SB2025012249 - SUSE update for the Linux Kernel
Published: January 22, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 18 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2022-49035)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the s5p_cec_irq_handler() function in drivers/media/cec/platform/s5p/s5p_cec.c. A local user can perform a denial of service (DoS) attack.
2) Improper locking (CVE-ID: CVE-2023-52524)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfc_llcp_register_device() function in net/nfc/llcp_core.c. A local user can perform a denial of service (DoS) attack.
3) Use of uninitialized resource (CVE-ID: CVE-2024-53142)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the do_name() and do_copy() functions in init/initramfs.c. A local user can perform a denial of service (DoS) attack.
4) Input validation error (CVE-ID: CVE-2024-53144)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_user_confirm_request_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
5) Integer overflow (CVE-ID: CVE-2024-53146)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the decode_cb_compound4res() function in fs/nfsd/nfs4callback.c. A local user can execute arbitrary code.
6) Out-of-bounds read (CVE-ID: CVE-2024-53156)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the htc_connect_service() function in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
7) Use-after-free (CVE-ID: CVE-2024-53173)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nfs4_open_release() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
8) Use-after-free (CVE-ID: CVE-2024-53179)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the smb2_get_sign_key(), smb2_find_smb_ses_unlocked(), smb2_calc_signature() and smb3_calc_signature() functions in fs/smb/client/smb2transport.c. A local user can escalate privileges on the system.
9) Out-of-bounds read (CVE-ID: CVE-2024-53214)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the vfio_virt_config_read() and vfio_config_do_rw() functions in drivers/vfio/pci/vfio_pci_config.c. A local user can perform a denial of service (DoS) attack.
10) Use-after-free (CVE-ID: CVE-2024-53239)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb6fire_chip_abort(), usb6fire_chip_destroy(), usb6fire_chip_probe() and usb6fire_chip_disconnect() functions in sound/usb/6fire/chip.c. A local user can escalate privileges on the system.
11) NULL pointer dereference (CVE-ID: CVE-2024-53240)
The vulnerability allows a remote backend to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the guest xen-netfront driver. A a malicious network backend can crash the guest OS.
12) Buffer overflow (CVE-ID: CVE-2024-56539)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/wireless/marvell/mwifiex/fw.h. A local user can perform a denial of service (DoS) attack.
13) Use-after-free (CVE-ID: CVE-2024-56548)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hfsplus_read_wrapper() function in fs/hfsplus/wrapper.c. A local user can escalate privileges on the system.
14) Use-after-free (CVE-ID: CVE-2024-56604)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the rfcomm_sock_alloc() function in net/bluetooth/rfcomm/sock.c. A local user can escalate privileges on the system.
15) Use-after-free (CVE-ID: CVE-2024-56605)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_sock_alloc() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.
16) Use-after-free (CVE-ID: CVE-2024-56631)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sg_release() function in drivers/scsi/sg.c. A local user can escalate privileges on the system.
17) Double free (CVE-ID: CVE-2024-56704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the xen_9pfs_front_free() function in net/9p/trans_xen.c. A local user can perform a denial of service (DoS) attack.
18) Improper access control (CVE-ID: CVE-2024-8805)
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions within the implementation of the HID over GATT Profile. A remote attacker on the local network can bypass implemented security restrictions and execute arbitrary code on the target system.
Remediation
Install update from vendor's website.