Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:0858-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2021-46923 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  • CVE-2023-5197 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2023-5197 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
  • CVE-2023-52452 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2023-52456 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52457 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
  • CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
  • CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  • CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-25744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-26591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2024-26603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • Basesystem Module 15-SP5
  • Development Tools Module 15-SP5
  • Legacy Module 15-SP5
  • openSUSE Leap 15.5
  • SUSE Linux Enterprise Desktop 15 SP5
  • SUSE Linux Enterprise High Availability Extension 15 SP5
  • SUSE Linux Enterprise High Performance Computing 15 SP5
  • SUSE Linux Enterprise Live Patching 15-SP5
  • SUSE Linux Enterprise Micro 5.5
  • SUSE Linux Enterprise Real Time 15 SP5
  • SUSE Linux Enterprise Server 15 SP5
  • SUSE Linux Enterprise Server for SAP Applications 15 SP5
  • SUSE Linux Enterprise Workstation Extension 15 SP5

An update that solves 39 vulnerabilities, contains one feature and has 23 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2019-25162: Fixed a potential use after free (bsc#1220409).
  • CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457).
  • CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459)
  • CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444)
  • CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
  • CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216).
  • CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295).
  • CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827).
  • CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140).
  • CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240).
  • CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
  • CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
  • CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253).
  • CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
  • CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250).
  • CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257).
  • CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364).
  • CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350).
  • CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
  • CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
  • CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649)
  • CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796)
  • CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195).
  • CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915).
  • CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835).
  • CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127).
  • CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
  • CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146).
  • CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927).
  • CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
  • CVE-2024-26586: Fixed stack corruption (bsc#1220243).
  • CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255).
  • CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254).
  • CVE-2024-26593: Fixed block process call transactions (bsc#1220009).
  • CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344).
  • CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326).
  • CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
  • CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335).
  • CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825).

The following non-security bugs were fixed:

  • acpi: apei: set memory failure flags as mf_action_required on synchronous events (git-fixes).
  • acpi: button: add lid disable dmi quirk for nextbook ares 8a (git-fixes).
  • acpi: extlog: fix null pointer dereference check (git-fixes).
  • acpi: resource: add asus model s5402za to quirks (git-fixes).
  • acpi: resource: skip irq override on asus expertbook b1502cba (git-fixes).
  • acpi: resource: skip irq override on asus expertbook b2402cba (git-fixes).
  • acpi: video: add backlight=native dmi quirk for apple imac11,3 (git-fixes).
  • acpi: video: add backlight=native dmi quirk for apple imac12,1 and imac12,2 (git-fixes).
  • acpi: video: add backlight=native dmi quirk for lenovo thinkpad x131e (3371 amd version) (git-fixes).
  • acpi: video: add quirk for the colorful x15 at 23 laptop (git-fixes).
  • add reference to recently released cve
  • afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git-fixes).
  • afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes).
  • afs: hide silly-rename files from userspace (git-fixes).
  • afs: increase buffer size in afs_update_volume_status() (git-fixes).
  • ahci: asm1166: correct count of reported ports (git-fixes).
  • alsa: drop leftover snd-rtctimer stuff from makefile (git-fixes).
  • alsa: firewire-lib: fix to check cycle continuity (git-fixes).
  • alsa: hda/conexant: add quirk for sws js201d (git-fixes).
  • alsa: hda/realtek: apply headset jack quirk for non-bass alc287 thinkpads (git-fixes).
  • alsa: hda/realtek: cs35l41: fix device id / model name (git-fixes).
  • alsa: hda/realtek: cs35l41: fix order and duplicates in quirks table (git-fixes).
  • alsa: hda/realtek: enable headset mic on vaio vjfe-adl (git-fixes).
  • alsa: hda/realtek: enable mute led on hp laptop 14-fq0xxx (git-fixes).
  • alsa: hda/realtek: fix mute/micmute led for hp mt645 (git-fixes).
  • alsa: hda/realtek: fix mute/micmute leds for hp zbook power (git-fixes).
  • alsa: hda/realtek: fix the external mic not being recognised for acer swift 1 sf114-32 (git-fixes).
  • alsa: usb-audio: add a quirk for yamaha yit-w12tx transmitter (git-fixes).
  • alsa: usb-audio: add delay quirk for motu m series 2nd revision (git-fixes).
  • alsa: usb-audio: add quirk for rode nt-usb+ (git-fixes).
  • alsa: usb-audio: check presence of valid altsetting control (git-fixes).
  • alsa: usb-audio: ignore clock selector errors for single connection (git-fixes).
  • alsa: usb-audio: more relaxed check of midi jack names (git-fixes).
  • alsa: usb-audio: sort quirk table entries (git-fixes).
  • arm64: entry: fix arm64_workaround_speculative_unpriv_load (bsc#1219443)
  • arm64: entry: preserve/restore x29 even for compat tasks (bsc#1219443)
  • arm64: entry: simplify tramp_alias macro and tramp_exit routine (bsc#1219443)
  • arm64: errata: add cortex-a510 speculative unprivileged load (bsc#1219443) enable workaround.
  • arm64: errata: add cortex-a520 speculative unprivileged load (bsc#1219443) enable workaround without kabi break.
  • arm64: errata: mitigate ampere1 erratum ac03_cpu_38 at stage-2 (git-fixes) enable ampere_erratum_ac03_cpu_38 workaround without kabi break
  • arm64: irq: set the correct node for shadow call stack (git-fixes)
  • arm64: irq: set the correct node for vmap stack (git-fixes)
  • arm64: rename arm64_workaround_2966298 (bsc#1219443)
  • arm64: subscribe microsoft azure cobalt 100 to arm neoverse n2 errata (git-fixes)
  • asoc: doc: fix undefined snd_soc_dapm_nopm argument (git-fixes).
  • asoc: rt5645: fix deadlock in rt5645_jack_detect_work() (git-fixes).
  • asoc: sof: ipc3: fix message bounds on ipc ops (git-fixes).
  • asoc: sunxi: sun4i-spdif: add support for allwinner h616 (git-fixes).
  • atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes).
  • bluetooth: avoid potential use-after-free in hci_error_reset (git-fixes).
  • bluetooth: enforce validation on max value of connection interval (git-fixes).
  • bluetooth: hci_event: fix handling of hci_ev_io_capa_request (git-fixes).
  • bluetooth: hci_event: fix wrongly recorded wakeup bd_addr (git-fixes).
  • bluetooth: hci_sync: check the correct flag before starting a scan (git-fixes).
  • bluetooth: hci_sync: fix accept_list when attempting to suspend (git-fixes).
  • bluetooth: l2cap: fix possible multiple reject send (git-fixes).
  • bluetooth: qca: fix wrong event type for patch config command (git-fixes).
  • bpf: fix verification of indirect var-off stack access (git-fixes).
  • bpf: guard stack limits against 32bit overflow (git-fixes).
  • bpf: minor logging improvement (bsc#1220257).
  • bus: moxtet: add spi device table (git-fixes).
  • cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267).
  • can: j1939: fix uaf in j1939_sk_match_filter during setsockopt(so_j1939_filter) (git-fixes).
  • crypto: api - disallow identical driver names (git-fixes).
  • crypto: ccp - fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes).
  • crypto: octeontx2 - fix cptvf driver cleanup (git-fixes).
  • crypto: stm32/crc32 - fix parsing list of devices (git-fixes).
  • dmaengine: fsl-qdma: fix a memory leak related to the queue command dma (git-fixes).
  • dmaengine: fsl-qdma: fix soc may hang on 16 byte unaligned read (git-fixes).
  • dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes).
  • dmaengine: fsl-qdma: init irq after reg initialization (git-fixes).
  • dmaengine: ptdma: use consistent dma masks (git-fixes).
  • dmaengine: shdma: increase size of 'dev_id' (git-fixes).
  • dmaengine: ti: edma: add some null pointer checks to the edma_probe (git-fixes).
  • driver core: fix device_link_flag_is_sync_state_only() (git-fixes).
  • drm/amd/display: fix memory leak in dm_sw_fini() (git-fixes).
  • drm/amd/display: fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes).
  • drm/amd/display: fix possible null dereference on device remove/driver unload (git-fixes).
  • drm/amd/display: increase frame-l