| Description: | Summary:
The remote host is missing an update for the 'the Linux Kernel' package(s) announced via the SUSE-SU-2024:3561-1 advisory.
Vulnerability Insight:
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags (bsc#1221610).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900 (bsc#1230269).
- CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
- CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
- CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629).
- CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606).
- CVE-2024-38596: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (bsc#1226846).
- CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885).
- CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP (bsc#1227890).
- CVE-2024-40983: tipc: force a dst refcount before doing decryption (bsc#1227819).
- CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
- CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray (bsc#1229001).
- CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
- CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from mispredictions (bsc#1229334).
- CVE-2024-42294: block: fix deadlock between sd_remove & sd_release (bsc#1229371).
- CVE-2024-42304: ext4: make sure the first directory block is not a hole (bsc#1229364).
- CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir indexed (bsc#1229363).
- CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer (bsc#1229362).
- CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit (bsc#1229394).
- CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio reference (bsc#1229380).
- CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename() (bsc#1229389).
- CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
- CVE-2024-43898: ext4: sanity check for NULL pointer after ext4_force_shutdown (bsc#1229753).
- CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after reassembling (bsc#1229790).
- CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock() (bsc#1229810).
- CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate expect ID (bsc#1229899).
- CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015).
- CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special register set (bsc#1230180).
- CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
- CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (bsc#1230209).
- CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'the Linux Kernel' package(s) on openSUSE Leap 15.6.
Solution:
Please install the updated package(s).
CVSS Score:
6.8
CVSS Vector:
AV:L/AC:L/Au:S/C:C/I:C/A:C
|
