Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

SUSE 2024:2895-1 Important: Linux Kernel Security Fixes Announcement

suse
Calendar Grey August 13, 2024
Dist Suse Esm H88
SUSE has rolled out a kernel update, fixing 12 vulnerabilities alongside essential security improvements. Safeguard your systems immediately.
* bsc#1191958 * bsc#1197439 * bsc#1222824 * bsc#1223384 * bsc#1225431

Summary

## The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743) * CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB (bsc#1226550). * CVE-2021-47219: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() (bsc#1222824). * CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431). * CVE-2021-47600: dm btree remove: fix use after free in rebalance_children() (bsc#1226575). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-38599: jffs2: prevent xattr node from overflowing the eraseblock (bsc#1226848). * CVE-2023-52752: smb: client: fix use-after-free bug in

References

* bsc#1191958

* bsc#1197439

* bsc#1222824

* bsc#1223384

* bsc#1225431

* bsc#1225487

* bsc#1225611

* bsc#1225866

* bsc#1226550

* bsc#1226575

* bsc#1226670

* bsc#1226848

* bsc#1227154

* bsc#1228743

Cross-

* CVE-2016-20022

* CVE-2021-43389

* CVE-2021-4439

* CVE-2021-47219

* CVE-2021-47520

* CVE-2021-47580

* CVE-2021-47600

* CVE-2023-52752

* CVE-2023-52881

* CVE-2024-26923

* CVE-2024-36964

* CVE-2024-38599

* CVE-2024-42145

CVSS scores:

* CVE-2016-20022 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-43389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-43389 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:2895-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here