Vulnerability from csaf_suse
Published
2025-01-17 09:13
Modified
2025-01-17 09:13
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588)
- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).
- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).
- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).
- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).
- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).
- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).
The following non-security bugs were fixed:
- Enable CONFIG_FIRMWARE_SIG ()
- r8169: check ALDPS bit and disable it if enabled for the 8168g (bnc#845352).
- rpm/kernel-binary.spec.in: Remove obsolete ext4-writeable. Needs to be handled differently. (bnc#830822)
Patchnames
SUSE-2025-152,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-152
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588)\n- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).\n- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).\n- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).\n- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).\n- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).\n- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).\n- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).\n- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).\n- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).\n- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).\n\nThe following non-security bugs were fixed:\n\n- Enable CONFIG_FIRMWARE_SIG ()\n- r8169: check ALDPS bit and disable it if enabled for the 8168g (bnc#845352).\n- rpm/kernel-binary.spec.in: Remove obsolete ext4-writeable. Needs to be handled differently. (bnc#830822)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2025-152,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-152", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0152-1.json", }, { category: "self", summary: "URL for SUSE-SU-2025:0152-1", url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250152-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2025:0152-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020152.html", }, { category: "self", summary: "SUSE Bug 1027565", url: "https://bugzilla.suse.com/1027565", }, { category: "self", summary: "SUSE Bug 1056588", url: "https://bugzilla.suse.com/1056588", }, { category: "self", summary: "SUSE Bug 1059525", url: "https://bugzilla.suse.com/1059525", }, { category: "self", summary: "SUSE Bug 1202346", url: "https://bugzilla.suse.com/1202346", }, { category: "self", summary: "SUSE Bug 1227985", url: "https://bugzilla.suse.com/1227985", }, { category: "self", summary: "SUSE Bug 1234846", url: "https://bugzilla.suse.com/1234846", }, { category: "self", summary: "SUSE Bug 1234853", url: "https://bugzilla.suse.com/1234853", }, { category: "self", summary: "SUSE Bug 1234891", url: "https://bugzilla.suse.com/1234891", }, { category: "self", summary: "SUSE Bug 1234963", url: "https://bugzilla.suse.com/1234963", }, { category: "self", summary: "SUSE Bug 1235054", url: "https://bugzilla.suse.com/1235054", }, { category: "self", summary: "SUSE Bug 1235056", url: "https://bugzilla.suse.com/1235056", }, { category: "self", summary: "SUSE Bug 1235061", url: "https://bugzilla.suse.com/1235061", }, { category: "self", summary: "SUSE Bug 1235073", url: "https://bugzilla.suse.com/1235073", }, { category: "self", summary: "SUSE Bug 1235220", url: "https://bugzilla.suse.com/1235220", }, { category: "self", summary: "SUSE Bug 1235224", url: "https://bugzilla.suse.com/1235224", }, { category: "self", summary: "SUSE CVE CVE-2017-1000253 page", url: "https://www.suse.com/security/cve/CVE-2017-1000253/", }, { category: "self", summary: "SUSE CVE CVE-2017-14051 page", url: "https://www.suse.com/security/cve/CVE-2017-14051/", }, { category: "self", summary: "SUSE CVE CVE-2017-2636 page", url: "https://www.suse.com/security/cve/CVE-2017-2636/", }, { category: "self", summary: "SUSE CVE CVE-2022-20368 page", url: "https://www.suse.com/security/cve/CVE-2022-20368/", }, { category: "self", summary: "SUSE CVE CVE-2022-48839 page", url: "https://www.suse.com/security/cve/CVE-2022-48839/", }, { category: "self", summary: "SUSE CVE CVE-2024-53146 page", url: "https://www.suse.com/security/cve/CVE-2024-53146/", }, { category: "self", summary: "SUSE CVE CVE-2024-53156 page", url: "https://www.suse.com/security/cve/CVE-2024-53156/", }, { category: "self", summary: "SUSE CVE CVE-2024-53173 page", url: "https://www.suse.com/security/cve/CVE-2024-53173/", }, { category: "self", summary: "SUSE CVE CVE-2024-53239 page", url: "https://www.suse.com/security/cve/CVE-2024-53239/", }, { category: "self", summary: "SUSE CVE CVE-2024-56539 page", url: "https://www.suse.com/security/cve/CVE-2024-56539/", }, { category: "self", summary: "SUSE CVE CVE-2024-56548 page", url: "https://www.suse.com/security/cve/CVE-2024-56548/", }, { category: "self", summary: "SUSE CVE CVE-2024-56598 page", url: "https://www.suse.com/security/cve/CVE-2024-56598/", }, { category: "self", summary: "SUSE CVE CVE-2024-56604 page", url: "https://www.suse.com/security/cve/CVE-2024-56604/", }, { category: "self", summary: "SUSE CVE CVE-2024-56605 page", url: "https://www.suse.com/security/cve/CVE-2024-56605/", }, { category: "self", summary: "SUSE CVE CVE-2024-56619 page", url: "https://www.suse.com/security/cve/CVE-2024-56619/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2025-01-17T09:13:58Z", generator: { date: "2025-01-17T09:13:58Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2025:0152-1", initial_release_date: "2025-01-17T09:13:58Z", revision_history: [ { date: "2025-01-17T09:13:58Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-debug-3.0.101-108.174.1.i586", product: { name: "kernel-debug-3.0.101-108.174.1.i586", product_id: "kernel-debug-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-debug-base-3.0.101-108.174.1.i586", product: { name: "kernel-debug-base-3.0.101-108.174.1.i586", product_id: "kernel-debug-base-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-debug-devel-3.0.101-108.174.1.i586", product: { name: "kernel-debug-devel-3.0.101-108.174.1.i586", product_id: "kernel-debug-devel-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-debug-extra-3.0.101-108.174.1.i586", product: { name: "kernel-debug-extra-3.0.101-108.174.1.i586", product_id: "kernel-debug-extra-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-debug-hmac-3.0.101-108.174.1.i586", product: { name: "kernel-debug-hmac-3.0.101-108.174.1.i586", product_id: "kernel-debug-hmac-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-default-3.0.101-108.174.1.i586", product: { name: "kernel-default-3.0.101-108.174.1.i586", product_id: "kernel-default-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.174.1.i586", product: { name: "kernel-default-base-3.0.101-108.174.1.i586", product_id: "kernel-default-base-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.174.1.i586", product: { name: "kernel-default-devel-3.0.101-108.174.1.i586", product_id: "kernel-default-devel-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-default-extra-3.0.101-108.174.1.i586", product: { name: "kernel-default-extra-3.0.101-108.174.1.i586", product_id: "kernel-default-extra-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-default-hmac-3.0.101-108.174.1.i586", product: { name: "kernel-default-hmac-3.0.101-108.174.1.i586", product_id: "kernel-default-hmac-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-ec2-3.0.101-108.174.1.i586", product: { name: "kernel-ec2-3.0.101-108.174.1.i586", product_id: "kernel-ec2-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-ec2-base-3.0.101-108.174.1.i586", product: { name: "kernel-ec2-base-3.0.101-108.174.1.i586", product_id: "kernel-ec2-base-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-ec2-devel-3.0.101-108.174.1.i586", product: { name: "kernel-ec2-devel-3.0.101-108.174.1.i586", product_id: "kernel-ec2-devel-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-ec2-extra-3.0.101-108.174.1.i586", product: { name: "kernel-ec2-extra-3.0.101-108.174.1.i586", product_id: "kernel-ec2-extra-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-ec2-hmac-3.0.101-108.174.1.i586", product: { name: "kernel-ec2-hmac-3.0.101-108.174.1.i586", product_id: "kernel-ec2-hmac-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-pae-3.0.101-108.174.1.i586", product: { name: "kernel-pae-3.0.101-108.174.1.i586", product_id: "kernel-pae-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-pae-base-3.0.101-108.174.1.i586", product: { name: "kernel-pae-base-3.0.101-108.174.1.i586", product_id: "kernel-pae-base-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-pae-devel-3.0.101-108.174.1.i586", product: { name: "kernel-pae-devel-3.0.101-108.174.1.i586", product_id: "kernel-pae-devel-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-pae-extra-3.0.101-108.174.1.i586", product: { name: "kernel-pae-extra-3.0.101-108.174.1.i586", product_id: "kernel-pae-extra-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-pae-hmac-3.0.101-108.174.1.i586", product: { name: "kernel-pae-hmac-3.0.101-108.174.1.i586", product_id: "kernel-pae-hmac-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.174.1.i586", product: { name: "kernel-source-3.0.101-108.174.1.i586", product_id: "kernel-source-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-source-vanilla-3.0.101-108.174.1.i586", product: { name: "kernel-source-vanilla-3.0.101-108.174.1.i586", product_id: "kernel-source-vanilla-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.174.1.i586", product: { name: "kernel-syms-3.0.101-108.174.1.i586", product_id: "kernel-syms-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.174.1.i586", product: { name: "kernel-trace-3.0.101-108.174.1.i586", product_id: "kernel-trace-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.174.1.i586", product: { name: "kernel-trace-base-3.0.101-108.174.1.i586", product_id: "kernel-trace-base-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.174.1.i586", product: { name: "kernel-trace-devel-3.0.101-108.174.1.i586", product_id: "kernel-trace-devel-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-trace-extra-3.0.101-108.174.1.i586", product: { name: "kernel-trace-extra-3.0.101-108.174.1.i586", product_id: "kernel-trace-extra-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-trace-hmac-3.0.101-108.174.1.i586", product: { name: "kernel-trace-hmac-3.0.101-108.174.1.i586", product_id: "kernel-trace-hmac-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-vanilla-3.0.101-108.174.1.i586", product: { name: "kernel-vanilla-3.0.101-108.174.1.i586", product_id: "kernel-vanilla-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-vanilla-base-3.0.101-108.174.1.i586", product: { name: "kernel-vanilla-base-3.0.101-108.174.1.i586", product_id: "kernel-vanilla-base-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-vanilla-devel-3.0.101-108.174.1.i586", product: { name: "kernel-vanilla-devel-3.0.101-108.174.1.i586", product_id: "kernel-vanilla-devel-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-vanilla-hmac-3.0.101-108.174.1.i586", product: { name: "kernel-vanilla-hmac-3.0.101-108.174.1.i586", product_id: "kernel-vanilla-hmac-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-xen-3.0.101-108.174.1.i586", product: { name: "kernel-xen-3.0.101-108.174.1.i586", product_id: "kernel-xen-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-xen-base-3.0.101-108.174.1.i586", product: { name: "kernel-xen-base-3.0.101-108.174.1.i586", product_id: "kernel-xen-base-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-xen-devel-3.0.101-108.174.1.i586", product: { name: "kernel-xen-devel-3.0.101-108.174.1.i586", product_id: "kernel-xen-devel-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-xen-extra-3.0.101-108.174.1.i586", product: { name: "kernel-xen-extra-3.0.101-108.174.1.i586", product_id: "kernel-xen-extra-3.0.101-108.174.1.i586", }, }, { category: "product_version", name: "kernel-xen-hmac-3.0.101-108.174.1.i586", product: { name: "kernel-xen-hmac-3.0.101-108.174.1.i586", product_id: "kernel-xen-hmac-3.0.101-108.174.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "kernel-source-3.0.101-108.174.1.ia64", product: { name: "kernel-source-3.0.101-108.174.1.ia64", product_id: "kernel-source-3.0.101-108.174.1.ia64", }, }, { category: "product_version", name: "kernel-source-vanilla-3.0.101-108.174.1.ia64", product: { name: "kernel-source-vanilla-3.0.101-108.174.1.ia64", product_id: "kernel-source-vanilla-3.0.101-108.174.1.ia64", }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "kernel-docs-3.0.101-108.174.1.noarch", product: { name: "kernel-docs-3.0.101-108.174.1.noarch", product_id: "kernel-docs-3.0.101-108.174.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-source-3.0.101-108.174.1.ppc", product: { name: "kernel-source-3.0.101-108.174.1.ppc", product_id: "kernel-source-3.0.101-108.174.1.ppc", }, }, { category: "product_version", name: "kernel-source-vanilla-3.0.101-108.174.1.ppc", product: { name: "kernel-source-vanilla-3.0.101-108.174.1.ppc", product_id: "kernel-source-vanilla-3.0.101-108.174.1.ppc", }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "kernel-source-3.0.101-108.174.1.ppc64", product: { name: "kernel-source-3.0.101-108.174.1.ppc64", product_id: "kernel-source-3.0.101-108.174.1.ppc64", }, }, { category: "product_version", name: "kernel-source-vanilla-3.0.101-108.174.1.ppc64", product: { name: "kernel-source-vanilla-3.0.101-108.174.1.ppc64", product_id: "kernel-source-vanilla-3.0.101-108.174.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "kernel-source-3.0.101-108.174.1.s390", product: { name: "kernel-source-3.0.101-108.174.1.s390", product_id: "kernel-source-3.0.101-108.174.1.s390", }, }, { category: "product_version", name: "kernel-source-vanilla-3.0.101-108.174.1.s390", product: { name: "kernel-source-vanilla-3.0.101-108.174.1.s390", product_id: "kernel-source-vanilla-3.0.101-108.174.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "kernel-source-3.0.101-108.174.1.s390x", product: { name: "kernel-source-3.0.101-108.174.1.s390x", product_id: "kernel-source-3.0.101-108.174.1.s390x", }, }, { category: "product_version", name: "kernel-source-vanilla-3.0.101-108.174.1.s390x", product: { name: "kernel-source-vanilla-3.0.101-108.174.1.s390x", product_id: "kernel-source-vanilla-3.0.101-108.174.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-debug-3.0.101-108.174.1.x86_64", product: { name: "kernel-debug-3.0.101-108.174.1.x86_64", product_id: "kernel-debug-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-base-3.0.101-108.174.1.x86_64", product: { name: "kernel-debug-base-3.0.101-108.174.1.x86_64", product_id: "kernel-debug-base-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-3.0.101-108.174.1.x86_64", product: { name: "kernel-debug-devel-3.0.101-108.174.1.x86_64", product_id: "kernel-debug-devel-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-extra-3.0.101-108.174.1.x86_64", product: { name: "kernel-debug-extra-3.0.101-108.174.1.x86_64", product_id: "kernel-debug-extra-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-hmac-3.0.101-108.174.1.x86_64", product: { name: "kernel-debug-hmac-3.0.101-108.174.1.x86_64", product_id: "kernel-debug-hmac-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-default-3.0.101-108.174.1.x86_64", product: { name: "kernel-default-3.0.101-108.174.1.x86_64", product_id: "kernel-default-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-3.0.101-108.174.1.x86_64", product: { name: "kernel-default-base-3.0.101-108.174.1.x86_64", product_id: "kernel-default-base-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-3.0.101-108.174.1.x86_64", product: { name: "kernel-default-devel-3.0.101-108.174.1.x86_64", product_id: "kernel-default-devel-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-3.0.101-108.174.1.x86_64", product: { name: "kernel-default-extra-3.0.101-108.174.1.x86_64", product_id: "kernel-default-extra-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-default-hmac-3.0.101-108.174.1.x86_64", product: { name: "kernel-default-hmac-3.0.101-108.174.1.x86_64", product_id: "kernel-default-hmac-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-3.0.101-108.174.1.x86_64", product: { name: "kernel-ec2-3.0.101-108.174.1.x86_64", product_id: "kernel-ec2-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-base-3.0.101-108.174.1.x86_64", product: { name: "kernel-ec2-base-3.0.101-108.174.1.x86_64", product_id: "kernel-ec2-base-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-devel-3.0.101-108.174.1.x86_64", product: { name: "kernel-ec2-devel-3.0.101-108.174.1.x86_64", product_id: "kernel-ec2-devel-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-extra-3.0.101-108.174.1.x86_64", product: { name: "kernel-ec2-extra-3.0.101-108.174.1.x86_64", product_id: "kernel-ec2-extra-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-ec2-hmac-3.0.101-108.174.1.x86_64", product: { name: "kernel-ec2-hmac-3.0.101-108.174.1.x86_64", product_id: "kernel-ec2-hmac-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-source-3.0.101-108.174.1.x86_64", product: { name: "kernel-source-3.0.101-108.174.1.x86_64", product_id: "kernel-source-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-source-vanilla-3.0.101-108.174.1.x86_64", product: { name: "kernel-source-vanilla-3.0.101-108.174.1.x86_64", product_id: "kernel-source-vanilla-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-3.0.101-108.174.1.x86_64", product: { name: "kernel-syms-3.0.101-108.174.1.x86_64", product_id: "kernel-syms-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-3.0.101-108.174.1.x86_64", product: { name: "kernel-trace-3.0.101-108.174.1.x86_64", product_id: "kernel-trace-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-base-3.0.101-108.174.1.x86_64", product: { name: "kernel-trace-base-3.0.101-108.174.1.x86_64", product_id: "kernel-trace-base-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-devel-3.0.101-108.174.1.x86_64", product: { name: "kernel-trace-devel-3.0.101-108.174.1.x86_64", product_id: "kernel-trace-devel-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-extra-3.0.101-108.174.1.x86_64", product: { name: "kernel-trace-extra-3.0.101-108.174.1.x86_64", product_id: "kernel-trace-extra-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-trace-hmac-3.0.101-108.174.1.x86_64", product: { name: "kernel-trace-hmac-3.0.101-108.174.1.x86_64", product_id: "kernel-trace-hmac-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-3.0.101-108.174.1.x86_64", product: { name: "kernel-vanilla-3.0.101-108.174.1.x86_64", product_id: "kernel-vanilla-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-3.0.101-108.174.1.x86_64", product: { name: "kernel-vanilla-base-3.0.101-108.174.1.x86_64", product_id: "kernel-vanilla-base-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-devel-3.0.101-108.174.1.x86_64", product: { name: "kernel-vanilla-devel-3.0.101-108.174.1.x86_64", product_id: "kernel-vanilla-devel-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-hmac-3.0.101-108.174.1.x86_64", product: { name: "kernel-vanilla-hmac-3.0.101-108.174.1.x86_64", product_id: "kernel-vanilla-hmac-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-3.0.101-108.174.1.x86_64", product: { name: "kernel-xen-3.0.101-108.174.1.x86_64", product_id: "kernel-xen-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-base-3.0.101-108.174.1.x86_64", product: { name: "kernel-xen-base-3.0.101-108.174.1.x86_64", product_id: "kernel-xen-base-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-devel-3.0.101-108.174.1.x86_64", product: { name: "kernel-xen-devel-3.0.101-108.174.1.x86_64", product_id: "kernel-xen-devel-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-extra-3.0.101-108.174.1.x86_64", product: { name: "kernel-xen-extra-3.0.101-108.174.1.x86_64", product_id: "kernel-xen-extra-3.0.101-108.174.1.x86_64", }, }, { category: "product_version", name: "kernel-xen-hmac-3.0.101-108.174.1.x86_64", product: { name: "kernel-xen-hmac-3.0.101-108.174.1.x86_64", product_id: "kernel-xen-hmac-3.0.101-108.174.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product: { name: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-default-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-default-base-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-default-devel-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-ec2-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-ec2-base-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-ec2-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-ec2-devel-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-source-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-source-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-syms-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-trace-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-trace-base-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-trace-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-trace-devel-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-xen-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-xen-base-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, { category: "default_component_of", full_product_name: { name: "kernel-xen-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", product_id: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", }, product_reference: "kernel-xen-devel-3.0.101-108.174.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE", }, ], }, vulnerabilities: [ { cve: "CVE-2017-1000253", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-1000253", }, ], notes: [ { category: "general", text: "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the \"gap\" between the stack and the binary.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-1000253", url: "https://www.suse.com/security/cve/CVE-2017-1000253", }, { category: "external", summary: "SUSE Bug 1059525 for CVE-2017-1000253", url: "https://bugzilla.suse.com/1059525", }, { category: "external", summary: "SUSE Bug 1061680 for CVE-2017-1000253", url: "https://bugzilla.suse.com/1061680", }, { category: "external", summary: "SUSE Bug 1063607 for CVE-2017-1000253", url: "https://bugzilla.suse.com/1063607", }, { category: "external", summary: "SUSE Bug 1071943 for CVE-2017-1000253", url: "https://bugzilla.suse.com/1071943", }, { category: "external", summary: "SUSE Bug 1072204 for CVE-2017-1000253", url: "https://bugzilla.suse.com/1072204", }, { category: "external", summary: "SUSE Bug 1075506 for CVE-2017-1000253", url: "https://bugzilla.suse.com/1075506", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-1000253", url: "https://bugzilla.suse.com/1115893", }, { category: "external", summary: "SUSE Bug 1149729 for CVE-2017-1000253", url: "https://bugzilla.suse.com/1149729", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2017-1000253", }, { cve: "CVE-2017-14051", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-14051", }, ], notes: [ { category: "general", text: "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-14051", url: "https://www.suse.com/security/cve/CVE-2017-14051", }, { category: "external", summary: "SUSE Bug 1056588 for CVE-2017-14051", url: "https://bugzilla.suse.com/1056588", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "moderate", }, ], title: "CVE-2017-14051", }, { cve: "CVE-2017-2636", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-2636", }, ], notes: [ { category: "general", text: "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-2636", url: "https://www.suse.com/security/cve/CVE-2017-2636", }, { category: "external", summary: "SUSE Bug 1027565 for CVE-2017-2636", url: "https://bugzilla.suse.com/1027565", }, { category: "external", summary: "SUSE Bug 1027575 for CVE-2017-2636", url: "https://bugzilla.suse.com/1027575", }, { category: "external", summary: "SUSE Bug 1028372 for CVE-2017-2636", url: "https://bugzilla.suse.com/1028372", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2017-2636", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "moderate", }, ], title: "CVE-2017-2636", }, { cve: "CVE-2022-20368", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-20368", }, ], notes: [ { category: "general", text: "Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-20368", url: "https://www.suse.com/security/cve/CVE-2022-20368", }, { category: "external", summary: "SUSE Bug 1202346 for CVE-2022-20368", url: "https://bugzilla.suse.com/1202346", }, { category: "external", summary: "SUSE Bug 1212311 for CVE-2022-20368", url: "https://bugzilla.suse.com/1212311", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "moderate", }, ], title: "CVE-2022-20368", }, { cve: "CVE-2022-48839", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-48839", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix slab-out-of-bounds access in packet_recvmsg()\n\nsyzbot found that when an AF_PACKET socket is using PACKET_COPY_THRESH\nand mmap operations, tpacket_rcv() is queueing skbs with\ngarbage in skb->cb[], triggering a too big copy [1]\n\nPresumably, users of af_packet using mmap() already gets correct\nmetadata from the mapped buffer, we can simply make sure\nto clear 12 bytes that might be copied to user space later.\n\nBUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:225 [inline]\nBUG: KASAN: stack-out-of-bounds in packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489\nWrite of size 165 at addr ffffc9000385fb78 by task syz-executor233/3631\n\nCPU: 0 PID: 3631 Comm: syz-executor233 Not tainted 5.17.0-rc7-syzkaller-02396-g0b3660695e80 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0xf/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0x13d/0x180 mm/kasan/generic.c:189\n memcpy+0x39/0x60 mm/kasan/shadow.c:66\n memcpy include/linux/fortify-string.h:225 [inline]\n packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489\n sock_recvmsg_nosec net/socket.c:948 [inline]\n sock_recvmsg net/socket.c:966 [inline]\n sock_recvmsg net/socket.c:962 [inline]\n ____sys_recvmsg+0x2c4/0x600 net/socket.c:2632\n ___sys_recvmsg+0x127/0x200 net/socket.c:2674\n __sys_recvmsg+0xe2/0x1a0 net/socket.c:2704\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fdfd5954c29\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcf8e71e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdfd5954c29\nRDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf8e71e60\nR13: 00000000000f4240 R14: 000000000000c1ff R15: 00007ffcf8e71e54\n </TASK>\n\naddr ffffc9000385fb78 is located in stack of task syz-executor233/3631 at offset 32 in frame:\n ____sys_recvmsg+0x0/0x600 include/linux/uio.h:246\n\nthis frame has 1 object:\n [32, 160) 'addr'\n\nMemory state around the buggy address:\n ffffc9000385fa80: 00 04 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00\n ffffc9000385fb00: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00\n>ffffc9000385fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3\n ^\n ffffc9000385fc00: f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1\n ffffc9000385fc80: f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 00 00 00 00 00\n==================================================================", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-48839", url: "https://www.suse.com/security/cve/CVE-2022-48839", }, { category: "external", summary: "SUSE Bug 1227985 for CVE-2022-48839", url: "https://bugzilla.suse.com/1227985", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "moderate", }, ], title: "CVE-2022-48839", }, { cve: "CVE-2024-53146", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-53146", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Prevent a potential integer overflow\n\nIf the tag length is >= U32_MAX - 3 then the \"length + 4\" addition\ncan result in an integer overflow. Address this by splitting the\ndecoding into several steps so that decode_cb_compound4res() does\nnot have to perform arithmetic on the unsafe length value.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-53146", url: "https://www.suse.com/security/cve/CVE-2024-53146", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-53146", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1234854 for CVE-2024-53146", url: "https://bugzilla.suse.com/1234854", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-53146", }, { cve: "CVE-2024-53156", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-53156", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()\n\nI found the following bug in my fuzzer:\n\n UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51\n index 255 is out of range for type 'htc_endpoint [22]'\n CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.11.0-rc6-dirty #14\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: events request_firmware_work_func\n Call Trace:\n <TASK>\n dump_stack_lvl+0x180/0x1b0\n __ubsan_handle_out_of_bounds+0xd4/0x130\n htc_issue_send.constprop.0+0x20c/0x230\n ? _raw_spin_unlock_irqrestore+0x3c/0x70\n ath9k_wmi_cmd+0x41d/0x610\n ? mark_held_locks+0x9f/0xe0\n ...\n\nSince this bug has been confirmed to be caused by insufficient verification\nof conn_rsp_epid, I think it would be appropriate to add a range check for\nconn_rsp_epid to htc_connect_service() to prevent the bug from occurring.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-53156", url: "https://www.suse.com/security/cve/CVE-2024-53156", }, { category: "external", summary: "SUSE Bug 1234846 for CVE-2024-53156", url: "https://bugzilla.suse.com/1234846", }, { category: "external", summary: "SUSE Bug 1234847 for CVE-2024-53156", url: "https://bugzilla.suse.com/1234847", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-53156", url: "https://bugzilla.suse.com/1234853", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-53156", }, { cve: "CVE-2024-53173", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-53173", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-53173", url: "https://www.suse.com/security/cve/CVE-2024-53173", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-53173", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1234891 for CVE-2024-53173", url: "https://bugzilla.suse.com/1234891", }, { category: "external", summary: "SUSE Bug 1234892 for CVE-2024-53173", url: "https://bugzilla.suse.com/1234892", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-53173", }, { cve: "CVE-2024-53239", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-53239", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: 6fire: Release resources at card release\n\nThe current 6fire code tries to release the resources right after the\ncall of usb6fire_chip_abort(). But at this moment, the card object\nmight be still in use (as we're calling snd_card_free_when_closed()).\n\nFor avoid potential UAFs, move the release of resources to the card's\nprivate_free instead of the manual call of usb6fire_chip_destroy() at\nthe USB disconnect callback.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-53239", url: "https://www.suse.com/security/cve/CVE-2024-53239", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-53239", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1235054 for CVE-2024-53239", url: "https://bugzilla.suse.com/1235054", }, { category: "external", summary: "SUSE Bug 1235055 for CVE-2024-53239", url: "https://bugzilla.suse.com/1235055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-53239", }, { cve: "CVE-2024-56539", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56539", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[ 356.775250] ------------[ cut here ]------------\n[ 356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv->ssid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n ssid_len = user_scan_in->ssid_list[i].ssid_len;\n [...]\n memcpy(wildcard_ssid_tlv->ssid,\n user_scan_in->ssid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn't account for the size of the one-element\narray, so it doesn't need to be changed.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56539", url: "https://www.suse.com/security/cve/CVE-2024-56539", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-56539", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1234963 for CVE-2024-56539", url: "https://bugzilla.suse.com/1234963", }, { category: "external", summary: "SUSE Bug 1234964 for CVE-2024-56539", url: "https://bugzilla.suse.com/1234964", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-56539", }, { cve: "CVE-2024-56548", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56548", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don't query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[ 419.944641] ==================================================================\n[ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[ 419.947612]\n[ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 419.950035] Call Trace:\n[ 419.950384] <TASK>\n[ 419.950676] dump_stack_lvl+0x57/0x78\n[ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.951830] print_report+0x14c/0x49e\n[ 419.952361] ? __virt_addr_valid+0x267/0x278\n[ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d\n[ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.954231] kasan_report+0x89/0xb0\n[ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955367] hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9\n[ 419.957214] ? _raw_spin_unlock+0x1a/0x2e\n[ 419.957772] hfsplus_fill_super+0x348/0x1590\n[ 419.958355] ? hlock_class+0x4c/0x109\n[ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.959499] ? __pfx_string+0x10/0x10\n[ 419.960006] ? lock_acquire+0x3e2/0x454\n[ 419.960532] ? bdev_name.constprop.0+0xce/0x243\n[ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10\n[ 419.961799] ? pointer+0x3f0/0x62f\n[ 419.962277] ? __pfx_pointer+0x10/0x10\n[ 419.962761] ? vsnprintf+0x6c4/0xfba\n[ 419.963178] ? __pfx_vsnprintf+0x10/0x10\n[ 419.963621] ? setup_bdev_super+0x376/0x3b3\n[ 419.964029] ? snprintf+0x9d/0xd2\n[ 419.964344] ? __pfx_snprintf+0x10/0x10\n[ 419.964675] ? lock_acquired+0x45c/0x5e9\n[ 419.965016] ? set_blocksize+0x139/0x1c1\n[ 419.965381] ? sb_set_blocksize+0x6d/0xae\n[ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.966179] mount_bdev+0x12f/0x1bf\n[ 419.966512] ? __pfx_mount_bdev+0x10/0x10\n[ 419.966886] ? vfs_parse_fs_string+0xce/0x111\n[ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10\n[ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10\n[ 419.968073] legacy_get_tree+0x104/0x178\n[ 419.968414] vfs_get_tree+0x86/0x296\n[ 419.968751] path_mount+0xba3/0xd0b\n[ 419.969157] ? __pfx_path_mount+0x10/0x10\n[ 419.969594] ? kmem_cache_free+0x1e2/0x260\n[ 419.970311] do_mount+0x99/0xe0\n[ 419.970630] ? __pfx_do_mount+0x10/0x10\n[ 419.971008] __do_sys_mount+0x199/0x1c9\n[ 419.971397] do_syscall_64+0xd0/0x135\n[ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 419.972233] RIP: 0033:0x7c3cb812972e\n[ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56548", url: "https://www.suse.com/security/cve/CVE-2024-56548", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-56548", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1235073 for CVE-2024-56548", url: "https://bugzilla.suse.com/1235073", }, { category: "external", summary: "SUSE Bug 1235074 for CVE-2024-56548", url: "https://bugzilla.suse.com/1235074", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-56548", }, { cve: "CVE-2024-56598", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56598", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: array-index-out-of-bounds fix in dtReadFirst\n\nThe value of stbl can be sometimes out of bounds due\nto a bad filesystem. Added a check with appopriate return\nof error code in that case.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56598", url: "https://www.suse.com/security/cve/CVE-2024-56598", }, { category: "external", summary: "SUSE Bug 1235220 for CVE-2024-56598", url: "https://bugzilla.suse.com/1235220", }, { category: "external", summary: "SUSE Bug 1235221 for CVE-2024-56598", url: "https://bugzilla.suse.com/1235221", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-56598", }, { cve: "CVE-2024-56604", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56604", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()\n\nbt_sock_alloc() attaches allocated sk object to the provided sock object.\nIf rfcomm_dlc_alloc() fails, we release the sk object, but leave the\ndangling pointer in the sock object, which may cause use-after-free.\n\nFix this by swapping calls to bt_sock_alloc() and rfcomm_dlc_alloc().", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56604", url: "https://www.suse.com/security/cve/CVE-2024-56604", }, { category: "external", summary: "SUSE Bug 1235056 for CVE-2024-56604", url: "https://bugzilla.suse.com/1235056", }, { category: "external", summary: "SUSE Bug 1235058 for CVE-2024-56604", url: "https://bugzilla.suse.com/1235058", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-56604", }, { cve: "CVE-2024-56605", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56605", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56605", url: "https://www.suse.com/security/cve/CVE-2024-56605", }, { category: "external", summary: "SUSE Bug 1234853 for CVE-2024-56605", url: "https://bugzilla.suse.com/1234853", }, { category: "external", summary: "SUSE Bug 1235061 for CVE-2024-56605", url: "https://bugzilla.suse.com/1235061", }, { category: "external", summary: "SUSE Bug 1235062 for CVE-2024-56605", url: "https://bugzilla.suse.com/1235062", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-56605", }, { cve: "CVE-2024-56619", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-56619", }, ], notes: [ { category: "general", text: "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()\n\nSyzbot reported that when searching for records in a directory where the\ninode's i_size is corrupted and has a large value, memory access outside\nthe folio/page range may occur, or a use-after-free bug may be detected if\nKASAN is enabled.\n\nThis is because nilfs_last_byte(), which is called by nilfs_find_entry()\nand others to calculate the number of valid bytes of directory data in a\npage from i_size and the page index, loses the upper 32 bits of the 64-bit\nsize information due to an inappropriate type of local variable to which\nthe i_size value is assigned.\n\nThis caused a large byte offset value due to underflow in the end address\ncalculation in the calling nilfs_find_entry(), resulting in memory access\nthat exceeds the folio/page size.\n\nFix this issue by changing the type of the local variable causing the bit\nloss from \"unsigned int\" to \"u64\". The return value of nilfs_last_byte()\nis also of type \"unsigned int\", but it is truncated so as not to exceed\nPAGE_SIZE and no bit loss occurs, so no change is required.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-56619", url: "https://www.suse.com/security/cve/CVE-2024-56619", }, { category: "external", summary: "SUSE Bug 1235224 for CVE-2024-56619", url: "https://bugzilla.suse.com/1235224", }, { category: "external", summary: "SUSE Bug 1235225 for CVE-2024-56619", url: "https://bugzilla.suse.com/1235225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64", "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-01-17T09:13:58Z", details: "important", }, ], title: "CVE-2024-56619", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.