Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2024:2357-1 Important: Kernel Live Patch Security Update

suse
Calendar Grey July 9, 2024
Dist Suse Esm H88
Important kernel patch for SUSE Linux Enterprise 15 SP3 addresses several vulnerabilities. Immediate installation is recommended!
* bsc#1210619 * bsc#1220145 * bsc#1220537 * bsc#1221302 * bsc#1223059

Summary

## This update for the Linux Kernel 5.3.18-150300_59_158 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).

Topics%20covered

Topics Covered

security advisory kernel patch important system update security issues SUSE Linux Enterprise live patch

References

* bsc#1210619

* bsc#1220145

* bsc#1220537

* bsc#1221302

* bsc#1223059

* bsc#1223363

* bsc#1223514

* bsc#1223683

* bsc#1225211

Cross-

* CVE-2021-46955

* CVE-2021-47383

* CVE-2022-48651

* CVE-2023-1829

* CVE-2024-23307

* CVE-2024-26610

* CVE-2024-26828

* CVE-2024-26852

* CVE-2024-26923

CVSS scores:

* CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2357-1
Rating: important

Topics%20covered

Topics Covered

security advisory kernel patch important system update security issues SUSE Linux Enterprise live patch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here