Описание
Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-150300_59_174 fixes several issues.
The following security issues were fixed:
- CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679).
- CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229640).
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP3
Ссылки
- Link for SUSE-SU-2025:0897-1
- E-Mail link for SUSE-SU-2025:0897-1
- SUSE Security Ratings
- SUSE Bug 1229640
- SUSE Bug 1231204
- SUSE Bug 1233679
- SUSE CVE CVE-2022-48911 page
- SUSE CVE CVE-2024-46818 page
- SUSE CVE CVE-2024-50302 page
Описание
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: fix possible use-after-free Eric Dumazet says: The sock_hold() side seems suspect, because there is no guarantee that sk_refcnt is not already 0. On failure, we cannot queue the packet and need to indicate an error. The packet will be dropped by the caller. v2: split skb prefetch hunk into separate change
Затронутые продукты
Ссылки
- CVE-2022-48911
- SUSE Bug 1229633
- SUSE Bug 1229640
Описание
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported by Coverity.
Затронутые продукты
Ссылки
- CVE-2024-46818
- SUSE Bug 1231203
- SUSE Bug 1231204
Описание
In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.
Затронутые продукты
Ссылки
- CVE-2024-50302
- SUSE Bug 1233491
- SUSE Bug 1233679