Main Vulnerability Database SB2024092793

SB2024092793 - SUSE update for the Linux Kernel

Published: September 27, 2024

Security Bulletin ID SB2024092793

Severity

Low

Patch available

YES

Number of vulnerabilities 8

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.

1) Out-of-bounds read (CVE-ID: CVE-2022-20368)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary condition within the packet_recvmsg() function in Linux kernel. A local user can trigger an out-of-bounds read error and potentially escalate privileges on the system.

2) Use-after-free (CVE-ID: CVE-2022-48791)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the pm8001_exec_internal_tmf_task() function in drivers/scsi/pm8001/pm8001_sas.c. A local user can escalate privileges on the system.

3) Memory leak (CVE-ID: CVE-2022-48839)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tpacket_rcv() and packet_recvmsg() functions in net/packet/af_packet.c. A local user can perform a denial of service (DoS) attack.

4) Use-after-free (CVE-ID: CVE-2022-48919)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the cifs_do_mount() function in fs/cifs/cifsfs.c. A local user can escalate privileges on the system.

5) Use-after-free (CVE-ID: CVE-2024-42232)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the delayed_work() and EXPORT_SYMBOL() functions in net/ceph/mon_client.c. A local user can escalate privileges on the system.

6) Improper locking (CVE-ID: CVE-2024-43882)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the bprm_fill_uid() function in fs/exec.c. A local user can perform a denial of service (DoS) attack.

7) Input validation error (CVE-ID: CVE-2024-43883)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the vhci_urb_enqueue(), vhci_shutdown_connection() and vhci_device_reset() functions in drivers/usb/usbip/vhci_hcd.c. A local user can perform a denial of service (DoS) attack.

8) Memory leak (CVE-ID: CVE-2024-44947)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the fuse_notify_store() function in fs/fuse/dev.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2024/suse-su-20243467-1/

Vulnerable Software

SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE: 11-SP4
SUSE Linux Enterprise Server 11: SP4
kernel-xen-base: before 3.0.101-108.162.1
kernel-default-devel: before 3.0.101-108.162.1
kernel-default-base: before 3.0.101-108.162.1
kernel-trace-devel: before 3.0.101-108.162.1
kernel-syms: before 3.0.101-108.162.1
kernel-ec2-devel: before 3.0.101-108.162.1
kernel-xen-devel: before 3.0.101-108.162.1
kernel-ec2-base: before 3.0.101-108.162.1
kernel-source: before 3.0.101-108.162.1
kernel-trace-base: before 3.0.101-108.162.1
kernel-ec2: before 3.0.101-108.162.1
kernel-trace: before 3.0.101-108.162.1
kernel-xen: before 3.0.101-108.162.1
kernel-default: before 3.0.101-108.162.1