SB2024100865 - SUSE update for the Linux Kernel

Description

This security bulletin contains information about 10 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2022-48911)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nf_queue_entry_dup() function in net/netfilter/nfnetlink_queue.c, within the nf_queue_entry_release_refs(), nf_queue_entry_get_refs() and __nf_queue() functions in net/netfilter/nf_queue.c. A local user can escalate privileges on the system.

2) Buffer overflow (CVE-ID: CVE-2022-48923)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the lzo_decompress_bio() function in fs/btrfs/lzo.c. A local user can perform a denial of service (DoS) attack.

3) Input validation error (CVE-ID: CVE-2022-48944)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the tg_nop(), sched_fork(), sched_post_fork(), set_user_nice(), __setscheduler_params() and sched_init() functions in kernel/sched/core.c, within the copy_process() function in kernel/fork.c. A local user can perform a denial of service (DoS) attack.

4) Buffer overflow (CVE-ID: CVE-2022-48945)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the vivid_vid_cap_s_selection() function in drivers/media/platform/vivid/vivid-vid-cap.c. A local user can escalate privileges on the system.

5) Double free (CVE-ID: CVE-2024-41087)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the ata_host_alloc() function in drivers/ata/libata-core.c. A local user can perform a denial of service (DoS) attack.

6) Out-of-bounds read (CVE-ID: CVE-2024-42301)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_active_device(), do_autoprobe(), do_hardware_base_addr(), do_hardware_irq(), do_hardware_dma() and do_hardware_modes() functions in drivers/parport/procfs.c. A local user can perform a denial of service (DoS) attack.

7) Use-after-free (CVE-ID: CVE-2024-44946)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the kcm_sendmsg(), KCM_STATS_ADD(), sk->sk_write_space() and init_kcm_sock() functions in net/kcm/kcmsock.c. A local user can escalate privileges on the system.

8) Improper Initialization (CVE-ID: CVE-2024-45021)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper initialization within the memcg_write_event_control() function in mm/memcontrol.c. A local user can perform a denial of service (DoS) attack.

9) Use-after-free (CVE-ID: CVE-2024-46674)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the st_dwc3_probe() and reset_control_assert() functions in drivers/usb/dwc3/dwc3-st.c. A local user can escalate privileges on the system.

10) Buffer overflow (CVE-ID: CVE-2024-46774)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the SYSCALL_DEFINE1() function in arch/powerpc/kernel/rtas.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://www.suse.com/support/update/announcement/2024/suse-su-20243547-1/