SUSE: 2024:0474-1 Important Security Fixes for Kernel Issues

suse

February 14, 2024

* bsc#1108281 * bsc#1193285 * bsc#1215275 * bsc#1216702 * bsc#1217987

Summary

## The SUSE Linux Enterprise 15 SP3 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434). * CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730). * CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836). * CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).

Topics Covered

security advisory critical security fix important kernel SUSE use-after-free

References

* bsc#1108281

* bsc#1193285

* bsc#1215275

* bsc#1216702

* bsc#1217987

* bsc#1217988

* bsc#1217989

* bsc#1218713

* bsc#1218730

* bsc#1218752

* bsc#1218757

* bsc#1218768

* bsc#1218804

* bsc#1218832

* bsc#1218836

* bsc#1219053

* bsc#1219120

* bsc#1219412

* bsc#1219434

Cross-

* CVE-2021-33631

* CVE-2023-46838

* CVE-2023-47233

* CVE-2023-4921

* CVE-2023-51043

* CVE-2023-51780

* CVE-2023-51782

* CVE-2023-6040

* CVE-2023-6356

* CVE-2023-6535

* CVE-2023-6536

* CVE-2023-6915

* CVE-2024-0565

* CVE-2024-0775

* CVE-2024-1086

CVSS scores:

* CVE-2021-33631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-33631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-46838 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2024:0474-1

Rating: important

Topics Covered

security advisory critical security fix important kernel SUSE use-after-free

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2024:0474-1 Important Security Fixes for Kernel Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2024:0474-1 Important Security Fixes for Kernel Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!