| Description: | Summary:
The remote host is missing an update for the 'the Linux Kernel' package(s) announced via the SUSE-SU-2024:2939-1 advisory.
Vulnerability Insight:
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952).
- CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958).
- CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
- CVE-2021-47186: tipc: check for null after calling kmemdup (bsc#1222702).
- CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391).
- CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426).
- CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448).
- CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452).
- CVE-2021-47546: ipv6: fix memory leak in fib6_rule_suppress (bsc#1225504).
- CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505).
- CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389).
- CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net() (bsc#1226568).
- CVE-2021-47590: mptcp: fix deadlock in __mptcp_push_pending() (bsc#1226565).
- CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570).
- CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets (bsc#1226551).
- CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1226574).
- CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571).
- CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a check on len. (bsc#1226555).
- CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919).
- CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678).
- CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() (bsc#1227927)
- CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path (bsc#1227936).
- CVE-2022-48850: net-sysfs: add check for netdevice being present to speed_show (bsc#1228071).
- CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
- CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference (bsc#1220869).
- CVE-2023-52580: net/core: Fix ETH_P_1588 flow dissector (bsc#1220876).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52658: Revert 'net/mlx5: Block entering switchdev mode with ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'the Linux Kernel' package(s) on openSUSE Leap 15.5.
Solution:
Please install the updated package(s).
CVSS Score:
6.8
CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C
|
