Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

SUSE Linux Enterprise 15 SP2: 2024:0478-1 Important Kernel Update

suse
Calendar Grey February 15, 2024
Dist Suse Esm H88
An essential patch for the SUSE Linux Kernel resolves 15 vulnerabilities along with various security concerns. Ensure to update without delay.
* bsc#1108281 * bsc#1193285 * bsc#1215275 * bsc#1216702 * bsc#1217987

Summary

## The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434). * CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053). * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832). * CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804).

Topics%20covered

Topics Covered

security advisory local privilege kernel update important memory flaw SUSE Linux Enterprise

References

* bsc#1108281

* bsc#1193285

* bsc#1215275

* bsc#1216702

* bsc#1217987

* bsc#1217988

* bsc#1217989

* bsc#1218713

* bsc#1218730

* bsc#1218752

* bsc#1218757

* bsc#1218768

* bsc#1218804

* bsc#1218832

* bsc#1218836

* bsc#1219053

* bsc#1219120

* bsc#1219412

* bsc#1219434

Cross-

* CVE-2021-33631

* CVE-2023-46838

* CVE-2023-47233

* CVE-2023-4921

* CVE-2023-51043

* CVE-2023-51780

* CVE-2023-51782

* CVE-2023-6040

* CVE-2023-6356

* CVE-2023-6535

* CVE-2023-6536

* CVE-2023-6915

* CVE-2024-0565

* CVE-2024-0775

* CVE-2024-1086

CVSS scores:

* CVE-2021-33631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-33631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-46838 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:0478-1
Rating: important

Topics%20covered

Topics Covered

security advisory local privilege kernel update important memory flaw SUSE Linux Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here