| Description: | Summary:
The remote host is missing an update for the 'the Linux Kernel' package(s) announced via the SUSE-SU-2024:3194-1 advisory.
Vulnerability Insight:
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-41062: Sync sock recv cb and release (bsc#1228576).
- CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326).
- CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315).
- CVE-2024-43911: Fix NULL dereference at band check in starting tx ba session (bsc#1229827).
- CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
- CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481).
- CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495).
- CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808).
- CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720).
- CVE-2024-36270: Fix reference in patches.suse/netfilter-tproxy-bail-out-if-IP-has-been-disabled-on.patch (bsc#1226798)
- CVE-2024-36881: Reset ptes when close() for wr-protected ones (bsc#1225718).
- CVE-2024-42316: Fix div-by-zero in vmpressure_calc_level() (bsc#1229353).
- CVE-2024-43855: Fix deadlock between mddev_suspend and flush bio (bsc#1229342,).
- CVE-2024-43864: Fix CT entry update leaks of modify header context (bsc#1229496)
- CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
- CVE-2024-42109: Unconditionally flush pending work before notifier (bsc#1228505)
- CVE-2024-41084: Avoid null pointer dereference in region lookup (bsc#1228472)
- CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
- CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623)
- CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874)
- CVE-2024-27079: Add kABI workaround patch (bsc#1223742).
- CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427).
- CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510).
- CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415).
- CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803).
- CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335).
- CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967).
- CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-26809: Release elements in clone only from destroy path (bsc#1222633).
- CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877).
- CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297).
- CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535).
- CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374).
- CVE-2024-42268: Fix missing ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'the Linux Kernel' package(s) on openSUSE Leap 15.6.
Solution:
Please install the updated package(s).
CVSS Score:
9.0
CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C
|
