Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

openSUSE 15.4: SUSE-SU-2024:4346-1 important: kernel security fix

suse
Calendar Grey December 17, 2024
Dist Suse Esm H88
SUSE reveals significant enhancements to the Linux Kernel tackling various vulnerabilities and implementing improvements for enhanced reliability.
* bsc#1218644 * bsc#1220382 * bsc#1221309 * bsc#1222590 * bsc#1229808

Summary

## The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590). * CVE-2024-44932: idpf: fix UAFs when destroying the queues (bsc#1229808). * CVE-2024-44964: idpf: fix memory leaks and crashes while performing a soft reset (bsc#1230220). * CVE-2024-47757: nilfs2: fix potential oob read in nilfs_btree_check_delete() (bsc#1232187). * CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860). * CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919). * CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928). * CVE-2024-50127: net: sched: fix use-after-free in taprio_change()

Topics%20covered

Topics Covered

security advisory security update buffer overflow critical Linux kernel openSUSE

References

* bsc#1218644

* bsc#1220382

* bsc#1221309

* bsc#1222590

* bsc#1229808

* bsc#1230220

* bsc#1231646

* bsc#1232187

* bsc#1232312

* bsc#1232860

* bsc#1232907

* bsc#1232919

* bsc#1232928

* bsc#1233070

* bsc#1233214

* bsc#1233293

* bsc#1233453

* bsc#1233456

* bsc#1233463

* bsc#1233468

* bsc#1233479

* bsc#1233490

* bsc#1233491

* bsc#1233555

* bsc#1233557

* bsc#1233561

* bsc#1233977

Cross-

* CVE-2023-52922

* CVE-2024-26782

* CVE-2024-44932

* CVE-2024-44964

* CVE-2024-47757

* CVE-2024-50017

* CVE-2024-50089

* CVE-2024-50115

* CVE-2024-50125

* CVE-2024-50127

* CVE-2024-50154

* CVE-2024-50205

* CVE-2024-50259

* CVE-2024-50264

* CVE-2024-50267

* CVE-2024-50274

* CVE-2024-50279

* CVE-2024-50290

* CVE-2024-50301

* CVE-2024-50302

* CVE-2024-53061

* CVE-2024-53063

* CVE-2024-53068

CVSS scores:

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:4346-1
Release Date: 2024-12-17T08:32:55Z
Rating: important

Topics%20covered

Topics Covered

security advisory security update buffer overflow critical Linux kernel openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here