Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

SUSE Linux 11 SP4: 2024:3617-1 Moderate Update for Kernel Fixes

suse
Calendar Grey October 14, 2024
Dist Suse Esm H88
SUSE Linux releases vital updates for kernel security, tackling severe vulnerabilities. It provides installation instructions for users.
* bsc#1214298 * bsc#1226606 * bsc#1227764 * bsc#1228487 * bsc#1228654

Summary

## The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606). * CVE-2024-40902: jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227764). * CVE-2024-42104: nilfs2: add missing check for inode numbers on directory entries (bsc#1228654). * CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). The following non-security bugs were fixed: * alarmtimer: Lock k_itimer during timer callback (bsc#1214298). * alarmtimers: Add alarm_forward functionality (bsc#1214298).

Topics%20covered

Topics Covered

security advisory security update moderate severity kernel fix SUSE Linux

References

* bsc#1214298

* bsc#1226606

* bsc#1227764

* bsc#1228487

* bsc#1228654

* bsc#1230434

Cross-

* CVE-2024-38538

* CVE-2024-40902

* CVE-2024-42104

* CVE-2024-42148

* CVE-2024-45021

CVSS scores:

* CVE-2024-38538 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

* CVE-2024-38538 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

* CVE-2024-40902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2024-40902 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-42104 ( SUSE ): 6.9

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2024-42104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

* CVE-2024-42104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Announcement ID: SUSE-SU-2024:3617-1
Release Date: 2024-10-14T12:07:08Z
Rating: moderate

Topics%20covered

Topics Covered

security advisory security update moderate severity kernel fix SUSE Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here