The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488).
- CVE-2024-26828: Fix underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-35863: Fix potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35867: Fix potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fix potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-26928: Fix potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-36926: Fixed LPAR panics during boot up with a frozen PE (bsc#1222011).
- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
- CVE-2024-27413: Fix incorrect allocation size (bsc#1224438).
- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1224736).
- CVE-2024-35904: Avoid dereference of garbage after mount failure (bsc#1224494).
- CVE-2024-26929: Fixed double free of fcport (bsc#1223715).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
- CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223626).
- CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057).
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
The following non-security bugs were fixed:
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- af_unix: annote lockless accesses to...