| Description: | Summary:
The remote host is missing an update for the 'the Linux Kernel' package(s) announced via the SUSE-SU-2024:2973-1 advisory.
Vulnerability Insight:
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-38417: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225600).
- CVE-2023-47210: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225601).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2023-52458: Fixed check that partition length needs to be aligned with block size (bsc#1220428).
- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).
- CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52631: Fixed an NULL dereference bug (bsc#1222264 CVE-2023-52631).
- CVE-2023-52640: Fixed out-of-bounds in ntfs_listxattr (bsc#1222301).
- CVE-2023-52641: Fixed NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)
- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187).
- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
- CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type (bsc#1224442)
- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (CVE-2023-52698 bsc#1224621)
- CVE-2023-52699: sysv: don't call sb_bread() with pointers_lock held (bsc#1224659).
- CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
- CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race (bsc#1225007).
- CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor() (bsc#1224989).
- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
- CVE-2023-52786: ext4: fix racy may inline data check in dio write (bsc#1224939).
- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2023-52855: ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'the Linux Kernel' package(s) on openSUSE Leap 15.6.
Solution:
Please install the updated package(s).
CVSS Score:
6.8
CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C
|
