SUSE: 2024:2351-1 Critical Kernel Live Patch 48 for Major Vulnerabilities

suse

July 9, 2024

* bsc#1210619 * bsc#1223363 * bsc#1223683 * bsc#1225211

Summary

## This update for the Linux Kernel 5.3.18-150200_24_191 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2

Topics Covered

security advisory kernel patch threat resolution SUSE Linux important update live patching

References

* bsc#1210619

* bsc#1223363

* bsc#1223683

* bsc#1225211

Cross-

* CVE-2021-47383

* CVE-2023-1829

* CVE-2024-26828

* CVE-2024-26923

CVSS scores:

* CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

* CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* SUSE Linux Enterprise High Performance Computing 15 SP2

* SUSE Linux Enterprise Live Patching 15-SP2

* SUSE Linux Enterprise Server 15 SP2

* SUSE Linux Enterprise Server for SAP Applications 15 SP2

Severity

critical

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2024:2351-1

Rating: important

Topics Covered

security advisory kernel patch threat resolution SUSE Linux important update live patching

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE: 2024:2351-1 Critical Kernel Live Patch 48 for Major Vulnerabilities

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE: 2024:2351-1 Critical Kernel Live Patch 48 for Major Vulnerabilities

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!