SB2025021819 - SUSE update for the Linux Kernel
Published: February 18, 2025 Updated: March 3, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 54 secuirty vulnerabilities.
1) Integer underflow (CVE-ID: CVE-2021-47222)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the br_handle_egress_vlan_tunnel() function in net/bridge/br_vlan_tunnel.c. A local user can execute arbitrary code.
2) NULL pointer dereference (CVE-ID: CVE-2021-47223)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the br_vlan_tunnel_lookup(), __vlan_tunnel_info_add(), br_handle_ingress_vlan_tunnel() and br_handle_egress_vlan_tunnel() functions in net/bridge/br_vlan_tunnel.c. A local user can perform a denial of service (DoS) attack.
3) Improper locking (CVE-ID: CVE-2024-26644)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the create_snapshot() function in fs/btrfs/ioctl.c. A local user can perform a denial of service (DoS) attack.
4) NULL pointer dereference (CVE-ID: CVE-2024-47809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the validate_lock_args() function in fs/dlm/lock.c. A local user can perform a denial of service (DoS) attack.
5) NULL pointer dereference (CVE-ID: CVE-2024-48881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cache_set_flush() function in drivers/md/bcache/super.c. A local user can perform a denial of service (DoS) attack.
6) Input validation error (CVE-ID: CVE-2024-49948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
7) Input validation error (CVE-ID: CVE-2024-50142)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the verify_newsa_info() function in net/xfrm/xfrm_user.c. A local user can perform a denial of service (DoS) attack.
8) Resource management error (CVE-ID: CVE-2024-52332)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the igb_init_module() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
9) Use of uninitialized resource (CVE-ID: CVE-2024-53155)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ocfs2_file_write_iter() and ocfs2_file_read_iter() functions in fs/ocfs2/file.c. A local user can perform a denial of service (DoS) attack.
10) Use-after-free (CVE-ID: CVE-2024-53185)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the SMB2_negotiate() function in fs/smb/client/smb2pdu.c. A local user can escalate privileges on the system.
11) Out-of-bounds write (CVE-ID: CVE-2024-53197)
The vulnerability allows a local user to compromise the affected system.
The vulnerability exists due to an out-of-bounds write error within the snd_usb_create_quirk(), snd_usb_extigy_boot_quirk(), mbox2_setup_48_24_magic() and snd_usb_mbox2_boot_quirk() functions in sound/usb/quirks.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited against Android devices.
12) Use-after-free (CVE-ID: CVE-2024-53227)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfad_init() function in drivers/scsi/bfa/bfad.c. A local user can escalate privileges on the system.
13) NULL pointer dereference (CVE-ID: CVE-2024-55916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the util_probe() function in drivers/hv/hv_util.c, within the hv_vss_init() function in drivers/hv/hv_snapshot.c, within the hv_kvp_init() function in drivers/hv/hv_kvp.c. A local user can perform a denial of service (DoS) attack.
14) Division by zero (CVE-ID: CVE-2024-56369)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the EXPORT_SYMBOL() and drm_mode_vrefresh() functions in drivers/gpu/drm/drm_modes.c. A local user can perform a denial of service (DoS) attack.
15) Improper locking (CVE-ID: CVE-2024-56532)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_us122l_disconnect() function in sound/usb/usx2y/us122l.c. A local user can perform a denial of service (DoS) attack.
16) Improper locking (CVE-ID: CVE-2024-56533)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the snd_usx2y_disconnect() function in sound/usb/usx2y/usbusx2y.c. A local user can perform a denial of service (DoS) attack.
17) Buffer overflow (CVE-ID: CVE-2024-56539)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/net/wireless/marvell/mwifiex/fw.h. A local user can perform a denial of service (DoS) attack.
18) NULL pointer dereference (CVE-ID: CVE-2024-56574)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ts2020_regmap_unlock() function in drivers/media/dvb-frontends/ts2020.c. A local user can perform a denial of service (DoS) attack.
19) NULL pointer dereference (CVE-ID: CVE-2024-56593)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the brcmf_sdiod_sgtable_alloc() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/bcmsdh.c. A local user can perform a denial of service (DoS) attack.
20) Improper locking (CVE-ID: CVE-2024-56594)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_ttm_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.
21) Use-after-free (CVE-ID: CVE-2024-56600)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the htons() function in net/ipv6/af_inet6.c. A local user can escalate privileges on the system.
22) Use-after-free (CVE-ID: CVE-2024-56601)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the htons() function in net/ipv4/af_inet.c. A local user can escalate privileges on the system.
23) Out-of-bounds read (CVE-ID: CVE-2024-56615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dev_map_alloc(), dev_map_delete_elem() and dev_map_hash_delete_elem() functions in kernel/bpf/devmap.c. A local user can perform a denial of service (DoS) attack.
24) Use-after-free (CVE-ID: CVE-2024-56623)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qla2x00_do_dpc() function in drivers/scsi/qla2xxx/qla_os.c. A local user can escalate privileges on the system.
25) Improper error handling (CVE-ID: CVE-2024-56630)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ocfs2_get_init_inode() function in fs/ocfs2/namei.c. A local user can perform a denial of service (DoS) attack.
26) Race condition (CVE-ID: CVE-2024-56637)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the find_set_type() function in net/netfilter/ipset/ip_set_core.c. A local user can escalate privileges on the system.
27) Resource management error (CVE-ID: CVE-2024-56641)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smc_sk_init(), smc_connect_rdma(), smc_connect_ism() and smc_listen_work() functions in net/smc/af_smc.c. A local user can perform a denial of service (DoS) attack.
28) Memory leak (CVE-ID: CVE-2024-56643)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dccp_feat_change_recv() function in net/dccp/feat.c. A local user can perform a denial of service (DoS) attack.
29) Out-of-bounds read (CVE-ID: CVE-2024-56650)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the led_tg_check() function in net/netfilter/xt_LED.c. A local user can perform a denial of service (DoS) attack.
30) NULL pointer dereference (CVE-ID: CVE-2024-56661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cleanup_bearer() function in net/tipc/udp_media.c. A local user can perform a denial of service (DoS) attack.
31) Out-of-bounds read (CVE-ID: CVE-2024-56662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the acpi_nfit_ctl() function in drivers/acpi/nfit/core.c. A local user can perform a denial of service (DoS) attack.
32) Improper error handling (CVE-ID: CVE-2024-56681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ahash_hmac_setkey() and ahash_hmac_init() functions in drivers/crypto/bcm/cipher.c. A local user can perform a denial of service (DoS) attack.
33) NULL pointer dereference (CVE-ID: CVE-2024-56700)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fmc_send_cmd() function in drivers/media/radio/wl128x/fmdrv_common.c. A local user can perform a denial of service (DoS) attack.
34) Input validation error (CVE-ID: CVE-2024-56722)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the free_srqc() function in drivers/infiniband/hw/hns/hns_roce_srq.c, within the hns_roce_mr_free() function in drivers/infiniband/hw/hns/hns_roce_mr.c, within the set_rwqe_data_seg(), free_mr_modify_rsv_qp(), free_mr_post_send_lp_wqe(), free_mr_send_cmd_to_hw(), hns_roce_v2_set_abs_fields(), hns_roce_v2_modify_qp(), hns_roce_v2_query_qp(), hns_roce_v2_destroy_qp_common(), hns_roce_v2_destroy_qp(), hns_roce_v2_modify_cq() and hns_roce_v2_query_cqc() functions in drivers/infiniband/hw/hns/hns_roce_hw_v2.c, within the hns_roce_table_put() function in drivers/infiniband/hw/hns/hns_roce_hem.c, within the free_cqc() function in drivers/infiniband/hw/hns/hns_roce_cq.c. A local user can perform a denial of service (DoS) attack.
35) Improper locking (CVE-ID: CVE-2024-56739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rtc_timer_do_work() function in drivers/rtc/interface.c. A local user can perform a denial of service (DoS) attack.
36) Memory leak (CVE-ID: CVE-2024-56747)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedi_alloc_and_init_sb() function in drivers/scsi/qedi/qedi_main.c. A local user can perform a denial of service (DoS) attack.
37) Memory leak (CVE-ID: CVE-2024-56748)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qedf_alloc_and_init_sb() function in drivers/scsi/qedf/qedf_main.c. A local user can perform a denial of service (DoS) attack.
38) Use-after-free (CVE-ID: CVE-2024-56759)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btrfs_force_cow_block() and btrfs_cow_block() functions in fs/btrfs/ctree.c. A local user can escalate privileges on the system.
39) Resource management error (CVE-ID: CVE-2024-56763)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tracing_cpumask_write() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
40) Improper error handling (CVE-ID: CVE-2024-56769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the MODULE_PARM_DESC() function in drivers/media/dvb-frontends/dib3000mb.c. A local user can perform a denial of service (DoS) attack.
41) Use-after-free (CVE-ID: CVE-2024-57884)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zone_reclaimable_pages() function in mm/vmscan.c. A local user can escalate privileges on the system.
42) Integer overflow (CVE-ID: CVE-2024-57890)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the uverbs_request_next_ptr(), ib_uverbs_post_send() and ib_uverbs_unmarshall_recv() functions in drivers/infiniband/core/uverbs_cmd.c. A local user can execute arbitrary code.
43) Use-after-free (CVE-ID: CVE-2024-57896)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the close_ctree() function in fs/btrfs/disk-io.c. A local user can escalate privileges on the system.
44) Integer overflow (CVE-ID: CVE-2024-57899)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the ieee80211_mbss_info_change_notify() function in net/mac80211/mesh.c. A local user can execute arbitrary code.
45) Improper locking (CVE-ID: CVE-2024-57903)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the sk_setsockopt() function in net/core/sock.c. A local user can perform a denial of service (DoS) attack.
46) Reachable assertion (CVE-ID: CVE-2024-57922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the drivers/gpu/drm/amd/display/dc/dml/dml_inline_defs.h. A local user can perform a denial of service (DoS) attack.
47) NULL pointer dereference (CVE-ID: CVE-2024-57929)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the load_ablock() function in drivers/md/persistent-data/dm-array.c. A local user can perform a denial of service (DoS) attack.
48) Improper privilege management (CVE-ID: CVE-2024-57931)
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the services_compute_xperms_decision() function in security/selinux/ss/services.c. A local user can read and manipulate data.
49) NULL pointer dereference (CVE-ID: CVE-2024-57932)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gve_xdp_xmit() function in drivers/net/ethernet/google/gve/gve_tx.c, within the gve_turndown() function in drivers/net/ethernet/google/gve/gve_main.c. A local user can perform a denial of service (DoS) attack.
50) Integer overflow (CVE-ID: CVE-2024-57938)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the sctp_association_init() function in net/sctp/associola.c. A local user can execute arbitrary code.
51) Out-of-bounds read (CVE-ID: CVE-2025-21653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the NLA_POLICY_MAX() function in net/sched/cls_flow.c. A local user can perform a denial of service (DoS) attack.
52) Out-of-bounds read (CVE-ID: CVE-2025-21664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the get_first_thin() function in drivers/md/dm-thin.c. A local user can perform a denial of service (DoS) attack.
53) Improper locking (CVE-ID: CVE-2025-21678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the gtp_newlink() and gtp_net_exit_batch_rtnl() functions in drivers/net/gtp.c. A local user can perform a denial of service (DoS) attack.
54) NULL pointer dereference (CVE-ID: CVE-2025-21682)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bnxt_xdp_set() function in drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c, within the bnxt_set_ring_params(), bnxt_set_rx_skb_mode() and bnxt_init_one() functions in drivers/net/ethernet/broadcom/bnxt/bnxt.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.