SB2024120393 - SUSE update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)
Published: December 3, 2024 Updated: March 14, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 34 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2021-47517)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ethnl_ops_begin() function in net/ethtool/netlink.h. A local user can escalate privileges on the system.
2) Use-after-free (CVE-ID: CVE-2021-47598)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cake_init() function in net/sched/sch_cake.c. A local user can escalate privileges on the system.
3) Out-of-bounds read (CVE-ID: CVE-2022-48651)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in drivers/net/ipvlan/ipvlan_core.c. A remote attacker on the local network can send specially crafted packets to the system, trigger an out-of-bounds read error and read contents of memory on the system.
4) Resource management error (CVE-ID: CVE-2022-48662)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to resource management error within the i915_gem_context_release() and context_close() functions in drivers/gpu/drm/i915/gem/i915_gem_context.c. A local user can execute arbitrary code.
5) Resource exhaustion (CVE-ID: CVE-2023-52340)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when processing very large ICMPv6 packets. A remote attacker can send a flood of IPv6 ICMP6 PTB messages, cause the high lock contention and increased CPU usage, leading to a denial of service.
Successful vulnerability exploitation requires a attacker to be on the local network or have a high bandwidth connection.
6) Race condition (CVE-ID: CVE-2023-52502)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() functions in net/nfc/llcp_core.c. A local user can exploit the race and execute arbitrary code with elevated privileges.
7) Use-after-free (CVE-ID: CVE-2023-52752)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.
8) Use-after-free (CVE-ID: CVE-2023-52846)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the prp_create_tagged_frame() function in net/hsr/hsr_forward.c. A local user can escalate privileges on the system.
9) Race condition (CVE-ID: CVE-2023-6546)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in the GSM 0710 tty multiplexor in the Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
10) Integer overflow (CVE-ID: CVE-2024-23307)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to integer overflow in raid5_cache_count() function. A local user can trigger an integer overflow and execute arbitrary code with elevated privileges.
11) Race condition (CVE-ID: CVE-2024-26585)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tls_encrypt_done() function in net/tls/tls_sw.c. A remote attacker user can send specially crafted requests to the system and perform a denial of service (DoS) attack.
12) Buffer overflow (CVE-ID: CVE-2024-26610)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the iwl_dbg_tlv_override_trig_node() function in drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
13) Use-after-free (CVE-ID: CVE-2024-26622)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tomoyo_write_control() function. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
14) Off-by-one (CVE-ID: CVE-2024-26766)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an off-by-one error within the _pad_sdma_tx_descs() function in drivers/infiniband/hw/hfi1/sdma.c. A local user can trigger an off-by-one error and execute arbitrary code with elevated privileges.
15) Integer underflow (CVE-ID: CVE-2024-26828)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.
16) Use-after-free (CVE-ID: CVE-2024-26852)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ip6_route_multipath_add() and list_for_each_entry_safe() functions in net/ipv6/route.c. A local user can escalate privileges on the system.
17) Improper locking (CVE-ID: CVE-2024-26923)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.
18) Double free (CVE-ID: CVE-2024-26930)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a double free error within the kfree() function in drivers/scsi/qla2xxx/qla_os.c. A local user can execute arbitrary code.
19) Use-after-free (CVE-ID: CVE-2024-27398)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
20) Resource management error (CVE-ID: CVE-2024-35817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_ttm_gart_bind() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.
21) Use-after-free (CVE-ID: CVE-2024-35861)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_signal_cifsd_for_reconnect() function in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
22) Use-after-free (CVE-ID: CVE-2024-35862)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_network_name_deleted() function in fs/smb/client/smb2ops.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
23) Use-after-free (CVE-ID: CVE-2024-35863)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the is_valid_oplock_break() function in fs/smb/client/misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
24) Use-after-free (CVE-ID: CVE-2024-35864)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_valid_lease_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
25) Use-after-free (CVE-ID: CVE-2024-35867)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
26) Out-of-bounds read (CVE-ID: CVE-2024-35905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the check_stack_access_within_bounds() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
27) Out-of-bounds read (CVE-ID: CVE-2024-35949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the __btrfs_check_leaf() and __btrfs_check_node() functions in fs/btrfs/tree-checker.c. A local user can perform a denial of service (DoS) attack.
28) Use-after-free (CVE-ID: CVE-2024-35950)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can escalate privileges on the system.
29) Use-after-free (CVE-ID: CVE-2024-36899)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gpio_chrdev_release() function in drivers/gpio/gpiolib-cdev.c. A local user can escalate privileges on the system.
30) Use-after-free (CVE-ID: CVE-2024-36904)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcp_twsk_unique() function in net/ipv4/tcp_ipv4.c. A local user can escalate privileges on the system.
31) Improper privilege management (CVE-ID: CVE-2024-36964)
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the p9mode2perm() function in fs/9p/vfs_inode.c. A local user can read and manipulate data.
32) Use-after-free (CVE-ID: CVE-2024-40954)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sk_common_release() function in net/core/sock.c. A local user can escalate privileges on the system.
33) Use of uninitialized resource (CVE-ID: CVE-2024-41059)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hfsplus_listxattr() function in fs/hfsplus/xattr.c. A local user can perform a denial of service (DoS) attack.
34) Memory leak (CVE-ID: CVE-2024-43861)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qmimux_rx_fixup() function in drivers/net/usb/qmi_wwan.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.