Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

openSUSE Leap 15.4: 2024:2495-1 Important: Kernel Update

suse
Calendar Grey July 16, 2024
Dist Suse Esm H88
This critical patch release for the Linux Kernel addresses 28 vulnerabilities. It is imperative that your systems are updated correctly.
* bsc#1195775 * bsc#1216124 * bsc#1218148 * bsc#1219224 * bsc#1220492

Summary

## The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679). * CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).

Topics%20covered

Topics Covered

security advisory kernel update security fix Linux kernel important advisory openSUSE Leap CVE scores

References

* bsc#1195775

* bsc#1216124

* bsc#1218148

* bsc#1219224

* bsc#1220492

* bsc#1222015

* bsc#1222254

* bsc#1222678

* bsc#1223384

* bsc#1224020

* bsc#1224679

* bsc#1224696

* bsc#1224703

* bsc#1224749

* bsc#1224764

* bsc#1224765

* bsc#1224766

* bsc#1224935

* bsc#1225098

* bsc#1225467

* bsc#1225487

* bsc#1225518

* bsc#1225611

* bsc#1225732

* bsc#1225737

* bsc#1225749

* bsc#1225840

* bsc#1225866

* bsc#1226145

* bsc#1226211

* bsc#1226212

* bsc#1226270

* bsc#1226587

* bsc#1226595

* bsc#1226634

* bsc#1226758

* bsc#1226785

* bsc#1226786

* bsc#1226789

* bsc#1226953

* bsc#1226962

Cross-

* CVE-2021-47555

* CVE-2021-47571

* CVE-2023-24023

* CVE-2023-52670

* CVE-2023-52752

* CVE-2023-52837

* CVE-2023-52846

* CVE-2023-52881

* CVE-2024-26745

* CVE-2024-26923

* CVE-2024-35789

* CVE-2024-35861

* CVE-2024-35862

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2495-1
Rating: important

Topics%20covered

Topics Covered

security advisory kernel update security fix Linux kernel important advisory openSUSE Leap CVE scores

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here