Detections
Analytics

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:0910-1)

high Nessus Plugin ID 192180

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0910-1 advisory.

 The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes.


 The following security bugs were fixed:

 - CVE-2019-25162: Fixed a potential use after free (bsc#1220409).
 - CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457).
 - CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459)
 - CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444)
 - CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
 - CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216).
 - CVE-2023-52340: Fixed ICMPv6 Packet Too Big packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295).
 - CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm-table.c (bsc#1219827).
 - CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140).
 - CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240).
 - CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241).
 - CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
 - CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253).
 - CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238).
 - CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250).
 - CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257).
 - CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364).
 - CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350).
 - CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
 - CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330)
 - CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649)
 - CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796)
 - CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195).
 - CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915).
 - CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835).
 - CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127).
 - CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126).
 - CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146).
 - CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927).
 - CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187).
 - CVE-2024-26586: Fixed stack corruption (bsc#1220243).
 - CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255).
 - CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254).
 - CVE-2024-26593: Fixed block process call transactions (bsc#1220009).
 - CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344).
 - CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326).
 - CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
 - CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335).
 - CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825).

 The following non-security bugs were fixed:

 - acpi: apei: set memory failure flags as mf_action_required on synchronous events (git-fixes).
 - acpi: button: add lid disable dmi quirk for nextbook ares 8a (git-fixes).
 - acpi: extlog: fix null pointer dereference check (git-fixes).
 - acpi: resource: add asus model s5402za to quirks (git-fixes).
 - acpi: resource: skip irq override on asus expertbook b1502cba (git-fixes).
 - acpi: resource: skip irq override on asus expertbook b2402cba (git-fixes).
 - acpi: video: add backlight=native dmi quirk for apple imac11,3 (git-fixes).
 - acpi: video: add backlight=native dmi quirk for apple imac12,1 and imac12,2 (git-fixes).
 - acpi: video: add backlight=native dmi quirk for lenovo thinkpad x131e (3371 amd version) (git-fixes).
 - acpi: video: add quirk for the colorful x15 at 23 laptop (git-fixes).
 - add reference to recently released cve
 - afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git-fixes).
 - afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes).
 - afs: hide silly-rename files from userspace (git-fixes).
 - afs: increase buffer size in afs_update_volume_status() (git-fixes).
 - ahci: asm1166: correct count of reported ports (git-fixes).
 - alsa: drop leftover snd-rtctimer stuff from makefile (git-fixes).
 - alsa: firewire-lib: fix to check cycle continuity (git-fixes).
 - alsa: hda/conexant: add quirk for sws js201d (git-fixes).
 - alsa: hda/realtek: apply headset jack quirk for non-bass alc287 thinkpads (git-fixes).
 - alsa: hda/realtek: cs35l41: fix device id / model name (git-fixes).
 - alsa: hda/realtek: cs35l41: fix order and duplicates in quirks table (git-fixes).
 - alsa: hda/realtek: enable headset mic on vaio vjfe-adl (git-fixes).
 - alsa: hda/realtek: enable mute led on hp laptop 14-fq0xxx (git-fixes).
 - alsa: hda/realtek: fix mute/micmute led for hp mt645 (git-fixes).
 - alsa: hda/realtek: fix mute/micmute leds for hp zbook power (git-fixes).
 - alsa: hda/realtek: fix the external mic not being recognised for acer swift 1 sf114-32 (git-fixes).
 - alsa: usb-audio: add a quirk for yamaha yit-w12tx transmitter (git-fixes).
 - alsa: usb-audio: add delay quirk for motu m series 2nd revision (git-fixes).
 - alsa: usb-audio: add quirk for rode nt-usb+ (git-fixes).
 - alsa: usb-audio: check presence of valid altsetting control (git-fixes).
 - alsa: usb-audio: ignore clock selector errors for single connection (git-fixes).
 - alsa: usb-audio: more relaxed check of midi jack names (git-fixes).
 - alsa: usb-audio: sort quirk table entries (git-fixes).
 - arm64: entry: fix arm64_workaround_speculative_unpriv_load (bsc#1219443)
 - arm64: entry: preserve/restore x29 even for compat tasks (bsc#1219443)
 - arm64: entry: simplify tramp_alias macro and tramp_exit routine (bsc#1219443)
 - arm64: errata: add cortex-a510 speculative unprivileged load (bsc#1219443) enable workaround.
 - arm64: errata: add cortex-a520 speculative unprivileged load (bsc#1219443) enable workaround without kabi break.
 - arm64: errata: mitigate ampere1 erratum ac03_cpu_38 at stage-2 (git-fixes) enable ampere_erratum_ac03_cpu_38 workaround without kabi break
 - arm64: irq: set the correct node for shadow call stack (git-fixes)
 - arm64: irq: set the correct node for vmap stack (git-fixes)
 - arm64: rename arm64_workaround_2966298 (bsc#1219443)
 - arm64: subscribe microsoft azure cobalt 100 to arm neoverse n2 errata (git-fixes)
 - asoc: doc: fix undefined snd_soc_dapm_nopm argument (git-fixes).
 - asoc: rt5645: fix deadlock in rt5645_jack_detect_work() (git-fixes).
 - asoc: sof: ipc3: fix message bounds on ipc ops (git-fixes).
 - asoc: sunxi: sun4i-spdif: add support for allwinner h616 (git-fixes).
 - atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes).
 - bluetooth: avoid potential use-after-free in hci_error_reset (git-fixes).
 - bluetooth: enforce validation on max value of connection interval (git-fixes).
 - bluetooth: hci_event: fix handling of hci_ev_io_capa_request (git-fixes).
 - bluetooth: hci_event: fix wrongly recorded wakeup bd_addr (git-fixes).
 - bluetooth: hci_sync: check the correct flag before starting a scan (git-fixes).
 - bluetooth: hci_sync: fix accept_list when attempting to suspend (git-fixes).
 - bluetooth: l2cap: fix possible multiple reject send (git-fixes).
 - bluetooth: qca: fix wrong event type for patch config command (git-fixes).
 - bpf: fix verification of indirect var-off stack access (git-fixes).
 - bpf: guard stack limits against 32bit overflow (git-fixes).
 - bpf: minor logging improvement (bsc#1220257).
 - bus: moxtet: add spi device table (git-fixes).
 - cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267).
 - can: j1939: fix uaf in j1939_sk_match_filter during setsockopt(so_j1939_filter) (git-fixes).
 - crypto: api - disallow identical driver names (git-fixes).
 - crypto: ccp - fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes).
 - crypto: octeontx2 - fix cptvf driver cleanup (git-fixes).
 - crypto: stm32/crc32 - fix parsing list of devices (git-fixes).
 - dmaengine: fsl-qdma: fix a memory leak related to the queue command dma (git-fixes).
 - dmaengine: fsl-qdma: fix soc may hang on 16 byte unaligned read (git-fixes).
 - dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes).
 - dmaengine: fsl-qdma: init irq after reg initialization (git-fixes).
 - dmaengine: ptdma: use consistent dma masks (git-fixes).
 - dmaengine: shdma: increase size of 'dev_id' (git-fixes).
 - dmaengine: ti: edma: add some null pointer checks to the edma_probe (git-fixes).
 - driver core: fix device_link_flag_is_sync_state_only() (git-fixes).
 - drm/amd/display: fix memory leak in dm_sw_fini() (git-fixes).
 - drm/amd/display: fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes).
 - drm/amd/display: fix possible null dereference on device remove/driver unload (git-fixes).
 - drm/amd/display: increase frame-larger-than for all display_mode_vba files (git-fixes).
 - drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes).
 - drm/amd/display: preserve original aspect ratio in create stream (git-fixes).
 - drm/amdgpu/display: initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes).
 - drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes).
 - drm/amdgpu: skip to program gfxdec registers for suspend abort (git-fixes).
 - drm/buddy: fix range bias (git-fixes).
 - drm/crtc: fix uninitialized variable use even harder (git-fixes).
 - drm/i915/gvt: fix uninitialized variable in handle_mmio() (git-fixes).
 - drm/msm/dp: return correct colorimetry for dp_test_dynamic_range_cea case (git-fixes).
 - drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git-fixes).
 - drm/msms/dp: fixed link clock divider bits be over written in bpc unknown case (git-fixes).
 - drm/prime: support page array >= 4gb (git-fixes).
 - drm/syncobj: call drm_syncobj_fence_add_wait when wait_available flag is set (git-fixes).
 - drm/ttm: fix an invalid freeing on already freed page in error path (git-fixes).
 - drop bcm5974 input patch causing a regression (bsc#1220030)
 - efi/capsule-loader: fix incorrect allocation size (git-fixes).
 - efi: do not add memblocks for soft-reserved memory (git-fixes).
 - efi: runtime: fix potential overflow of soft-reserved region size (git-fixes).
 - fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes).
 - fbdev: savage: error out if pixclock equals zero (git-fixes).
 - fbdev: sis: error out if pixclock equals zero (git-fixes).
 - firewire: core: send bus reset promptly on gap count error (git-fixes).
 - fs: dlm: fix build with config_ipv6 disabled (git-fixes).
 - fs:jfs:ubsan:array-index-out-of-bounds in dbadjtree (git-fixes).
 - gpio: 74x164: enable output pins after registers are reset (git-fixes).
 - gpio: fix resource unwinding order in error path (git-fixes).
 - gpiolib: acpi: ignore touchpad wakeup on gpd g1619-04 (git-fixes).
 - gpiolib: fix the error path order in gpiochip_add_data_with_key() (git-fixes).
 - hid: apple: add 2021 magic keyboard fn key mapping (git-fixes).
 - hid: apple: add support for the 2021 magic keyboard (git-fixes).
 - hid: wacom: do not register input devices until after hid_hw_start (git-fixes).
 - hid: wacom: generic: avoid reporting a serial of '0' to userspace (git-fixes).
 - hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes).
 - hwmon: (coretemp) enlarge per package core count limit (git-fixes).
 - hwmon: (coretemp) fix bogus core_id to attr name mapping (git-fixes).
 - hwmon: (coretemp) fix out-of-bounds memory access (git-fixes).
 - i2c: i801: fix block process call transactions (git-fixes).
 - i2c: i801: remove i801_set_block_buffer_mode (git-fixes).
 - i2c: imx: add timer for handling the stop condition (git-fixes).
 - i2c: imx: when being a target, mark the last read as processed (git-fixes).
 - i3c: master: cdns: update maximum prescaler value for i2c clock (git-fixes).
 - ib/hfi1: fix a memleak in init_credit_return (git-fixes)
 - ib/hfi1: fix sdma.h tx->num_descs off-by-one error (git-fixes)
 - iio: accel: bma400: fix a compilation problem (git-fixes).
 - iio: adc: ad7091r: set alert bit in config register (git-fixes).
 - iio: core: fix memleak in iio_device_register_sysfs (git-fixes).
 - iio: hid-sensor-als: return 0 for hid_usage_sensor_time_timestamp (git-fixes).
 - iio: magnetometer: rm3100: add boundary check for the value read from rm3100_reg_tmrc (git-fixes).
 - input: iqs269a - switch to define_simple_dev_pm_ops() and pm_sleep_ptr() (git-fixes).
 - input: xpad - add lenovo legion go controllers (git-fixes).
 - irqchip/irq-brcmstb-l2: add write memory barrier before exit (git-fixes).
 - jfs: fix array-index-out-of-bounds in dbadjtree (git-fixes).
 - jfs: fix array-index-out-of-bounds in dinewext (git-fixes).
 - jfs: fix slab-out-of-bounds read in dtsearch (git-fixes).
 - jfs: fix uaf in jfs_evict_inode (git-fixes).
 - kbuild: fix changing elf file type for output of gen_btf for big endian (git-fixes).
 - kvm: s390: fix cc for successful pqap (git-fixes bsc#1219839).
 - kvm: s390: fix setting of fpc register (git-fixes bsc#1220392).
 - kvm: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393).
 - kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes).
 - kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git-fixes).
 - lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-fixes).
 - leds: trigger: panic: do not register panic notifier if creating the trigger failed (git-fixes).
 - lib/stackdepot: add depot_fetch_stack helper (jsc-ped#7423).
 - lib/stackdepot: add refcount for records (jsc-ped#7423).
 - lib/stackdepot: fix first entry having a 0-handle (jsc-ped#7423).
 - lib/stackdepot: move stack_record struct definition into the header (jsc-ped#7423).
 - libsubcmd: fix memory leak in uniq() (git-fixes).
 - media: ddbridge: fix an error code problem in ddb_probe (git-fixes).
 - media: ir_toy: fix a memleak in irtoy_tx (git-fixes).
 - media: rc: bpf attach/detach requires write permission (git-fixes).
 - media: rockchip: rga: fix swizzling for rgb formats (git-fixes).
 - media: stk1160: fixed high volume of stk1160_dbg messages (git-fixes).
 - mfd: syscon: fix null pointer dereference in of_syscon_register() (git-fixes).
 - mm,page_owner: display all stacks and their count (jsc-ped#7423).
 - mm,page_owner: filter out stacks by a threshold (jsc-ped#7423).
 - mm,page_owner: implement the tracking of the stacks count (jsc-ped#7423).
 - mm,page_owner: maintain own list of stack_records structs (jsc-ped#7423).
 - mm,page_owner: update documentation regarding page_owner_stacks (jsc-ped#7423).
 - mm/hwpoison: fix unpoison_memory() (bsc#1218663).
 - mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663).
 - mm/hwpoison: remove mf_msg_buddy_2nd and mf_msg_poisoned_huge (bsc#1218663).
 - mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes).
 - mmc: core: fix emmc initialization with 1-bit bus connection (git-fixes).
 - mmc: core: use mrq.sbc in close-ended ffu (git-fixes).
 - mmc: mmc_spi: remove custom dma mapped buffers (git-fixes).
 - mmc: sdhci-xenon: add timeout for phy init complete (git-fixes).
 - mmc: sdhci-xenon: fix phy init clock stability (git-fixes).
 - mmc: slot-gpio: allow non-sleeping gpio ro (git-fixes).
 - modpost: trim leading spaces when processing source files list (git-fixes).
 - mtd: spinand: gigadevice: fix the get ecc status issue (git-fixes).
 - net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
 - netfs, fscache: prevent oops in fscache_put_cache() (bsc#1220003).
 - nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes).
 - nilfs2: replace warn_ons for invalid dat metadata block requests (git-fixes).
 - nouveau/svm: fix kvcalloc() argument order (git-fixes).
 - nouveau: fix function cast warnings (git-fixes).
 - ntfs: check overflow when iterating attr_records (git-fixes).
 - ntfs: fix use-after-free in ntfs_attr_find() (git-fixes).
 - nvme-fabrics: fix i/o connect error handling (git-fixes).
 - nvme-host: fix the updating of the firmware version (git-fixes).
 - pci/aer: decode requester id when no error info found (git-fixes).
 - pci: add no pm reset quirk for nvidia spectrum devices (git-fixes).
 - pci: add pci_header_type_mfd definition (bsc#1220021).
 - pci: fix 64gt/s effective data rate calculation (git-fixes).
 - pci: only override amd usb controller if required (git-fixes).
 - pci: switchtec: fix stdev_release() crash after surprise hot remove (git-fixes).
 - platform/x86: thinkpad_acpi: only update profile if successfully converted (git-fixes).
 - platform/x86: touchscreen_dmi: add info for the teclast x16 plus tablet (git-fixes).
 - platform/x86: touchscreen_dmi: allow partial (prefix) matches for acpi names (git-fixes).
 - pm: core: remove unnecessary (void *) conversions (git-fixes).
 - pm: runtime: have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes).
 - pnp: acpi: fix fortify warning (git-fixes).
 - power: supply: bq27xxx-i2c: do not free non existing irq (git-fixes).
 - powerpc/64: set task pt_regs->link to the lr value on scv entry (bsc#1194869).
 - powerpc/powernv: fix fortify source warnings in opal-prd.c (bsc#1194869).
 - powerpc/pseries: add a clear modifier to ibm,pa/pi-features parser (bsc#1220348).
 - powerpc/pseries: rework lppaca_shared_proc() to avoid debug_preempt (bsc#1194869).
 - powerpc/pseries: set cpu_ftr_dbell according to ibm,pi-features (bsc#1220348).
 - powerpc/watchpoint: disable pagefaults when getting user instruction (bsc#1194869).
 - powerpc/watchpoints: annotate atomic context in more places (bsc#1194869).
 - powerpc/watchpoints: disable preemption in thread_change_pc() (bsc#1194869).
 - powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869).
 - powerpc: do not include lppaca.h in paca.h (bsc#1194869).
 - pstore/ram: fix crash when setting number of cpus to an odd number (git-fixes).
 - ras/amd/atl: add mi300 row retirement support (jsc#ped-7618).
 - ras/amd/atl: fix bit overflow in denorm_addr_df4_np2() (git-fixes).
 - ras: introduce a fru memory poison manager (jsc#ped-7618).
 - rdma/bnxt_re: add a missing check in bnxt_qplib_query_srq (git-fixes)
 - rdma/bnxt_re: return error for srq resize (git-fixes)
 - rdma/core: fix uninit-value access in ib_get_eth_speed() (bsc#1219934).
 - rdma/core: get ib width and speed from netdev (bsc#1219934).
 - rdma/irdma: add ae for too many rnrs (git-fixes)
 - rdma/irdma: fix kasan issue with tasklet (git-fixes)
 - rdma/irdma: set the cq read threshold for gen 1 (git-fixes)
 - rdma/irdma: validate max_send_wr and max_recv_wr (git-fixes)
 - rdma/qedr: fix qedr_create_user_qp error flow (git-fixes)
 - rdma/srpt: fix function pointer cast warnings (git-fixes)
 - rdma/srpt: support specifying the srpt_service_guid parameter (git-fixes)
 - refresh patches.suse/dm_blk_ioctl-implement-path-failover-for-sg_io. (bsc#1216776, bsc#1220277)
 - regulator: core: only increment use_count when enable_count changes (git-fixes).
 - regulator: pwm-regulator: add validity checks in continuous .get_voltage (git-fixes).
 - revert 'drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz' (git-fixes).
 - revert 'drm/amd/pm: resolve reboot exception for si oland' (git-fixes).
 - revert 'drm/amd: flush any delayed gfxoff on suspend entry' (git-fixes).
 - rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into
 -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created.
 - s390/qeth: fix potential loss of l3-ip@ in case of network issues (git-fixes bsc#1219840).
 - s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317).
 - sched/membarrier: reduce the ability to hammer on sys_membarrier (git-fixes).
 - scsi: core: move scsi_host_busy() out of host lock for waking up eh handler (git-fixes).
 - scsi: core: move scsi_host_busy() out of host lock if it is for per-command (git-fixes).
 - scsi: fnic: move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141).
 - scsi: hisi_sas: prevent parallel flr and controller reset (git-fixes).
 - scsi: ibmvfc: limit max hw queues by num_online_cpus() (bsc#1220106).
 - scsi: ibmvfc: open-code reset loop for target reset (bsc#1220106).
 - scsi: isci: fix an error code problem in isci_io_request_build() (git-fixes).
 - scsi: lpfc: add condition to delete ndlp object after sending bls_rjt to an abts (bsc#1220021).
 - scsi: lpfc: allow lpfc_plogi_confirm_nport() logic to execute for fabric nodes (bsc#1220021).
 - scsi: lpfc: change lpfc_vport fc_flag member into a bitmask (bsc#1220021).
 - scsi: lpfc: change lpfc_vport load_flag member into a bitmask (bsc#1220021).
 - scsi: lpfc: change nlp state statistic counters into atomic_t (bsc#1220021).
 - scsi: lpfc: copyright updates for 14.4.0.0 patches (bsc#1220021).
 - scsi: lpfc: fix failure to delete vports when discovery is in progress (bsc#1220021).
 - scsi: lpfc: fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021).
 - scsi: lpfc: initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021).
 - scsi: lpfc: move handling of reset congestion statistics events (bsc#1220021).
 - scsi: lpfc: protect vport fc_nodes list with an explicit spin lock (bsc#1220021).
 - scsi: lpfc: remove d_id swap log message from trace event logger (bsc#1220021).
 - scsi: lpfc: remove nlp_rcv_plogi early return during rscn processing for ndlps (bsc#1220021).
 - scsi: lpfc: remove shost_lock protection for fc_host_port shost apis (bsc#1220021).
 - scsi: lpfc: replace deprecated strncpy() with strscpy() (bsc#1220021).
 - scsi: lpfc: save fpin frequency statistics upon receipt of peer cgn notifications (bsc#1220021).
 - scsi: lpfc: update lpfc version to 14.4.0.0 (bsc#1220021).
 - scsi: lpfc: use pci_header_type_mfd instead of literal (bsc#1220021).
 - scsi: lpfc: use sg_dma_len() api to get struct scatterlist's length (bsc#1220021).
 - scsi: mpi3mr: refresh sdev queue depth after controller reset (git-fixes).
 - scsi: revert 'scsi: fcoe: fix potential deadlock on &fip->ctlr_lock' (git-fixes bsc#1219141).
 - serial: 8250: remove serial_rs485 sanitization from em485 (git-fixes).
 - spi-mxs: fix chipselect glitch (git-fixes).
 - spi: hisi-sfc-v3xx: return irq_none if no interrupts were detected (git-fixes).
 - spi: ppc4xx: drop write-only variable (git-fixes).
 - spi: sh-msiof: avoid integer overflow in constants (git-fixes).
 - staging: iio: ad5933: fix type mismatch regression (git-fixes).
 - supported.conf: remove external flag from ibm supported modules. (bsc#1209412)
 - tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450).
 - tomoyo: fix uaf write bug in tomoyo_write_control() (git-fixes).
 - topology/sysfs: add format parameter to macro defining 'show' functions for proc (jsc#ped-7618).
 - topology/sysfs: add ppin in sysfs under cpu topology (jsc#ped-7618).
 - tty: allow tiocslcktrmios with cap_checkpoint_restore (git-fixes).
 - ubsan: array-index-out-of-bounds in dtsplitroot (git-fixes).
 - usb: cdns3: fix memory double free when handle zero packet (git-fixes).
 - usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git-fixes).
 - usb: cdns3: modify the return value of cdns_set_active () to void when config_pm_sleep is disabled (git- fixes).
 - usb: cdns3: put the cdns set active part outside the spin lock (git-fixes).
 - usb: cdns: readd old api (git-fixes).
 - usb: cdnsp: blocked some cdns3 specific code (git-fixes).
 - usb: cdnsp: fixed issue with incorrect detecting cdnsp family controllers (git-fixes).
 - usb: dwc3: gadget: do not disconnect if not started (git-fixes).
 - usb: dwc3: gadget: handle ep0 request dequeuing properly (git-fixes).
 - usb: dwc3: gadget: ignore end transfer delay on teardown (git-fixes).
 - usb: dwc3: gadget: queue pm runtime idle on disconnect event (git-fixes).
 - usb: dwc3: gadget: refactor ep0 forced stall/restart into a separate api (git-fixes).
 - usb: dwc3: gadget: submit endxfer command if delayed during disconnect (git-fixes).
 - usb: dwc3: host: set xhci_sg_trb_cache_size_quirk (git-fixes).
 - usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes).
 - usb: gadget: core: add missing kerneldoc for vbus_work (git-fixes).
 - usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes).
 - usb: gadget: core: help prevent panic during uvc unconfigure (git-fixes).
 - usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes).
 - usb: gadget: f_hid: fix report descriptor allocation (git-fixes).
 - usb: gadget: fix obscure lockdep violation for udc_mutex (git-fixes).
 - usb: gadget: fix use-after-free read in usb_udc_uevent() (git-fixes).
 - usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes).
 - usb: gadget: ncm: avoid dropping datagrams of properly parsed ntbs (git-fixes).
 - usb: gadget: udc: core: offload usb_udc_vbus_handler processing (git-fixes).
 - usb: gadget: udc: core: prevent soft_connect_store() race (git-fixes).
 - usb: gadget: udc: handle gadget_connect failure during bind operation (git-fixes).
 - usb: hub: check for alternate port before enabling a_alt_hnp_support (bsc#1218527).
 - usb: hub: replace hardcoded quirk value with bit() macro (git-fixes).
 - usb: roles: do not get/set_role() when usb_role_switch is unregistered (git-fixes).
 - usb: roles: fix null pointer issue when put module's reference (git-fixes).
 - usb: serial: cp210x: add id for imst im871a-usb (git-fixes).
 - usb: serial: option: add fibocom fm101-gl variant (git-fixes).
 - usb: serial: qcserial: add new usb-id for dell wireless dw5826e (git-fixes).
 - watchdog: it87_wdt: keep wdtctrl bit 3 unmodified for it8784/it8786 (git-fixes).
 - wifi: ath11k: fix registration of 6ghz-only phy without the full channel range (git-fixes).
 - wifi: ath9k: fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes).
 - wifi: cfg80211: fix missing interfaces when dumping (git-fixes).
 - wifi: cfg80211: fix rcu dereference in __cfg80211_bss_update (git-fixes).
 - wifi: cfg80211: free beacon_ies when overridden from hidden bss (git-fixes).
 - wifi: iwlwifi: fix some error codes (git-fixes).
 - wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes).
 - wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git-fixes).
 - wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes).
 - wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes).
 - wifi: nl80211: reject iftype change with mesh id change (git-fixes).
 - wifi: rt2x00: restart beacon queue when hardware reset (git-fixes).
 - wifi: rtl8xxxu: add additional usb ids for rtl8192eu devices (git-fixes).
 - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes).
 - wifi: wext-core: fix -wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes).
 - x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes).
 - x86/bugs: add asm helpers for executing verw (git-fixes).
 - x86/bugs: use alternative() instead of mds_user_clear static key (git-fixes). also add mds_user_clear to kabi severities since it's strictly mitigation related so should be low risk.
 - x86/cpu: x86_feature_intel_ppin finally had a cpuid bit (jsc#ped-7618).
 - x86/entry_32: add verw just before userspace transition (git-fixes).
 - x86/entry_64: add verw just before userspace transition (git-fixes).
 - x86/mm: fix memory encryption features advertisement (bsc#1206453).
 - xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes).
 - xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1194869

https://bugzilla.suse.com/1206453

https://bugzilla.suse.com/1209412

https://bugzilla.suse.com/1213456

https://bugzilla.suse.com/1216776

https://bugzilla.suse.com/1217927

https://bugzilla.suse.com/1218195

https://bugzilla.suse.com/1218216

https://bugzilla.suse.com/1218450

https://bugzilla.suse.com/1218527

https://bugzilla.suse.com/1218663

https://bugzilla.suse.com/1218915

https://bugzilla.suse.com/1219126

https://bugzilla.suse.com/1219127

https://bugzilla.suse.com/1219141

https://bugzilla.suse.com/1219146

https://bugzilla.suse.com/1219295

https://bugzilla.suse.com/1219443

https://bugzilla.suse.com/1219653

https://bugzilla.suse.com/1219827

https://bugzilla.suse.com/1219835

https://bugzilla.suse.com/1219839

https://bugzilla.suse.com/1219840

https://bugzilla.suse.com/1219934

https://bugzilla.suse.com/1220003

https://bugzilla.suse.com/1220009

https://bugzilla.suse.com/1220021

https://bugzilla.suse.com/1220030

https://bugzilla.suse.com/1220106

https://bugzilla.suse.com/1220140

https://bugzilla.suse.com/1220187

https://bugzilla.suse.com/1220238

https://bugzilla.suse.com/1220240

https://bugzilla.suse.com/1220241

https://bugzilla.suse.com/1220243

https://bugzilla.suse.com/1220250

https://bugzilla.suse.com/1220251

https://bugzilla.suse.com/1220253

https://bugzilla.suse.com/1220254

https://bugzilla.suse.com/1220255

https://bugzilla.suse.com/1220257

https://bugzilla.suse.com/1220267

https://bugzilla.suse.com/1220277

https://bugzilla.suse.com/1220317

https://bugzilla.suse.com/1220326

https://bugzilla.suse.com/1220328

https://bugzilla.suse.com/1220330

https://bugzilla.suse.com/1220335

https://bugzilla.suse.com/1220344

https://bugzilla.suse.com/1220348

https://bugzilla.suse.com/1220350

https://bugzilla.suse.com/1220364

https://bugzilla.suse.com/1220392

https://bugzilla.suse.com/1220393

https://bugzilla.suse.com/1220398

https://bugzilla.suse.com/1220409

https://bugzilla.suse.com/1220444

https://bugzilla.suse.com/1220457

https://bugzilla.suse.com/1220459

https://bugzilla.suse.com/1220649

https://bugzilla.suse.com/1220796

https://bugzilla.suse.com/1220825

http://www.nessus.org/u?0828c5e0

https://www.suse.com/security/cve/CVE-2019-25162

https://www.suse.com/security/cve/CVE-2021-46923

https://www.suse.com/security/cve/CVE-2021-46924

https://www.suse.com/security/cve/CVE-2021-46932

https://www.suse.com/security/cve/CVE-2023-28746

https://www.suse.com/security/cve/CVE-2023-5197

https://www.suse.com/security/cve/CVE-2023-52340

https://www.suse.com/security/cve/CVE-2023-52429

https://www.suse.com/security/cve/CVE-2023-52439

https://www.suse.com/security/cve/CVE-2023-52443

https://www.suse.com/security/cve/CVE-2023-52445

https://www.suse.com/security/cve/CVE-2023-52447

https://www.suse.com/security/cve/CVE-2023-52448

https://www.suse.com/security/cve/CVE-2023-52449

https://www.suse.com/security/cve/CVE-2023-52451

https://www.suse.com/security/cve/CVE-2023-52452

https://www.suse.com/security/cve/CVE-2023-52456

https://www.suse.com/security/cve/CVE-2023-52457

https://www.suse.com/security/cve/CVE-2023-52463

https://www.suse.com/security/cve/CVE-2023-52464

https://www.suse.com/security/cve/CVE-2023-52475

https://www.suse.com/security/cve/CVE-2023-52478

https://www.suse.com/security/cve/CVE-2023-6817

https://www.suse.com/security/cve/CVE-2024-0607

https://www.suse.com/security/cve/CVE-2024-1151

https://www.suse.com/security/cve/CVE-2024-23849

https://www.suse.com/security/cve/CVE-2024-23850

https://www.suse.com/security/cve/CVE-2024-23851

https://www.suse.com/security/cve/CVE-2024-25744

https://www.suse.com/security/cve/CVE-2024-26585

https://www.suse.com/security/cve/CVE-2024-26586

https://www.suse.com/security/cve/CVE-2024-26589

https://www.suse.com/security/cve/CVE-2024-26591

https://www.suse.com/security/cve/CVE-2024-26593

https://www.suse.com/security/cve/CVE-2024-26595

https://www.suse.com/security/cve/CVE-2024-26598

https://www.suse.com/security/cve/CVE-2024-26602

https://www.suse.com/security/cve/CVE-2024-26603

https://www.suse.com/security/cve/CVE-2024-26622

Plugin Details

Severity: High

ID: 192180

File Name: suse_SU-2024-0910-1.nasl

Version: 1.3

Type: local

Agent: unix

Published: 3/16/2024

Updated: 7/10/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-26598

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150500_13_38-rt, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/15/2024

Vulnerability Publication Date: 9/27/2023

Reference Information

CVE: CVE-2019-25162, CVE-2021-46923, CVE-2021-46924, CVE-2021-46932, CVE-2023-28746, CVE-2023-5197, CVE-2023-52340, CVE-2023-52429, CVE-2023-52439, CVE-2023-52443, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451, CVE-2023-52452, CVE-2023-52456, CVE-2023-52457, CVE-2023-52463, CVE-2023-52464, CVE-2023-52475, CVE-2023-52478, CVE-2023-6817, CVE-2024-0607, CVE-2024-1151, CVE-2024-23849, CVE-2024-23850, CVE-2024-23851, CVE-2024-25744, CVE-2024-26585, CVE-2024-26586, CVE-2024-26589, CVE-2024-26591, CVE-2024-26593, CVE-2024-26595, CVE-2024-26598, CVE-2024-26602, CVE-2024-26603, CVE-2024-26622

SuSE: SUSE-SU-2024:0910-1