SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:0855-1)

high Nessus Plugin ID 192006

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0855-1 advisory.

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2023-6270: Fixed a use-after-free bug in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933).
- CVE-2023-52462: Fixed a security check for attempt to corrupt spilled pointer (bsc#1220325).
- CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433).
- CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
- CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930).
- CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736).
- CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254).
- CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255).
- CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
- CVE-2023-52340: Fixed ICMPv6 Packet Too Big packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295).
- CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915).
- CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195).
- CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825).
- CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
- CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257).
- CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350).
- CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364).
- CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250).
- CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
- CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
- CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457).
- CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326).
- CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335).
- CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
- CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140).
- CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240).
- CVE-2024-26593: Fixed block process call transactions (bsc#1220009).
- CVE-2024-26586: Fixed stack corruption (bsc#1220243).
- CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344).
- CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
- CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253).
- CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835).
- CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216).
- CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127).
- CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827).
- CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146).

The following non-security bugs were fixed:

- ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events (git-fixes).
- ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A (git-fixes).
- ACPI: extlog: fix NULL pointer dereference check (git-fixes).
- ACPI: resource: Add ASUS model S5402ZA to quirks (git-fixes).
- ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA (git-fixes).
- ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA (git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3 (git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and iMac12,2 (git-fixes).
- ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e (3371 AMD version) (git-fixes).
- ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop (git-fixes).
- afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git-fixes).
- afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes).
- afs: Hide silly-rename files from userspace (git-fixes).
- afs: Increase buffer size in afs_update_volume_status() (git-fixes).
- ahci: asm1166: correct count of reported ports (git-fixes).
- ALSA: Drop leftover snd-rtctimer stuff from Makefile (git-fixes).
- ALSA: firewire-lib: fix to check cycle continuity (git-fixes).
- ALSA: hda/conexant: Add quirk for SWS JS201D (git-fixes).
- ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads (git-fixes).
- ALSA: hda/realtek: cs35l41: Fix device ID / model name (git-fixes).
- ALSA: hda/realtek: cs35l41: Fix order and duplicates in quirks table (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL (git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LED For HP mt645 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power (git-fixes).
- ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 (git-fixes).
- ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter (git-fixes).
- ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision (git-fixes).
- ALSA: usb-audio: add quirk for RODE NT-USB+ (git-fixes).
- ALSA: usb-audio: Check presence of valid altsetting control (git-fixes).
- ALSA: usb-audio: Ignore clock selector errors for single connection (git-fixes).
- ALSA: usb-audio: More relaxed check of MIDI jack names (git-fixes).
- ALSA: usb-audio: Sort quirk table entries (git-fixes).
- arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD (bsc#1219443)
- arm64: entry: Preserve/restore X29 even for compat tasks (bsc#1219443)
- arm64: entry: Simplify tramp_alias macro and tramp_exit routine (bsc#1219443)
- arm64: errata: Add Cortex-A510 speculative unprivileged load (bsc#1219443) Enable workaround.
- arm64: errata: Add Cortex-A520 speculative unprivileged load (bsc#1219443) Enable workaround without kABI break.
- arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2 (git-fixes) Enable AMPERE_ERRATUM_AC03_CPU_38 workaround without kABI break
- arm64: irq: set the correct node for shadow call stack (git-fixes)
- arm64: irq: set the correct node for VMAP stack (git-fixes)
- arm64: Rename ARM64_WORKAROUND_2966298 (bsc#1219443)
- arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata (git-fixes)
- ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument (git-fixes).
- ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() (git-fixes).
- ASoC: SOF: IPC3: fix message bounds on ipc ops (git-fixes).
- ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616 (git-fixes).
- atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes).
- Bluetooth: Avoid potential use-after-free in hci_error_reset (git-fixes).
- Bluetooth: Enforce validation on max value of connection interval (git-fixes).
- Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST (git-fixes).
- Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR (git-fixes).
- Bluetooth: hci_sync: Check the correct flag before starting a scan (git-fixes).
- Bluetooth: hci_sync: Fix accept_list when attempting to suspend (git-fixes).
- Bluetooth: L2CAP: Fix possible multiple reject send (git-fixes).
- Bluetooth: qca: Fix wrong event type for patch config command (git-fixes).
- bpf: Fix verification of indirect var-off stack access (git-fixes).
- bpf: Fix verification of indirect var-off stack access (git-fixes).
- bpf: Guard stack limits against 32bit overflow (git-fixes).
- bpf: Guard stack limits against 32bit overflow (git-fixes).
- bpf: Minor logging improvement (bsc#1220257).
- bus: moxtet: Add spi device table (git-fixes).
- cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267).
- can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) (git-fixes).
- crypto: api - Disallow identical driver names (git-fixes).
- crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes).
- crypto: octeontx2 - Fix cptvf driver cleanup (git-fixes).
- crypto: stm32/crc32 - fix parsing list of devices (git-fixes).
- dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA (git-fixes).
- dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read (git-fixes).
- dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes).
- dmaengine: fsl-qdma: init irq after reg initialization (git-fixes).
- dmaengine: ptdma: use consistent DMA masks (git-fixes).
- dmaengine: shdma: increase size of 'dev_id' (git-fixes).
- dmaengine: ti: edma: Add some null pointer checks to the edma_probe (git-fixes).
- driver core: Fix device_link_flag_is_sync_state_only() (git-fixes).
- drm/amd/display: Fix memory leak in dm_sw_fini() (git-fixes).
- drm/amd/display: Fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes).
- drm/amd/display: Fix possible NULL dereference on device remove/driver unload (git-fixes).
- drm/amd/display: Increase frame-larger-than for all display_mode_vba files (git-fixes).
- drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes).
- drm/amd/display: Preserve original aspect ratio in create stream (git-fixes).
- drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes).
- drm/amdgpu: skip to program GFXDEC registers for suspend abort (git-fixes).
- drm/amdgpu/display: Initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes).
- drm/buddy: fix range bias (git-fixes).
- drm/crtc: fix uninitialized variable use even harder (git-fixes).
- drm/i915/gvt: Fix uninitialized variable in handle_mmio() (git-fixes).
- drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case (git-fixes).
- drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git-fixes).
- drm/msms/dp: fixed link clock divider bits be over written in BPC unknown case (git-fixes).
- drm/prime: Support page array >= 4GB (git-fixes).
- drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set (git-fixes).
- drm/ttm: Fix an invalid freeing on already freed page in error path (git-fixes).
- efi: Do not add memblocks for soft-reserved memory (git-fixes).
- efi: runtime: Fix potential overflow of soft-reserved region size (git-fixes).
- efi/capsule-loader: fix incorrect allocation size (git-fixes).
- fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes).
- fbdev: savage: Error out if pixclock equals zero (git-fixes).
- fbdev: sis: Error out if pixclock equals zero (git-fixes).
- firewire: core: send bus reset promptly on gap count error (git-fixes).
- fs: dlm: fix build with CONFIG_IPV6 disabled (git-fixes).
- fs: JFS: UBSAN: array-index-out-of-bounds in dbAdjTree (git-fixes).
- gpio: 74x164: Enable output pins after registers are reset (git-fixes).
- gpio: fix resource unwinding order in error path (git-fixes).
- gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 (git-fixes).
- gpiolib: Fix the error path order in gpiochip_add_data_with_key() (git-fixes).
- HID: apple: Add 2021 magic keyboard FN key mapping (git-fixes).
- HID: apple: Add support for the 2021 Magic Keyboard (git-fixes).
- HID: wacom: Do not register input devices until after hid_hw_start (git-fixes).
- HID: wacom: generic: Avoid reporting a serial of '0' to userspace (git-fixes).
- hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes).
- hwmon: (coretemp) Enlarge per package core count limit (git-fixes).
- hwmon: (coretemp) Fix bogus core_id to attr name mapping (git-fixes).
- hwmon: (coretemp) Fix out-of-bounds memory access (git-fixes).
- i2c: i801: Fix block process call transactions (git-fixes).
- i2c: i801: Remove i801_set_block_buffer_mode (git-fixes).
- i2c: imx: Add timer for handling the stop condition (git-fixes).
- i2c: imx: when being a target, mark the last read as processed (git-fixes).
- i3c: master: cdns: Update maximum prescaler value for i2c clock (git-fixes).
- IB/hfi1: Fix a memleak in init_credit_return (git-fixes)
- IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (git-fixes)
- iio: accel: bma400: Fix a compilation problem (git-fixes).
- iio: adc: ad7091r: Set alert bit in config register (git-fixes).
- iio: core: fix memleak in iio_device_register_sysfs (git-fixes).
- iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP (git-fixes).
- iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC (git-fixes).
- Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes).
- Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes).
- Input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes).
- Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes).
- Input: iqs269a - switch to DEFINE_SIMPLE_DEV_PM_OPS() and pm_sleep_ptr() (git-fixes).
- Input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes).
- Input: pm8941-pwrkey - add software key press debouncing support (git-fixes).
- Input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes).
- Input: xpad - add Lenovo Legion Go controllers (git-fixes).
- Input: xpad - add Lenovo Legion Go controllers (git-fixes).
- irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update (git-fixes).
- irqchip/irq-brcmstb-l2: Add write memory barrier before exit (git-fixes).
- jfs: fix array-index-out-of-bounds in dbAdjTree (git-fixes).
- jfs: fix array-index-out-of-bounds in diNewExt (git-fixes).
- jfs: fix slab-out-of-bounds Read in dtSearch (git-fixes).
- jfs: fix uaf in jfs_evict_inode (git-fixes).
- kbuild: Fix changing ELF file type for output of gen_btf for big endian (git-fixes).
- KVM: s390: fix cc for successful PQAP (git-fixes bsc#1219839).
- KVM: s390: fix setting of fpc register (git-fixes bsc#1220392).
- KVM: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393).
- KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes).
- KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git-fixes).
- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-commit).
- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).
- leds: trigger: panic: Do not register panic notifier if creating the trigger failed (git-fixes).
- lib/stackdepot: add depot_fetch_stack helper (jsc-PED#7423).
- lib/stackdepot: add refcount for records (jsc-PED#7423).
- lib/stackdepot: Fix first entry having a 0-handle (jsc-PED#7423).
- lib/stackdepot: Move stack_record struct definition into the header (jsc-PED#7423).
- libsubcmd: Fix memory leak in uniq() (git-fixes).
- md: Do not ignore suspended array in md_check_recovery() (git-fixes).
- md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() (git-fixes).
- md: introduce md_ro_state (git-fixes).
- md: Make sure md_do_sync() will set MD_RECOVERY_DONE (git-fixes).
- md: Whenassemble the array, consult the superblock of the freshest device (git-fixes).
- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes).
- md/raid5: release batch_last before waiting for another stripe_head (git-fixes).
- md/raid6: use valid sector values to determine if an I/O should wait on the reshape (git-fixes).
- media: ddbridge: fix an error code problem in ddb_probe (git-fixes).
- media: ir_toy: fix a memleak in irtoy_tx (git-fixes).
- media: rc: bpf attach/detach requires write permission (git-fixes).
- media: rockchip: rga: fix swizzling for RGB formats (git-fixes).
- media: stk1160: Fixed high volume of stk1160_dbg messages (git-fixes).
- mfd: syscon: Fix null pointer dereference in of_syscon_register() (git-fixes).
- mm,page_owner: Display all stacks and their count (jsc-PED#7423).
- mm,page_owner: Filter out stacks by a threshold (jsc-PED#7423).
- mm,page_owner: Implement the tracking of the stacks count (jsc-PED#7423).
- mm,page_owner: Maintain own list of stack_records structs (jsc-PED#7423).
- mm,page_owner: Update Documentation regarding page_owner_stacks (jsc-PED#7423).
- mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes).
- mm/hwpoison: fix unpoison_memory() (bsc#1218663).
- mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663).
- mm/hwpoison: remove MF_MSG_BUDDY_2ND and MF_MSG_POISONED_HUGE (bsc#1218663).
- mmc: core: Fix eMMC initialization with 1-bit bus connection (git-fixes).
- mmc: core: Use mrq.sbc in close-ended ffu (git-fixes).
- mmc: mmc_spi: remove custom DMA mapped buffers (git-fixes).
- mmc: sdhci-xenon: add timeout for PHY init complete (git-fixes).
- mmc: sdhci-xenon: fix PHY init clock stability (git-fixes).
- mmc: slot-gpio: Allow non-sleeping GPIO ro (git-fixes).
- modpost: trim leading spaces when processing source files list (git-fixes).
- mtd: spinand: gigadevice: Fix the get ecc status issue (git-fixes).
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
- netfs, fscache: Prevent Oops in fscache_put_cache() (bsc#1220003).
- nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes).
- nilfs2: replace WARN_ONs for invalid DAT metadata block requests (git-fixes).
- nouveau: fix function cast warnings (git-fixes).
- nouveau/svm: fix kvcalloc() argument order (git-fixes).
- ntfs: check overflow when iterating ATTR_RECORDs (git-fixes).
- ntfs: fix use-after-free in ntfs_attr_find() (git-fixes).
- nvme-fabrics: fix I/O connect error handling (git-fixes).
- nvme-host: fix the updating of the firmware version (git-fixes).
- PCI: Add no PM reset quirk for NVIDIA Spectrum devices (git-fixes).
- PCI: Add PCI_HEADER_TYPE_MFD definition (bsc#1220021).
- PCI: Fix 64GT/s effective data rate calculation (git-fixes).
- PCI: Only override AMD USB controller if required (git-fixes).
- PCI: switchtec: Fix stdev_release() crash after surprise hot remove (git-fixes).
- PCI/AER: Decode Requester ID when no error info found (git-fixes).
- platform/x86: thinkpad_acpi: Only update profile if successfully converted (git-fixes).
- platform/x86: touchscreen_dmi: Add info for the TECLAST X16 Plus tablet (git-fixes).
- platform/x86: touchscreen_dmi: Allow partial (prefix) matches for ACPI names (git-fixes).
- PM: core: Remove unnecessary (void *) conversions (git-fixes).
- PM: runtime: Have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes).
- PNP: ACPI: fix fortify warning (git-fixes).
- power: supply: bq27xxx-i2c: Do not free non existing IRQ (git-fixes).
- powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869).
- powerpc: Do not include lppaca.h in paca.h (bsc#1194869).
- powerpc/64: Set task pt_regs->link to the LR value on scv entry (bsc#1194869).
- powerpc/powernv: Fix fortify source warnings in opal-prd.c (bsc#1194869).
- powerpc/pseries: Add a clear modifier to ibm,pa/pi-features parser (bsc#1220348).
- powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT (bsc#1194869).
- powerpc/pseries: Set CPU_FTR_DBELL according to ibm,pi-features (bsc#1220348).
- powerpc/watchpoint: Disable pagefaults when getting user instruction (bsc#1194869).
- powerpc/watchpoints: Annotate atomic context in more places (bsc#1194869).
- powerpc/watchpoints: Disable preemption in thread_change_pc() (bsc#1194869).
- pstore/ram: Fix crash when setting number of cpus to an odd number (git-fixes).
- RAS: Introduce a FRU memory poison manager (jsc#PED-7618).
- RAS/AMD/ATL: Add MI300 row retirement support (jsc#PED-7618).
- RAS/AMD/ATL: Fix bit overflow in denorm_addr_df4_np2() (git-fixes).
- RDMA/bnxt_re: Add a missing check in bnxt_qplib_query_srq (git-fixes)
- RDMA/bnxt_re: Return error for SRQ resize (git-fixes)
- RDMA/core: Fix uninit-value access in ib_get_eth_speed() (bsc#1219934).
- RDMA/core: Get IB width and speed from netdev (bsc#1219934).
- RDMA/irdma: Add AE for too many RNRS (git-fixes)
- RDMA/irdma: Fix KASAN issue with tasklet (git-fixes)
- RDMA/irdma: Set the CQ read threshold for GEN 1 (git-fixes)
- RDMA/irdma: Validate max_send_wr and max_recv_wr (git-fixes)
- RDMA/qedr: Fix qedr_create_user_qp error flow (git-fixes)
- RDMA/srpt: fix function pointer cast warnings (git-fixes)
- RDMA/srpt: Support specifying the srpt_service_guid parameter (git-fixes)
- regulator: core: Only increment use_count when enable_count changes (git-fixes).
- regulator: pwm-regulator: Add validity checks in continuous .get_voltage (git-fixes).
- Revert 'drm/amd: flush any delayed gfxoff on suspend entry' (git-fixes).
- Revert 'drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz' (git-fixes).
- Revert 'drm/amd/pm: resolve reboot exception for si oland' (git-fixes).
- ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).
- s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317).
- s390/qeth: Fix potential loss of L3-IP@ in case of network issues (git-fixes bsc#1219840).
- sched/membarrier: reduce the ability to hammer on sys_membarrier (git-fixes).
- scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler (git-fixes).
- scsi: core: Move scsi_host_busy() out of host lock if it is for per-command (git-fixes).
- scsi: fnic: Move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141).
- scsi: hisi_sas: Prevent parallel FLR and controller reset (git-fixes).
- scsi: ibmvfc: Limit max hw queues by num_online_cpus() (bsc#1220106).
- scsi: ibmvfc: Open-code reset loop for target reset (bsc#1220106).
- scsi: isci: Fix an error code problem in isci_io_request_build() (git-fixes).
- scsi: lpfc: Add condition to delete ndlp object after sending BLS_RJT to an ABTS (bsc#1220021).
- scsi: lpfc: Allow lpfc_plogi_confirm_nport() logic to execute for Fabric nodes (bsc#1220021).
- scsi: lpfc: Change lpfc_vport fc_flag member into a bitmask (bsc#1220021).
- scsi: lpfc: Change lpfc_vport load_flag member into a bitmask (bsc#1220021).
- scsi: lpfc: Change nlp state statistic counters into atomic_t (bsc#1220021).
- scsi: lpfc: Copyright updates for 14.4.0.0 patches (bsc#1220021).
- scsi: lpfc: Fix failure to delete vports when discovery is in progress (bsc#1220021).
- scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021).
- scsi: lpfc: Initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021).
- scsi: lpfc: Move handling of reset congestion statistics events (bsc#1220021).
- scsi: lpfc: Protect vport fc_nodes list with an explicit spin lock (bsc#1220021).
- scsi: lpfc: Remove D_ID swap log message from trace event logger (bsc#1220021).
- scsi: lpfc: Remove NLP_RCV_PLOGI early return during RSCN processing for ndlps (bsc#1220021).
- scsi: lpfc: Remove shost_lock protection for fc_host_port shost APIs (bsc#1220021).
- scsi: lpfc: Replace deprecated strncpy() with strscpy() (bsc#1220021).
- scsi: lpfc: Save FPIN frequency statistics upon receipt of peer cgn notifications (bsc#1220021).
- scsi: lpfc: Update lpfc version to 14.4.0.0 (bsc#1220021).
- scsi: lpfc: Use PCI_HEADER_TYPE_MFD instead of literal (bsc#1220021).
- scsi: lpfc: Use sg_dma_len() API to get struct scatterlist's length (bsc#1220021).
- scsi: mpi3mr: Refresh sdev queue depth after controller reset (git-fixes).
- scsi: Revert 'scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock' (git-fixes bsc#1219141).
- serial: 8250: Remove serial_rs485 sanitization from em485 (git-fixes).
- spi-mxs: Fix chipselect glitch (git-fixes).
- spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected (git-fixes).
- spi: ppc4xx: Drop write-only variable (git-fixes).
- spi: sh-msiof: avoid integer overflow in constants (git-fixes).
- staging: iio: ad5933: fix type mismatch regression (git-fixes).
- tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450).
- tomoyo: fix UAF write bug in tomoyo_write_control() (git-fixes).
- topology: Fix up build warning in topology_is_visible() (jsc#PED-7618).
- topology/sysfs: Add format parameter to macro defining 'show' functions for proc (jsc#PED-7618).
- topology/sysfs: Add PPIN in sysfs under cpu topology (jsc#PED-7618).
- topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618).
- tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
- tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes).
- tracing/probes: Fix to show a parse error for bad type for $comm (git-fixes).
- tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE (git-fixes).
- UBSAN: array-index-out-of-bounds in dtSplitRoot (git-fixes).
- usb: cdns: readd old API (git-fixes).
- usb: cdns3: fix memory double free when handle zero packet (git-fixes).
- usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git-fixes).
- usb: cdns3: Modify the return value of cdns_set_active () to void when CONFIG_PM_SLEEP is disabled (git- fixes).
- usb: cdns3: Put the cdns set active part outside the spin lock (git-fixes).
- usb: cdnsp: blocked some cdns3 specific code (git-fixes).
- usb: cdnsp: fixed issue with incorrect detecting CDNSP family controllers (git-fixes).
- usb: dwc3: gadget: Do not disconnect if not started (git-fixes).
- usb: dwc3: gadget: Handle EP0 request dequeuing properly (git-fixes).
- usb: dwc3: gadget: Ignore End Transfer delay on teardown (git-fixes).
- usb: dwc3: gadget: Queue PM runtime idle on disconnect event (git-fixes).
- usb: dwc3: gadget: Refactor EP0 forced stall/restart into a separate API (git-fixes).
- usb: dwc3: gadget: Submit endxfer command if delayed during disconnect (git-fixes).
- usb: dwc3: host: Set XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes).
- usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes).
- usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes).
- usb: gadget: core: Add missing kerneldoc for vbus_work (git-fixes).
- usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes).
- usb: Gadget: core: Help prevent panic during UVC unconfigure (git-fixes).
- usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes).
- usb: gadget: f_hid: fix report descriptor allocation (git-fixes).
- usb: gadget: Fix obscure lockdep violation for udc_mutex (git-fixes).
- usb: gadget: Fix use-after-free Read in usb_udc_uevent() (git-fixes).
- usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes).
- usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs (git-fixes).
- usb: gadget: udc: core: Offload usb_udc_vbus_handler processing (git-fixes).
- usb: gadget: udc: core: Prevent soft_connect_store() race (git-fixes).
- usb: gadget: udc: Handle gadget_connect failure during bind operation (git-fixes).
- usb: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT (bsc#1218527).
- usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes).
- usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes).
- usb: roles: do not get/set_role() when usb_role_switch is unregistered (git-fixes).
- usb: roles: fix NULL pointer issue when put module's reference (git-fixes).
- usb: serial: cp210x: add ID for IMST iM871A-USB (git-fixes).
- usb: serial: option: add Fibocom FM101-GL variant (git-fixes).
- usb: serial: qcserial: add new usb-id for Dell Wireless DW5826e (git-fixes).
- watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 (git-fixes).
- wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range (git-fixes).
- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes).
- wifi: cfg80211: fix missing interfaces when dumping (git-fixes).
- wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update (git-fixes).
- wifi: cfg80211: free beacon_ies when overridden from hidden BSS (git-fixes).
- wifi: iwlwifi: Fix some error codes (git-fixes).
- wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes).
- wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git-fixes).
- wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes).
- wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes).
- wifi: nl80211: reject iftype change with mesh ID change (git-fixes).
- wifi: rt2x00: restart beacon queue when hardware reset (git-fixes).
- wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices (git-fixes).
- wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes).
- wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes).
- x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes).
- x86/bugs: Add asm helpers for executing VERW (git-fixes).
- x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git-fixes). Also add mds_user_clear to kABI severities since it's strictly mitigation related so should be low risk.
- x86/cpu: X86_FEATURE_INTEL_PPIN finally had a CPUID bit (jsc#PED-7618).
- x86/entry_32: Add VERW just before userspace transition (git-fixes).
- x86/entry_64: Add VERW just before userspace transition (git-fixes).
- x86/mm: Fix memory encryption features advertisement (bsc#1206453).
- xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes).
- xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 192006

File Name: suse_SU-2024-0855-1.nasl

Version: 1.4

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 3/13/2024

Updated: 7/10/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-26598

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-source-azure, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-devel-azure, p-cpe:/a:novell:suse_linux:kernel-azure, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/12/2024

Vulnerability Publication Date: 9/27/2023

Reference Information

CVE: CVE-2019-25162, CVE-2021-46923, CVE-2021-46924, CVE-2021-46932, CVE-2021-46934, CVE-2021-47083, CVE-2022-48627, CVE-2022-48628, CVE-2023-5197, CVE-2023-52340, CVE-2023-52429, CVE-2023-52439, CVE-2023-52443, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451, CVE-2023-52452, CVE-2023-52456, CVE-2023-52457, CVE-2023-52462, CVE-2023-52463, CVE-2023-52464, CVE-2023-52467, CVE-2023-52475, CVE-2023-52478, CVE-2023-52482, CVE-2023-52530, CVE-2023-52531, CVE-2023-52559, CVE-2023-6270, CVE-2023-6817, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23850, CVE-2024-23851, CVE-2024-25744, CVE-2024-26585, CVE-2024-26586, CVE-2024-26589, CVE-2024-26591, CVE-2024-26593, CVE-2024-26595, CVE-2024-26598, CVE-2024-26602, CVE-2024-26603, CVE-2024-26607, CVE-2024-26622

SuSE: SUSE-SU-2024:0855-1

Detections

Analytics