SUSE: 2024:3710-1 Important: Linux Kernel Live Patch 14 Security Advisory

suse

October 17, 2024

* bsc#1223363 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225312

Summary

## This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues. The following security issues were fixed: * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013).

Topics Covered

No topics assigned

References

* bsc#1223363

* bsc#1223683

* bsc#1225013

* bsc#1225099

* bsc#1225312

* bsc#1225739

* bsc#1226325

* bsc#1228573

* bsc#1228786

Cross-

* CVE-2023-52846

* CVE-2024-26828

* CVE-2024-26923

* CVE-2024-27398

* CVE-2024-35861

* CVE-2024-36899

* CVE-2024-36964

* CVE-2024-40954

* CVE-2024-41059

CVSS scores:

* CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

* CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2024:3710-1

Release Date: 2024-10-16T21:44:03Z

Rating: important

Topics Covered

No topics assigned

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE: 2024:3710-1 Important: Linux Kernel Live Patch 14 Security Advisory

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE: 2024:3710-1 Important: Linux Kernel Live Patch 14 Security Advisory

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!