SUSE 15 SP3: 2024:3685-1 Important Linux Kernel Security Issues

suse

October 16, 2024

* bsc#1210619 * bsc#1223363 * bsc#1223683 * bsc#1225013 * bsc#1225202

Summary

## This update for the Linux Kernel 5.3.18-150300_59_161 fixes several issues. The following security issues were fixed: * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47402: Protect fl_walk() with rcu (bsc#1225301) * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex

Topics Covered

No topics assigned

References

* bsc#1210619

* bsc#1223363

* bsc#1223683

* bsc#1225013

* bsc#1225202

* bsc#1225211

* bsc#1225302

* bsc#1225310

* bsc#1225312

* bsc#1226325

* bsc#1227651

* bsc#1228573

Cross-

* CVE-2021-47291

* CVE-2021-47378

* CVE-2021-47383

* CVE-2021-47402

* CVE-2023-1829

* CVE-2024-26828

* CVE-2024-26923

* CVE-2024-27398

* CVE-2024-35861

* CVE-2024-35950

* CVE-2024-36964

* CVE-2024-41059

CVSS scores:

* CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47402 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2024:3685-1

Release Date: 2024-10-16T18:04:02Z

Rating: important

Topics Covered

No topics assigned

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE 15 SP3: 2024:3685-1 Important Linux Kernel Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE 15 SP3: 2024:3685-1 Important Linux Kernel Security Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!