SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:4376-1)

high Nessus Plugin ID 213242

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4376-1 advisory.

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2021-47594: mptcp: never allow the PM to close a listener subflow (bsc#1226560).
- CVE-2022-48983: io_uring: Fix a null-ptr-deref in io_tctx_exit_cb() (bsc#1231959).
- CVE-2024-26782: mptcp: fix double-free on socket dismantle (bsc#1222590).
- CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
- CVE-2024-26953: net: esp: fix bad handling of pages from page_pool (bsc#1223656).
- CVE-2024-35888: erspan: make sure erspan_base_hdr is present in skb->head (bsc#1224518).
- CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526).
- CVE-2024-36883: net: fix out-of-bounds access in ops_init (bsc#1225725).
- CVE-2024-36886: tipc: fix UAF in error path (bsc#1225730).
- CVE-2024-36905: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (bsc#1225742).
- CVE-2024-36954: tipc: fix a possible memleak in tipc_buf_append (bsc#1225764).
- CVE-2024-38589: netrom: fix possible dead-lock in nr_rt_ioctl() (bsc#1226748).
- CVE-2024-38615: cpufreq: exit() callback is optional (bsc#1226592).
- CVE-2024-40997: cpufreq: amd-pstate: fix memory leak on CPU EPP exit (bsc#1227853).
- CVE-2024-41023: sched/deadline: Fix task_struct reference leak (bsc#1228430).
- CVE-2024-44932: idpf: fix UAFs when destroying the queues (bsc#1229808).
- CVE-2024-44964: idpf: fix memory leaks and crashes while performing a soft reset (bsc#1230220).
- CVE-2024-44995: net: hns3: fix a deadlock problem when config TC during resetting (bsc#1230231).
- CVE-2024-46681: pktgen: use cpus_read_lock() in pg_net_init() (bsc#1230558).
- CVE-2024-46800: sch/netem: fix use after free in netem_dequeue (bsc#1230827).
- CVE-2024-47679: vfs: fix race between evice_inodes() and find_inode()&iput() (bsc#1231930).
- CVE-2024-47701: ext4: explicitly exit when ext4_find_inline_entry returns an error (bsc#1231920).
- CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135).
- CVE-2024-47757: nilfs2: fix potential oob read in nilfs_btree_check_delete() (bsc#1232187).
- CVE-2024-49868: btrfs: fix a NULL pointer dereference when failed to start a new trasacntion (bsc#1232272).
- CVE-2024-49921: drm/amd/display: Check null pointers before used (bsc#1232371).
- CVE-2024-49925: fbdev: efifb: Register sysfs groups through driver core (bsc#1232224)
- CVE-2024-49934: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (bsc#1232387).
- CVE-2024-49945: net/ncsi: Disable the ncsi work before freeing the associated structure (bsc#1232165).
- CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159).
- CVE-2024-49968: ext4: fix error message when rejecting the default hash (bsc#1232264).
- CVE-2024-49983: ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free (bsc#1232096).
- CVE-2024-49989: drm/amd/display: fix double free issue during amdgpu module unload (bsc#1232483).
- CVE-2024-50009: cpufreq: amd-pstate: add check for cpufreq_cpu_get's return value (bsc#1232318).
- CVE-2024-50073: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (bsc#1232520).
- CVE-2024-50082: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (bsc#1232500).
- CVE-2024-50089: unicode: Do not special case ignorable code points (bsc#1232860).
- CVE-2024-50093: thermal: intel: int340x: processor: Fix warning during module unload (bsc#1232877).
- CVE-2024-50098: scsi: ufs: core: Set SDEV_OFFLINE when UFS is shut down (bsc#1232881).
- CVE-2024-50108: drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (bsc#1232884).
- CVE-2024-50110: xfrm: fix one more kernel-infoleak in algo dumping (bsc#1232885).
- CVE-2024-50115: KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (bsc#1232919).
- CVE-2024-50125: Bluetooth: SCO: Fix UAF on sco_sock_timeout (bsc#1232928).
- CVE-2024-50127: net: sched: fix use-after-free in taprio_change() (bsc#1232907).
- CVE-2024-50128: net: wwan: fix global oob in wwan_rtnl_policy (bsc#1232905).
- CVE-2024-50134: drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape (bsc#1232890).
- CVE-2024-50135: nvme-pci: fix race condition between reset and nvme_dev_disable() (bsc#1232888).
- CVE-2024-50138: bpf: Use raw_spinlock_t in ringbuf (bsc#1232935).
- CVE-2024-50146: net/mlx5e: Do not call cleanup on profile rollback failure (bsc#1233056).
- CVE-2024-50147: net/mlx5: Fix command bitmask initialization (bsc#1233067).
- CVE-2024-50153: scsi: target: core: Fix null-ptr-deref in target_alloc_device() (bsc#1233061).
- CVE-2024-50154: tcp: Fix use-after-free of nreq in reqsk_timer_handler() (bsc#1233070).
- CVE-2024-50167: be2net: fix potential memory leak in be_xmit() (bsc#1233049).
- CVE-2024-50171: net: systemport: fix potential memory leak in bcm_sysport_xmit() (bsc#1233057).
- CVE-2024-50182: secretmem: disable memfd_secret() if arch cannot set direct map (bsc#1233129).
- CVE-2024-50184: virtio_pmem: Check device status before requesting flush (bsc#1233135).
- CVE-2024-50186: net: explicitly clear the sk pointer, when pf->create fails (bsc#1233110).
- CVE-2024-50188: net: phy: dp83869: fix memory corruption when enabling fiber (bsc#1233107).
- CVE-2024-50192: irqchip/gic-v4: Correctly deal with set_affinity on lazily-mapped VPEs (bsc#1233106).
- CVE-2024-50195: posix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime() (bsc#1233103).
- CVE-2024-50196: pinctrl: ocelot: fix system hang on level based interrupts (bsc#1233113).
- CVE-2024-50205: ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (bsc#1233293).
- CVE-2024-50208: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (bsc#1233117).
- CVE-2024-50229: nilfs2: fix potential deadlock with newly created symlinks (bsc#1233205).
- CVE-2024-50230: nilfs2: fix kernel bug due to missing clearing of checked flag (bsc#1233206).
- CVE-2024-50259: netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() (bsc#1233214).
- CVE-2024-50261: macsec: Fix use-after-free while sending the offloading packet (bsc#1233253).
- CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (bsc#1233453).
- CVE-2024-50267: USB: serial: io_edgeport: fix use after free in debug printk (bsc#1233456).
- CVE-2024-50271: signal: restore the override_rlimit logic (bsc#1233460).
- CVE-2024-50273: btrfs: reinitialize delayed ref list after deleting it from the list (bsc#1233462).
- CVE-2024-50274: idpf: avoid vport access in idpf_get_link_ksettings (bsc#1233463).
- CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing (bsc#1233468).
- CVE-2024-50289: media: av7110: fix a spectre vulnerability (bsc#1233478).
- CVE-2024-50295: net: arc: fix the device for dma_map_single/dma_unmap_single (bsc#1233484).
- CVE-2024-50298: net: enetc: allocate vf_state during PF probes (bsc#1233487).
- CVE-2024-53052: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (bsc#1233548).
- CVE-2024-53058: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data (bsc#1233552).
- CVE-2024-53061: media: s5p-jpeg: prevent buffer overflows (bsc#1233555).
- CVE-2024-53063: media: dvbdev: prevent the risk of out of memory access (bsc#1233557).
- CVE-2024-53068: firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (bsc#1233561).
- CVE-2024-53079: mm/thp: fix deferred split unqueue naming and locking (bsc#1233570).
- CVE-2024-53088: i40e: fix race condition by adding filter's intermediate sync state (bsc#1233580).
- CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1234025).
- CVE-2024-53110: vp_vdpa: fix id_table array not null terminated error (bsc#1234085).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 213242

File Name: suse_SU-2024-4376-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 12/19/2024

Updated: 12/19/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-53068

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:kernel-azure, p-cpe:/a:novell:suse_linux:kernel-azure-devel, p-cpe:/a:novell:suse_linux:kernel-syms-azure, p-cpe:/a:novell:suse_linux:kernel-devel-azure, p-cpe:/a:novell:suse_linux:kernel-source-azure

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 12/18/2024

Vulnerability Publication Date: 3/27/2024

Reference Information

CVE: CVE-2021-47594, CVE-2022-48674, CVE-2022-48979, CVE-2022-48982, CVE-2022-48983, CVE-2022-48989, CVE-2022-48990, CVE-2023-52915, CVE-2023-52917, CVE-2023-52918, CVE-2023-52921, CVE-2023-52922, CVE-2024-26782, CVE-2024-26906, CVE-2024-26953, CVE-2024-35888, CVE-2024-35937, CVE-2024-35980, CVE-2024-36484, CVE-2024-36883, CVE-2024-36886, CVE-2024-36905, CVE-2024-36953, CVE-2024-36954, CVE-2024-38577, CVE-2024-38589, CVE-2024-38615, CVE-2024-40997, CVE-2024-41016, CVE-2024-41023, CVE-2024-41049, CVE-2024-42131, CVE-2024-43817, CVE-2024-43897, CVE-2024-44932, CVE-2024-44964, CVE-2024-44995, CVE-2024-46681, CVE-2024-46800, CVE-2024-46802, CVE-2024-46804, CVE-2024-46805, CVE-2024-46807, CVE-2024-46810, CVE-2024-46812, CVE-2024-46819, CVE-2024-46821, CVE-2024-46835, CVE-2024-46842, CVE-2024-46853, CVE-2024-46859, CVE-2024-46864, CVE-2024-46871, CVE-2024-47663, CVE-2024-47665, CVE-2024-47667, CVE-2024-47669, CVE-2024-47670, CVE-2024-47671, CVE-2024-47679, CVE-2024-47682, CVE-2024-47693, CVE-2024-47695, CVE-2024-47696, CVE-2024-47697, CVE-2024-47698, CVE-2024-47699, CVE-2024-47701, CVE-2024-47709, CVE-2024-47712, CVE-2024-47713, CVE-2024-47718, CVE-2024-47723, CVE-2024-47728, CVE-2024-47735, CVE-2024-47737, CVE-2024-47742, CVE-2024-47745, CVE-2024-47749, CVE-2024-47756, CVE-2024-47757, CVE-2024-49850, CVE-2024-49851, CVE-2024-49852, CVE-2024-49855, CVE-2024-49861, CVE-2024-49863, CVE-2024-49868, CVE-2024-49870, CVE-2024-49871, CVE-2024-49875, CVE-2024-49877, CVE-2024-49879, CVE-2024-49884, CVE-2024-49891, CVE-2024-49900, CVE-2024-49902, CVE-2024-49903, CVE-2024-49905, CVE-2024-49907, CVE-2024-49908, CVE-2024-49921, CVE-2024-49924, CVE-2024-49925, CVE-2024-49934, CVE-2024-49935, CVE-2024-49938, CVE-2024-49945, CVE-2024-49947, CVE-2024-49950, CVE-2024-49957, CVE-2024-49963, CVE-2024-49965, CVE-2024-49966, CVE-2024-49968, CVE-2024-49981, CVE-2024-49983, CVE-2024-49985, CVE-2024-49989, CVE-2024-50003, CVE-2024-50007, CVE-2024-50008, CVE-2024-50009, CVE-2024-50013, CVE-2024-50017, CVE-2024-50025, CVE-2024-50026, CVE-2024-50031, CVE-2024-50044, CVE-2024-50062, CVE-2024-50067, CVE-2024-50073, CVE-2024-50074, CVE-2024-50077, CVE-2024-50078, CVE-2024-50082, CVE-2024-50089, CVE-2024-50093, CVE-2024-50095, CVE-2024-50096, CVE-2024-50098, CVE-2024-50099, CVE-2024-50103, CVE-2024-50108, CVE-2024-50110, CVE-2024-50115, CVE-2024-50116, CVE-2024-50117, CVE-2024-50124, CVE-2024-50125, CVE-2024-50127, CVE-2024-50128, CVE-2024-50131, CVE-2024-50134, CVE-2024-50135, CVE-2024-50138, CVE-2024-50141, CVE-2024-50146, CVE-2024-50147, CVE-2024-50148, CVE-2024-50150, CVE-2024-50153, CVE-2024-50154, CVE-2024-50155, CVE-2024-50156, CVE-2024-50160, CVE-2024-50167, CVE-2024-50171, CVE-2024-50179, CVE-2024-50180, CVE-2024-50182, CVE-2024-50183, CVE-2024-50184, CVE-2024-50186, CVE-2024-50187, CVE-2024-50188, CVE-2024-50189, CVE-2024-50192, CVE-2024-50194, CVE-2024-50195, CVE-2024-50196, CVE-2024-50198, CVE-2024-50201, CVE-2024-50205, CVE-2024-50208, CVE-2024-50209, CVE-2024-50215, CVE-2024-50218, CVE-2024-50229, CVE-2024-50230, CVE-2024-50232, CVE-2024-50233, CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50249, CVE-2024-50255, CVE-2024-50259, CVE-2024-50261, CVE-2024-50264, CVE-2024-50265, CVE-2024-50267, CVE-2024-50268, CVE-2024-50269, CVE-2024-50271, CVE-2024-50273, CVE-2024-50274, CVE-2024-50279, CVE-2024-50282, CVE-2024-50287, CVE-2024-50289, CVE-2024-50290, CVE-2024-50292, CVE-2024-50295, CVE-2024-50298, CVE-2024-50301, CVE-2024-50302, CVE-2024-53052, CVE-2024-53058, CVE-2024-53059, CVE-2024-53060, CVE-2024-53061, CVE-2024-53063, CVE-2024-53066, CVE-2024-53068, CVE-2024-53079, CVE-2024-53085, CVE-2024-53088, CVE-2024-53104, CVE-2024-53110

SuSE: SUSE-SU-2024:4376-1

Detections

Analytics