Описание
Security update for the Linux Kernel (Live Patch 49 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-150300_59_179 fixes several issues.
The following security issues were fixed:
- CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204).
- CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679).
Список пакетов
SUSE Linux Enterprise Live Patching 15 SP3
Ссылки
- Link for SUSE-SU-2025:0961-1
- E-Mail link for SUSE-SU-2025:0961-1
- SUSE Security Ratings
- SUSE Bug 1231204
- SUSE Bug 1233679
- SUSE CVE CVE-2024-46818 page
- SUSE CVE CVE-2024-50302 page
Описание
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported by Coverity.
Затронутые продукты
Ссылки
- CVE-2024-46818
- SUSE Bug 1231203
- SUSE Bug 1231204
Описание
In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report.
Затронутые продукты
Ссылки
- CVE-2024-50302
- SUSE Bug 1233491
- SUSE Bug 1233679