SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1646-1)

high Nessus Plugin ID 197057

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1646-1 advisory.

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394).
- CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416).
- CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418).
- CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge (bsc#1220442).
- CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq (bsc#1220554).
- CVE-2021-46939: Fixed a denial of service in trace_clock_global() in tracing (bsc#1220580).
- CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628).
- CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 (bsc#1220662).
- CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs (bsc#1220521).
- CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs (bsc#1220528).
- CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536).
- CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538).
- CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572).
- CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd (bsc#1220611).
- CVE-2021-46988: Fixed release page in error path to avoid BUG_ON (bsc#1220706).
- CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s (bsc#1220743).
- CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic (bsc#1220625).
- CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751).
- CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt() in bnxt_en (bsc#1220794).
- CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637).
- CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s (bsc#1220687).
- CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb() in scsi lpfc (bsc#1220640).
- CVE-2021-47049: Fixed an after free in __vmbus_open() in hv vmbus (bsc#1220692).
- CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768).
- CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto (bsc#1220769).
- CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742).
- CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745).
- CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel (bsc#1220777).
- CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739).
- CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829).
- CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup() in uio_hv_generic (bsc#1220846).
- CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850).
- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
- CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532).
- CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541).
- CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 (bsc#1221548).
- CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 (bsc#1221575).
- CVE-2021-47118: Fixed an use-after-free in init task's struct pid in pid (bsc#1221605).
- CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 (bsc#1221608).
- CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 (bsc#1221934).
- CVE-2021-47141: Fixed a null pointer dereference on priv->msix_vectors when driver is unloaded in gve (bsc#1221949).
- CVE-2021-47142: Fixed an use-after-free on ttm->sg in drm/amdgpu (bsc#1221952).
- CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988).
- CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972).
- CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973).
- CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969).
- CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966).
- CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977).
- CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965).
- CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce() in nfs (bsc#1221998).
- CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request() in nfs (bsc#1221991).
- CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() in nfs (bsc#1222002).
- CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 (bsc#1222000).
- CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb (bsc#1221994).
- CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 (bsc#1221993).
- CVE-2021-47177: Fixed a sysfs leak in alloc_iommu() in iommu/vt-d (bsc#1221997).
- CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() in nfsv4 (bsc#1222001).
- CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci (bsc#1221999).
- CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660).
- CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662).
- CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664).
- CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666).
- CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669).
- CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706).
- CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions in thermal (bsc#1222878)
- CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888).
- CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790).
- CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-audio (bsc#1222869).
- CVE-2022-0487: Fixed use-after-free in moxart_remove in moxart-mmc (bsc#1194516).
- CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220).
- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).
- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513).
- CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).
- CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).
- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).
- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).
- CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
- CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162).
- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).
- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).
- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
- CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
- CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).
- CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).
- CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617).
- CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825).
- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300).
- CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961).
- CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770)
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618).
- CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
- CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677)
- CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449)
- CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609).
- CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632).
- CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720).
- CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610)
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765)
- CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770)
- CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772).
- CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
- CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812).
- CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975)
- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
- CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
- CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203).
- CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824).
- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
- CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837).
- CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843).
- CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844).
- CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842).
- CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781).

The following non-security bugs were fixed:

- Input: adxl34x - do not hardcode interrupt trigger type (git-fixes).
- Input: drv260x - sleep between polling GO bit (git-fixes).
- Input: ipaq-micro-keys - add error handling for devm_kmemdup.
- Input: xpad - add PXN V900 support.
- USB: core: Fix deadlock in usb_deauthorize_interface().
- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-fixes).
- atl1c: fix error return code in atl1c_probe() (git-fixes).
- atl1e: fix error return code in atl1e_probe() (git-fixes).
- bluetooth: btqca: Fixed a coding style error (git-fixes).
- bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes).
- bluetooth: btqcomsmd: Fix command timeout after setting BD address (git-fixes).
- bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).
- bnx2x: Fix enabling network interfaces without VFs (git-fixes).
- bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes).
- bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
- doc/README.SUSE: Update information about module support status (jsc#PED-5759)
- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).
- ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes).
- ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git-fixes).
- fuse: do not unhash root (bsc#1223954).
- iommu/amd: Increase interrupt remapping table limit to 512 entries (git-fixes).
- iommu/amd: Mark interrupt as managed (git-fixes).
- iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes).
- iommu/amd: Silence warnings under memory pressure (git-fixes).
- iommu: Check if group is NULL before remove device (git-fixes).
- kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
- kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi).
- lan78xx: Add missing return code checks (git-fixes).
- lan78xx: Add support to dump lan78xx registers (git-fixes).
- lan78xx: Do not access skb_queue_head list pointers directly (git-fixes).
- lan78xx: Fix exception on link speed change (git-fixes).
- lan78xx: Fix partial packet errors on suspend/resume (git-fixes).
- lan78xx: Fix race conditions in suspend/resume handling (git-fixes).
- lan78xx: Fix white space and style issues (git-fixes).
- lan78xx: Modify error messages (git-fixes).
- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes).
- net/mlx5: Properly convey driver version to firmware (git-fixes).
- net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes).
- net: Fix features skip in for_each_netdev_feature() (git-fixes).
- net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes).
- net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
- net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes).
- net: lan78xx: Make declaration style consistent (git-fixes).
- net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes).
- net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
- net: lan78xx: remove set but not used variable 'event' (git-fixes).
- net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes).
- net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes).
- net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git-fixes).
- nfs: Fix O_DIRECT commit verifier handling (git-fixes).
- nfs: Fix O_DIRECT locking issues (git-fixes).
- nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git-fixes).
- nfs: Fix an off by one in root_nfs_cat() (git-fixes).
- nfs: Fix direct WRITE throughput regression (git-fixes).
- nfs: Fix error handling for O_DIRECT write scheduling (git-fixes).
- nfs: More O_DIRECT accounting fixes for error paths (git-fixes).
- nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791).
- nfs: commit errors should be fatal (git-fixes).
- nfs: only issue commit in DIO codepath if we have uncommitted data (git-fixes).
- nfsd: Fix error cleanup path in nfsd_rename() (git-fixes).
- nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- nfsd: Retransmit callbacks after client reconnects (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).
- nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
- pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).
- pci/aspm: Avoid link retraining race (git-fixes).
- pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git-fixes).
- pci/aspm: Do not warn if already in common clock mode (git-fixes).
- pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes).
- pci/aspm: Reduce severity of common clock config message (git-fixes).
- pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes).
- pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).
- pci/dpc: Print all TLP Prefixes, not just the first (git-fixes).
- pci/iov: Enlarge virtfn sysfs name buffer (git-fixes).
- pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes).
- pci/pm: Power up all devices during runtime resume (git-fixes).
- pci/sysfs: Protect driver's D3cold preference from user space (git-fixes).
- pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
- pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).
- pci: Add locking to RMW PCI Express Capability Register accessors (git-fixes).
- pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes).
- pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git-fixes).
- pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
- pci: Rework pcie_retrain_link() wait loop (git-fixes).
- pci: aardvark: Fix setting MSI address (git-fixes).
- pci: aardvark: Fix support for MSI interrupts (git-fixes).
- pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git-fixes).
- pci: endpoint: Do not stop controller when unbinding endpoint function (git-fixes).
- pci: hotplug: Allow marking devices as disconnected during bind/unbind (git-fixes).
- pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes).
- pci: pciehp: Cancel bringup sequence if card is not present (git-fixes).
- pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git-fixes).
- pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes).
- pci: qcom: Disable write access to read only registers for IP v2.3.3 (git-fixes).
- pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes).
- pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).
- pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes).
- pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).
- pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
- rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082)
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221953).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
- sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
- sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
- tun: honor IOCB_NOWAIT flag (git-fixes).
- usb: dwc2: Fix memory leak in dwc2_hcd_init.
- usb: dwc2: check return value after calling platform_get_resource() (git-fixes).
- usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes).
- usb: gadget: Fix issue with config_ep_by_speed function (git-fixes).
- usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).
- usb: musb: Modify the 'HWVers' register address (git-fixes).
- usb: roles: do not get/set_role() when usb_role_switch is unregistered.
- usb: serial: option: add Fibocom L7xx modules (git-fixes).
- usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes).
- usb: storage: set 1.50 as the lower bcdDevice for older 'Super Top' compatibility (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
- usb: usbfs: Do not WARN about excessively large memory allocations.
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 197057

File Name: suse_SU-2024-1646-1.nasl

Version: 1.2

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 5/15/2024

Updated: 7/10/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2022-0487

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2024-26930

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:dlm-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt-devel, p-cpe:/a:novell:suse_linux:kernel-source-rt, cpe:/o:novell:suse_linux:12, p-cpe:/a:novell:suse_linux:kernel-rt-base, p-cpe:/a:novell:suse_linux:gfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-syms-rt, p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel, p-cpe:/a:novell:suse_linux:kernel-rt_debug, p-cpe:/a:novell:suse_linux:kernel-rt, p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt, p-cpe:/a:novell:suse_linux:kernel-devel-rt

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 5/14/2024

Vulnerability Publication Date: 7/8/2021

Reference Information

CVE: CVE-2019-25160, CVE-2021-46904, CVE-2021-46905, CVE-2021-46909, CVE-2021-46938, CVE-2021-46939, CVE-2021-46941, CVE-2021-46950, CVE-2021-46958, CVE-2021-46960, CVE-2021-46963, CVE-2021-46964, CVE-2021-46966, CVE-2021-46981, CVE-2021-46988, CVE-2021-46990, CVE-2021-46998, CVE-2021-47006, CVE-2021-47015, CVE-2021-47024, CVE-2021-47034, CVE-2021-47045, CVE-2021-47049, CVE-2021-47055, CVE-2021-47056, CVE-2021-47060, CVE-2021-47061, CVE-2021-47063, CVE-2021-47068, CVE-2021-47070, CVE-2021-47071, CVE-2021-47073, CVE-2021-47100, CVE-2021-47101, CVE-2021-47104, CVE-2021-47110, CVE-2021-47112, CVE-2021-47114, CVE-2021-47117, CVE-2021-47118, CVE-2021-47119, CVE-2021-47138, CVE-2021-47141, CVE-2021-47142, CVE-2021-47143, CVE-2021-47146, CVE-2021-47149, CVE-2021-47150, CVE-2021-47153, CVE-2021-47159, CVE-2021-47161, CVE-2021-47162, CVE-2021-47165, CVE-2021-47166, CVE-2021-47167, CVE-2021-47168, CVE-2021-47169, CVE-2021-47171, CVE-2021-47173, CVE-2021-47177, CVE-2021-47179, CVE-2021-47180, CVE-2021-47181, CVE-2021-47182, CVE-2021-47183, CVE-2021-47184, CVE-2021-47185, CVE-2021-47188, CVE-2021-47189, CVE-2021-47198, CVE-2021-47202, CVE-2021-47203, CVE-2021-47204, CVE-2021-47205, CVE-2021-47207, CVE-2021-47211, CVE-2021-47216, CVE-2021-47217, CVE-2022-0487, CVE-2022-48619, CVE-2022-48626, CVE-2022-48636, CVE-2022-48650, CVE-2022-48651, CVE-2022-48667, CVE-2022-48668, CVE-2022-48687, CVE-2022-48688, CVE-2022-48695, CVE-2022-48701, CVE-2023-0160, CVE-2023-52454, CVE-2023-52469, CVE-2023-52470, CVE-2023-52474, CVE-2023-52476, CVE-2023-52477, CVE-2023-52486, CVE-2023-52488, CVE-2023-52509, CVE-2023-52515, CVE-2023-52524, CVE-2023-52528, CVE-2023-52575, CVE-2023-52583, CVE-2023-52587, CVE-2023-52590, CVE-2023-52591, CVE-2023-52595, CVE-2023-52598, CVE-2023-52607, CVE-2023-52614, CVE-2023-52620, CVE-2023-52628, CVE-2023-52635, CVE-2023-52639, CVE-2023-52644, CVE-2023-52646, CVE-2023-52650, CVE-2023-52652, CVE-2023-52653, CVE-2023-6270, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2023-7042, CVE-2023-7192, CVE-2024-2201, CVE-2024-22099, CVE-2024-23307, CVE-2024-23848, CVE-2024-24855, CVE-2024-24861, CVE-2024-26614, CVE-2024-26642, CVE-2024-26651, CVE-2024-26671, CVE-2024-26675, CVE-2024-26689, CVE-2024-26704, CVE-2024-26733, CVE-2024-26739, CVE-2024-26743, CVE-2024-26744, CVE-2024-26747, CVE-2024-26754, CVE-2024-26763, CVE-2024-26771, CVE-2024-26772, CVE-2024-26773, CVE-2024-26777, CVE-2024-26778, CVE-2024-26779, CVE-2024-26793, CVE-2024-26805, CVE-2024-26816, CVE-2024-26817, CVE-2024-26839, CVE-2024-26840, CVE-2024-26852, CVE-2024-26855, CVE-2024-26857, CVE-2024-26859, CVE-2024-26878, CVE-2024-26883, CVE-2024-26884, CVE-2024-26898, CVE-2024-26901, CVE-2024-26903, CVE-2024-26907, CVE-2024-26922, CVE-2024-26929, CVE-2024-26930, CVE-2024-26931, CVE-2024-26948, CVE-2024-26993, CVE-2024-27013, CVE-2024-27014, CVE-2024-27043, CVE-2024-27046, CVE-2024-27054, CVE-2024-27072, CVE-2024-27073, CVE-2024-27074, CVE-2024-27075, CVE-2024-27078, CVE-2024-27388

SuSE: SUSE-SU-2024:1646-1

Detections

Analytics