Alerts This Week
Warning Icon 1 938
Alerts This Week
Warning Icon 1 938

SUSE: 2024:3467-1 important: Linux Kernel 8 security fixes

suse
Calendar Grey September 27, 2024
Dist Suse Esm H88
SUSE issues critical Linux Kernel notice targeting various vulnerabilities and necessary enhancements. Apply without delay.
* bsc#1202346 * bsc#1227985 * bsc#1228002 * bsc#1228938 * bsc#1228959

Summary

## The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002) * CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657). * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) The following non-security bugs were fixed: * fuse: fix SetPageUptodate() condition in STORE (bsc#1229456).

Topics%20covered

Topics Covered

security advisory update buffer overflow security fix SUSE important issue Linux Kernel

References

* bsc#1202346

* bsc#1227985

* bsc#1228002

* bsc#1228938

* bsc#1228959

* bsc#1229454

* bsc#1229456

* bsc#1229503

* bsc#1229657

* bsc#1229707

Cross-

* CVE-2022-20368

* CVE-2022-48791

* CVE-2022-48839

* CVE-2022-48919

* CVE-2024-42232

* CVE-2024-43882

* CVE-2024-43883

* CVE-2024-44947

CVSS scores:

* CVE-2022-20368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-20368 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48791 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48919 ( SUSE ): 7.1

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:3467-1
Rating: important

Topics%20covered

Topics Covered

security advisory update buffer overflow security fix SUSE important issue Linux Kernel

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here