Details
-
Improvement
-
Resolution: Won't Fix
-
Minor
-
None
-
Lustre 2.16.0
-
None
-
3
-
9223372036854775807
Description
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security
bugfixes.
The following security bugs were fixed:
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to
potentially crash the system (bsc#1209657). - CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148).
- CVE-2023-52458: Fixed check that partition length needs to be aligned with
block size (bsc#1220428). - CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in
amdtee_close_session (bsc#1220915). - CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
- CVE-2023-52631: Fixed an NULL dereference bug (bsc#1222264 CVE-2023-52631).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop]
(bsc#1222294). - CVE-2023-52640: Fixed out-of-bounds in ntfs_listxattr (bsc#1222301).
- CVE-2023-52641: Fixed NULL ptr dereference checking at the end of
attr_allocate_frame() (bsc#1222303) - CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd
(bsc#1223033). - CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device()
(bsc#1223686). - CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type
(bsc#1224442). - CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config()
(bsc#1224628). - CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass()
(CVE-2023-52698 bsc#1224621) - CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race
(bsc#1225007). - CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor()
(bsc#1224989). - CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).
- CVE-2023-6238: Fixed kcalloc() arguments order (bsc#1217384).
- CVE-2023-7042: Fixed a null-pointer-dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). - CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock
found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). - CVE-2024-21823: Fixed safety flag to struct ends (bsc#1223625).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170). - CVE-2024-23848: Fixed media/cec for possible use-after-free in
cec_queue_msg_fh (bsc#1219104). - CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000
device driver in xc4000 xc4000_get_frequency() function (bsc#1219623). - CVE-2024-25739: Fixed possible crash in create_empty_lvol() in
drivers/mtd/ubi/vtbl.c (bsc#1219834). - CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay
(bsc#1220342). - CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks
(bsc#1221293). - CVE-2024-26632: Fixed iterating over an empty bio with
bio_for_each_folio_all (bsc#1221635). - CVE-2024-26638: Fixed uninitialize struct msghdr completely (bsc#1221649
CVE-2024-26638). - CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter
nf_tables (bsc#1221830). - CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with
timeout (bsc#1221829). - CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
- CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization
(bsc#1222368). - CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for
{get,put}
_user() fixups
(bsc#1222378). - CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error()
(bsc#1222385). - CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA
channels (bsc#1222445). - CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write
(bsc#1222437). - CVE-2024-26692: Fixed regression in writes when non-standard maximum write
size negotiated (bsc#1222464). - CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len
in ext4 (bsc#1222422). - CVE-2024-26726: Fixed invalid drop extent_map for free space inode on write
error (bsc#1222532) - CVE-2024-26731: Fixed NULL pointer dereference in
sk_psock_verdict_data_ready() (bsc#1222371). - CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free
and bpf_timer_cancel (bsc#1222557). - CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).
- CVE-2024-26760: Fixed bio_put() for error case (bsc#1222596
cve-2024-267600). - CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case
(bsc#1222596). - CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct
aio_kiocb conversion (bsc#1222721). - CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group
in ext4_mb_find_by_goal() (bsc#1222613). - CVE-2024-26773: Fixed ext4 block allocation from corrupted group in
ext4_mb_try_best_found() (bsc#1222618). - CVE-2024-26774: Fixed dividing by 0 in mb_update_avg_fragment_size() when
block bitmap corrupt (bsc#1222622). - CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a
wrong zone index (bsc#1222615). - CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
- CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink()
in gtp (bsc#1222428). - CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in
netlink (bsc#1222630). - CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM
hooks (bsc#1222801). - CVE-2024-26815: Fixed improper TCA_TAPRIO_TC_ENTRY_INDEX check
(bsc#1222635). - CVE-2024-26816: Fixed relocations in .notes section when building with
CONFIG_XEN_PV=y (bsc#1222624). - CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts
(bsc#1223011). - CVE-2024-26832: Fixed missing folio cleanup in writeback race path
(bsc#1223007). - CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for
workstations (bsc#1222968). - CVE-2024-26844: Fixed WARNING in _copy_from_iter (bsc#1223015).
- CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT
(bsc#1223061). - CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in
ice_bridge_setlink() (bsc#1223051). - CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry
(bsc#1223052). - CVE-2024-26857: Fixed geneve to make sure to pull inner header in
geneve_rx() (bsc#1223058). - CVE-2024-26860: Fixed a memory leak when rechecking the data (bsc#1223077).
- CVE-2024-26861: Fixed wireguard/receive annotate data-race around
receiving_counter.counter (bsc#1223076). - CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing
(bsc#1223111). - CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant
spi_controller_put call (bsc#1223024). - CVE-2024-26878: Fixed quota for potential NULL pointer dereference
(bsc#1223060). - CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08
devices (bsc#1223041). - CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in
ip_tunnel_rcv() (bsc#1223034). - CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches
(bsc#1223035). - CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches
(bsc#1223189). - CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches
(bsc#1223190). - CVE-2024-26899: Fixed deadlock between bd_link_disk_holder and partition
scan (bsc#1223045). - CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent
kernel-infoleak (bsc#1223198). - CVE-2024-26906: Fixed invalid vsyscall page read for
copy_from_kernel_nofault() (bsc#1223202). - CVE-2024-26909: Fixed drm bridge use-after-free (bsc#1223143).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in
__unix_gc() (bsc#1223384). - CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path
(bsc#1223390). - CVE-2024-26928: Fix potential UAF in cifs_debug_files_proc_show()
(bsc#1223532). - CVE-2024-26945: Fixed nr_cpus < nr_iaa case (bsc#1223732).
- CVE-2024-26946: Fixed copy_from_kernel_nofault() to read from unsafe address
(bsc#1223669). - CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in
dc_state_release (bsc#1223664). - CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead
of peer (bsc#1223661). - CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead
instead of empty list (bsc#1223660). - CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and
swapoff() (bsc#1223655). - CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value
of zero (bsc#1223634). - CVE-2024-26991: Fixed overflow lpage_info when checking attributes
(bsc#1223695). - CVE-2024-26993: Fixed fs/sysfs reference leak in
sysfs_break_active_protection() (bsc#1223693). - CVE-2024-27013: Fixed tun limit printing rate when illegal packet received
by tun device (bsc#1223745). - CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS
(bsc#1223735). - CVE-2024-27022: Fixed linking file vma until vma is fully initialized
(bsc#1223774). - CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts
(bsc#1223790). - CVE-2024-27036: Fixed writeback data corruption (bsc#1223810).
- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure
(bsc#1223827). - CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists
(bsc#1223822). - CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
- CVE-2024-27389: Fixed pstore inode handling with d_invalidate()
(bsc#1223705). - CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet
contents (bsc#1224181). - CVE-2024-27408: Fixed race condition in dmaengine w-edma/eDMA (bsc#1224430).
- CVE-2024-27417: Fixed potential "struct net" leak in inet6_rtm_getaddr()
(bsc#1224721) - CVE-2024-27418: Fixed memory leak in mctp_local_output (bsc#1224720)
- CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP
program (bsc#1224718). - CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).
- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
- CVE-2024-35860: struct bpf_link and bpf_link_ops kABI workaround
(bsc#1224531). - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1224766). - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted()
(bsc#1224764). - CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break()
(bsc#1224763). - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break()
(bsc#1224765). - CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break()
(bsc#1224668). - CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write()
(bsc#1224678). - CVE-2024-35869: Guarantee refcounted children from parent session
(bsc#1224679). - CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
- CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35895: Fixed lock inversion deadlock in map delete elem
(bsc#1224511). - CVE-2024-35903: Fixed IP after emitting call depth accounting (bsc#1224493).
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488).
- CVE-2024-35917: Fixed Fix bpf_plt pointer arithmetic (bsc#1224481).
- CVE-2024-35921: Fixed oops when HEVC init fails (bsc#1224477).
- CVE-2024-35931: Fixed PCI error slot reset during RAS recovery
(bsc#1224652). - CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init
(bsc#1224649). - CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host()
(bsc#1224648). - CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations
(bsc#1224674) - CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and
ipv6_del_addr (bsc#1224580). - CVE-2024-35991: Fixed kABI workaround for struct idxd_evl (bsc#1224553).
- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
- CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).
- CVE-2024-36007: Fixed warning during rehash (bsc#1224543).
- CVE-2024-36030: Fixed the double free in rvu_npc_freemem() (bsc#1225712)
The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2024-August/019244.html
Attachments
Issue Links
- is related to
-
LU-18123 kernel update [SLES15 SP6 6.4.0-150600.23.17.1]
- Resolved