suse-su-2024:3880-1
Vulnerability from csaf_suse
Published
2024-11-04 06:33
Modified
2024-11-04 06:33
Summary
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)
Notes
Title of the patch
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)
Description of the patch
This update for the Linux Kernel 6.4.0-150600_21 fixes several issues.
The following security issues were fixed:
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).
- CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419)
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).
- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313).
Patchnames
SUSE-2024-3880,SUSE-SLE-Module-Live-Patching-15-SP6-2024-3880
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 6.4.0-150600_21 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327).\n- CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419)\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).\n- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739).\n- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)\n- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325).\n- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099).\n- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3880,SUSE-SLE-Module-Live-Patching-15-SP6-2024-3880",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3880-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3880-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243880-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3880-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019771.html"
},
{
"category": "self",
"summary": "SUSE Bug 1225011",
"url": "https://bugzilla.suse.com/1225011"
},
{
"category": "self",
"summary": "SUSE Bug 1225012",
"url": "https://bugzilla.suse.com/1225012"
},
{
"category": "self",
"summary": "SUSE Bug 1225099",
"url": "https://bugzilla.suse.com/1225099"
},
{
"category": "self",
"summary": "SUSE Bug 1225309",
"url": "https://bugzilla.suse.com/1225309"
},
{
"category": "self",
"summary": "SUSE Bug 1225311",
"url": "https://bugzilla.suse.com/1225311"
},
{
"category": "self",
"summary": "SUSE Bug 1225312",
"url": "https://bugzilla.suse.com/1225312"
},
{
"category": "self",
"summary": "SUSE Bug 1225313",
"url": "https://bugzilla.suse.com/1225313"
},
{
"category": "self",
"summary": "SUSE Bug 1225739",
"url": "https://bugzilla.suse.com/1225739"
},
{
"category": "self",
"summary": "SUSE Bug 1225819",
"url": "https://bugzilla.suse.com/1225819"
},
{
"category": "self",
"summary": "SUSE Bug 1226325",
"url": "https://bugzilla.suse.com/1226325"
},
{
"category": "self",
"summary": "SUSE Bug 1226327",
"url": "https://bugzilla.suse.com/1226327"
},
{
"category": "self",
"summary": "SUSE Bug 1228786",
"url": "https://bugzilla.suse.com/1228786"
},
{
"category": "self",
"summary": "SUSE Bug 1231419",
"url": "https://bugzilla.suse.com/1231419"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52846 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42133 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42133/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)",
"tracking": {
"current_release_date": "2024-11-04T06:33:25Z",
"generator": {
"date": "2024-11-04T06:33:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3880-1",
"initial_release_date": "2024-11-04T06:33:25Z",
"revision_history": [
{
"date": "2024-11-04T06:33:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"product_id": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free bug in cifs_debug_data_proc_show()\n\nSkip SMB sessions that are being teared down\n(e.g. @ses-\u003eses_status == SES_EXITING) in cifs_debug_data_proc_show()\nto avoid use-after-free in @ses.\n\nThis fixes the following GPF when reading from /proc/fs/cifs/DebugData\nwhile mounting and umounting\n\n [ 816.251274] general protection fault, probably for non-canonical\n address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI\n ...\n [ 816.260138] Call Trace:\n [ 816.260329] \u003cTASK\u003e\n [ 816.260499] ? die_addr+0x36/0x90\n [ 816.260762] ? exc_general_protection+0x1b3/0x410\n [ 816.261126] ? asm_exc_general_protection+0x26/0x30\n [ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]\n [ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]\n [ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]\n [ 816.262689] ? seq_read_iter+0x379/0x470\n [ 816.262995] seq_read_iter+0x118/0x470\n [ 816.263291] proc_reg_read_iter+0x53/0x90\n [ 816.263596] ? srso_alias_return_thunk+0x5/0x7f\n [ 816.263945] vfs_read+0x201/0x350\n [ 816.264211] ksys_read+0x75/0x100\n [ 816.264472] do_syscall_64+0x3f/0x90\n [ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n [ 816.265135] RIP: 0033:0x7fd5e669d381",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52752",
"url": "https://www.suse.com/security/cve/CVE-2023-52752"
},
{
"category": "external",
"summary": "SUSE Bug 1225487 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225487"
},
{
"category": "external",
"summary": "SUSE Bug 1225819 for CVE-2023-52752",
"url": "https://bugzilla.suse.com/1225819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2023-52752"
},
{
"cve": "CVE-2023-52846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail. In that situation, it frees the\nskb and returns NULL. Meanwhile on the success path, it returns the\noriginal skb. So it\u0027s straight forward to fix bug by using the returned\nvalue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52846",
"url": "https://www.suse.com/security/cve/CVE-2023-52846"
},
{
"category": "external",
"summary": "SUSE Bug 1225098 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "external",
"summary": "SUSE Bug 1225099 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2023-52846"
},
{
"cve": "CVE-2024-35817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag\n\nOtherwise after the GTT bo is released, the GTT and gart space is freed\nbut amdgpu_ttm_backend_unbind will not clear the gart page table entry\nand leave valid mapping entry pointing to the stale system page. Then\nif GPU access the gart address mistakely, it will read undefined value\ninstead page fault, harder to debug and reproduce the real issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35817",
"url": "https://www.suse.com/security/cve/CVE-2024-35817"
},
{
"category": "external",
"summary": "SUSE Bug 1224736 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "external",
"summary": "SUSE Bug 1225313 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1225313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-35817"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35905",
"url": "https://www.suse.com/security/cve/CVE-2024-35905"
},
{
"category": "external",
"summary": "SUSE Bug 1224488 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "external",
"summary": "SUSE Bug 1226327 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1226327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-36899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\n\nThe use-after-free issue occurs as follows: when the GPIO chip device file\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\nread rwsem. Consequently, a race condition leads to the use-after-free of\nwatched_lines.\n\nHere is the typical stack when issue happened:\n\n[free]\ngpio_chrdev_release()\n --\u003e bitmap_free(cdev-\u003ewatched_lines) \u003c-- freed\n --\u003e blocking_notifier_chain_unregister()\n --\u003e down_write(\u0026nh-\u003erwsem) \u003c-- waiting rwsem\n --\u003e __down_write_common()\n --\u003e rwsem_down_write_slowpath()\n --\u003e schedule_preempt_disabled()\n --\u003e schedule()\n\n[use]\nst54spi_gpio_dev_release()\n --\u003e gpio_free()\n --\u003e gpiod_free()\n --\u003e gpiod_free_commit()\n --\u003e gpiod_line_state_notify()\n --\u003e blocking_notifier_call_chain()\n --\u003e down_read(\u0026nh-\u003erwsem); \u003c-- held rwsem\n --\u003e notifier_call_chain()\n --\u003e lineinfo_changed_notify()\n --\u003e test_bit(xxxx, cdev-\u003ewatched_lines) \u003c-- use after free\n\nThe side effect of the use-after-free issue is that a GPIO line event is\nbeing generated for userspace where it shouldn\u0027t. However, since the chrdev\nis being closed, userspace won\u0027t have the chance to read that event anyway.\n\nTo fix the issue, call the bitmap_free() function after the unregistration\nof lineinfo_changed_nb notifier chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36899",
"url": "https://www.suse.com/security/cve/CVE-2024-36899"
},
{
"category": "external",
"summary": "SUSE Bug 1225737 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "external",
"summary": "SUSE Bug 1225739 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-40954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not leave a dangling sk pointer, when socket creation fails\n\nIt is possible to trigger a use-after-free by:\n * attaching an fentry probe to __sock_release() and the probe calling the\n bpf_get_socket_cookie() helper\n * running traceroute -I 1.1.1.1 on a freshly booted VM\n\nA KASAN enabled kernel will log something like below (decoded and stripped):\n==================================================================\nBUG: KASAN: slab-use-after-free in __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nRead of size 8 at addr ffff888007110dd8 by task traceroute/299\n\nCPU: 2 PID: 299 Comm: traceroute Tainted: G E 6.10.0-rc2+ #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117 (discriminator 1))\nprint_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_report (mm/kasan/report.c:603)\n? __sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nkasan_check_range (mm/kasan/generic.c:183 mm/kasan/generic.c:189)\n__sock_gen_cookie (./arch/x86/include/asm/atomic64_64.h:15 ./include/linux/atomic/atomic-arch-fallback.h:2583 ./include/linux/atomic/atomic-instrumented.h:1611 net/core/sock_diag.c:29)\nbpf_get_socket_ptr_cookie (./arch/x86/include/asm/preempt.h:94 ./include/linux/sock_diag.h:42 net/core/filter.c:5094 net/core/filter.c:5092)\nbpf_prog_875642cf11f1d139___sock_release+0x6e/0x8e\nbpf_trampoline_6442506592+0x47/0xaf\n__sock_release (net/socket.c:652)\n__sock_create (net/socket.c:1601)\n...\nAllocated by task 299 on cpu 2 at 78.328492s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\n__kasan_slab_alloc (mm/kasan/common.c:312 mm/kasan/common.c:338)\nkmem_cache_alloc_noprof (mm/slub.c:3941 mm/slub.c:4000 mm/slub.c:4007)\nsk_prot_alloc (net/core/sock.c:2075)\nsk_alloc (net/core/sock.c:2134)\ninet_create (net/ipv4/af_inet.c:327 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFreed by task 299 on cpu 2 at 78.328502s:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (mm/kasan/common.c:68)\nkasan_save_free_info (mm/kasan/generic.c:582)\npoison_slab_object (mm/kasan/common.c:242)\n__kasan_slab_free (mm/kasan/common.c:256)\nkmem_cache_free (mm/slub.c:4437 mm/slub.c:4511)\n__sk_destruct (net/core/sock.c:2117 net/core/sock.c:2208)\ninet_create (net/ipv4/af_inet.c:397 net/ipv4/af_inet.c:252)\n__sock_create (net/socket.c:1572)\n__sys_socket (net/socket.c:1660 net/socket.c:1644 net/socket.c:1706)\n__x64_sys_socket (net/socket.c:1718)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by clearing the struct socket reference in sk_common_release() to cover\nall protocol families create functions, which may already attached the\nreference to the sk object with sock_init_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40954",
"url": "https://www.suse.com/security/cve/CVE-2024-40954"
},
{
"category": "external",
"summary": "SUSE Bug 1227808 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1227808"
},
{
"category": "external",
"summary": "SUSE Bug 1228786 for CVE-2024-40954",
"url": "https://bugzilla.suse.com/1228786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-40954"
},
{
"cve": "CVE-2024-42133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Ignore too large handle values in BIG\n\nhci_le_big_sync_established_evt is necessary to filter out cases where the\nhandle value is belonging to ida id range, otherwise ida will be erroneously\nreleased in hci_conn_cleanup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42133",
"url": "https://www.suse.com/security/cve/CVE-2024-42133"
},
{
"category": "external",
"summary": "SUSE Bug 1228511 for CVE-2024-42133",
"url": "https://bugzilla.suse.com/1228511"
},
{
"category": "external",
"summary": "SUSE Bug 1231419 for CVE-2024-42133",
"url": "https://bugzilla.suse.com/1231419"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-04T06:33:25Z",
"details": "important"
}
],
"title": "CVE-2024-42133"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…