SUSE-SU-2025:4170-1

Опубликовано: 23 нояб. 2025

Источник: suse-cvrf

Описание

Security update for the Linux Kernel (Live Patch 63 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.237 fixes one security issue

The following security issue was fixed:

CVE-2024-53141: netfilter: ipset: add missing range check in bitmap_ip_uadt (bsc#1245778).

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP5

kgraft-patch-4_12_14-122_237-default-15-2.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20254170-1/
Link for SUSE-SU-2025:4170-1
https://lists.suse.com/pipermail/sle-security-updates/2025-November/023327.html
E-Mail link for SUSE-SU-2025:4170-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1245778
SUSE Bug 1245778
https://www.suse.com/security/cve/CVE-2024-53141/
SUSE CVE CVE-2024-53141 page

Описание

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check for ip should be done later, but this part is missing and it seems that the vulnerability occurs. So we should add missing range checks and remove unnecessary range checks.

Затронутые продукты

SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_237-default-15-2.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-53141.html
CVE-2024-53141
https://bugzilla.suse.com/1234381
SUSE Bug 1234381
https://bugzilla.suse.com/1245778
SUSE Bug 1245778

SUSE-SU-2025:4170-1

Описание

Список пакетов

SUSE Linux Enterprise Live Patching 12 SP5

Ссылки

Уязвимость: CVE-2024-53141

Описание

Затронутые продукты

Ссылки