Alerts This Week
Warning Icon 1 1,109
Alerts This Week
Warning Icon 1 1,109

DEBIAN: 2025:0387-2 critical: security update for vital vulnerabilities

suse
Calendar Grey January 27, 2025
Dist Suse Esm H88
A crucial safety patch tackling various vulnerabilities in the Linux core for SUSE. More information within.
* bsc#1220145 * bsc#1221302 * bsc#1222882 * bsc#1223059 * bsc#1223363

Summary

## This update for the Linux Kernel 5.14.21-150400_24_116 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011).

References

* bsc#1220145

* bsc#1221302

* bsc#1222882

* bsc#1223059

* bsc#1223363

* bsc#1223514

* bsc#1223521

* bsc#1223681

* bsc#1223683

* bsc#1225011

* bsc#1225012

* bsc#1225013

* bsc#1225099

* bsc#1225309

* bsc#1225310

* bsc#1225311

* bsc#1225312

* bsc#1225313

* bsc#1225733

* bsc#1225739

* bsc#1225819

* bsc#1226324

* bsc#1226325

* bsc#1226327

* bsc#1227471

* bsc#1228573

* bsc#1228786

* bsc#1229553

* bsc#1231353

* bsc#1232637

* bsc#1233712

Cross-

* CVE-2021-47598

* CVE-2022-48651

* CVE-2022-48662

* CVE-2022-48956

* CVE-2023-52752

* CVE-2023-52846

* CVE-2024-23307

* CVE-2024-26610

* CVE-2024-26766

* CVE-2024-26828

* CVE-2024-26852

* CVE-2024-26923

* CVE-2024-26930

* CVE-2024-27398

* CVE-2024-35817

* CVE-2024-35861

* CVE-2024-35862

* CVE-2024-35863

* CVE-2024-35864

* CVE-2024-35867

* CVE-2024-35905

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:0248-1
Release Date: 2025-01-27T12:04:21Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here