Описание
Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP2)
This update for the Linux Kernel 5.3.18-150200_24_175 fixes several issues.
The following security issues were fixed:
- CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079).
- CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435).
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP2
Ссылки
- Link for SUSE-SU-2024:1506-1
- E-Mail link for SUSE-SU-2024:1506-1
- SUSE Security Ratings
- SUSE Bug 1219079
- SUSE Bug 1219435
- SUSE CVE CVE-2024-0775 page
- SUSE CVE CVE-2024-1086 page
Описание
A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free.
Затронутые продукты
Ссылки
- CVE-2024-0775
- SUSE Bug 1219053
- SUSE Bug 1219082
- SUSE Bug 1224298
- SUSE Bug 1224878
Описание
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
Затронутые продукты
Ссылки
- CVE-2024-1086
- SUSE Bug 1219434
- SUSE Bug 1219435
- SUSE Bug 1224298
- SUSE Bug 1224878
- SUSE Bug 1226066