Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

SUSE 15 SP4: 2025:0150-1 critical: kernel live patch for security issues

suse
Calendar Grey January 16, 2025
Dist Suse Esm H88
Critical enhancement released for the Linux Kernel addressing 29 vulnerabilities, featuring an important fix for SUSE platforms.
* bsc#1220145 * bsc#1221302 * bsc#1222882 * bsc#1223059 * bsc#1223363

Summary

## This update for the Linux Kernel 5.14.21-150400_24_116 fixes several issues. The following security issues were fixed: * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in

Topics%20covered

Topics Covered

security advisory kernel patch memory leak system update SUSE important fix use after free

References

* bsc#1220145

* bsc#1221302

* bsc#1222882

* bsc#1223059

* bsc#1223363

* bsc#1223514

* bsc#1223521

* bsc#1223681

* bsc#1223683

* bsc#1225011

* bsc#1225012

* bsc#1225013

* bsc#1225099

* bsc#1225309

* bsc#1225310

* bsc#1225311

* bsc#1225312

* bsc#1225313

* bsc#1225733

* bsc#1225739

* bsc#1225819

* bsc#1226325

* bsc#1226327

* bsc#1227471

* bsc#1228573

* bsc#1228786

* bsc#1229553

* bsc#1231353

* bsc#1232637

* bsc#1233712

Cross-

* CVE-2021-47598

* CVE-2022-48651

* CVE-2022-48662

* CVE-2022-48956

* CVE-2023-52752

* CVE-2023-52846

* CVE-2024-23307

* CVE-2024-26610

* CVE-2024-26766

* CVE-2024-26828

* CVE-2024-26852

* CVE-2024-26923

* CVE-2024-26930

* CVE-2024-27398

* CVE-2024-35817

* CVE-2024-35861

* CVE-2024-35862

* CVE-2024-35863

* CVE-2024-35864

* CVE-2024-35867

* CVE-2024-35905

* CVE-2024-35950

Severity
critical
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0150-1
Release Date: 2025-01-16T17:33:50Z
Rating: important

Topics%20covered

Topics Covered

security advisory kernel patch memory leak system update SUSE important fix use after free

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here