SUSE-SU-2024:3702-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. - CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails...

SUSE-SU-2024:3697-1 Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005552 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE-SU-2024:3694-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005549 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE-SU-2024:3631-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. - CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfochangednotify bsc1225739. -...

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP6) (SUSE-SU-2024:3468-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3468-1 advisory. This update for the Linux Kernel 6.4.0-150600235 fixes several issues. The following security issues were fixed: - CVE-2024-40909: Fix a...

SUSE-SU-2024:3361-1 Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001311 fixes several issues. The following security issues were fixed: - CVE-2023-52846: Prevent use after free in prpcreatetaggedframe bsc1225099. - CVE-2022-48662: Fixed a general protection fault GPF in i915perfopenioctl bsc1223521. - CVE-2022-48662...

SUSE SLES15 Security Update : kernel (Live Patch 15 for SLE 15 SP5) (SUSE-SU-2024:3350-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3350-1 advisory. This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: - CVE-2024-40909: Fix a...

SUSE-SU-2024:3350-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005568 fixes several issues. The following security issues were fixed: - CVE-2024-40909: Fix a potential use-after-free in bpflinkfree bsc1228349. - CVE-2023-52846: Prevent use after free in prpcreatetaggedframe bsc1225099. - CVE-2024-26923: Fixed...

CVE-2023-52846

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to f...

CVE-2023-52846

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to f...

CVE-2023-52846 hsr: Prevent use after free in prp_create_tagged_frame()

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to f...

CVE-2023-52846 hsr: Prevent use after free in prp_create_tagged_frame()

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to f...

CVE-2023-52846

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prpcreatetaggedframe The prpfillrct function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to f...

CVE-2023-52846

The CVE-2023-52846 entry concerns a Linux kernel use-after-free in hsr's prp_create_tagged_frame, where prp_fill_rct() may fail and free the skb while the successful path returns the original skb. Impact is described as high for confidentiality, integrity, and availability with local access prere...