SB2024110435 - SUSE update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

Main Vulnerability Database SB2024110435

SB2024110435 - SUSE update for the Linux Kernel (Live Patch 0 for SLE 15 SP6)

Published: November 4, 2024

Security Bulletin ID SB2024110435

Severity

Medium

Patch available

YES

Number of vulnerabilities 13

Exploitation vector Adjecent network

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 13 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2023-52752)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.

2) Use-after-free (CVE-ID: CVE-2023-52846)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the prp_create_tagged_frame() function in net/hsr/hsr_forward.c. A local user can escalate privileges on the system.

3) Resource management error (CVE-ID: CVE-2024-35817)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the amdgpu_ttm_gart_bind() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.

4) Use-after-free (CVE-ID: CVE-2024-35861)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_signal_cifsd_for_reconnect() function in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

5) Use-after-free (CVE-ID: CVE-2024-35862)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the smb2_is_network_name_deleted() function in fs/smb/client/smb2ops.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

6) Use-after-free (CVE-ID: CVE-2024-35863)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the is_valid_oplock_break() function in fs/smb/client/misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

7) Use-after-free (CVE-ID: CVE-2024-35864)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the smb2_is_valid_lease_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

8) Use-after-free (CVE-ID: CVE-2024-35867)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the cifs_stats_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

9) Out-of-bounds read (CVE-ID: CVE-2024-35905)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the check_stack_access_within_bounds() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.

10) Use-after-free (CVE-ID: CVE-2024-36899)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the gpio_chrdev_release() function in drivers/gpio/gpiolib-cdev.c. A local user can escalate privileges on the system.

11) Improper privilege management (CVE-ID: CVE-2024-36964)

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the p9mode2perm() function in fs/9p/vfs_inode.c. A local user can read and manipulate data.

12) Use-after-free (CVE-ID: CVE-2024-40954)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the sk_common_release() function in net/core/sock.c. A local user can escalate privileges on the system.

13) Input validation error (CVE-ID: CVE-2024-42133)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the hci_le_big_sync_established_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2024/suse-su-20243880-1/