with dev-modeconfig.mutex The modes array contains pointers to modes on the connectors' mode lists, which are protected by dev-modeconfig.mutex. Thus we need to extend modes the same protection or ...