Security update for the Linux Kernel RT (Live Patch 18 for SLE 15 SP5) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:4160-1 Final 1 1 2024-12-03T16:34:16Z current 2024-12-03T16:34:16Z 2024-12-03T16:34:16Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel RT (Live Patch 18 for SLE 15 SP5) This update for the Linux Kernel 5.14.21-150500_13_64 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225429). - CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2024-4160,SUSE-SLE-Module-Live-Patching-15-SP5-2024-4160 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20244160-1/ Link for SUSE-SU-2024:4160-1 https://lists.suse.com/pipermail/sle-security-updates/2024-December/019905.html E-Mail link for SUSE-SU-2024:4160-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1225429 SUSE Bug 1225429 https://bugzilla.suse.com/1229553 SUSE Bug 1229553 https://www.suse.com/security/cve/CVE-2021-47517/ SUSE CVE CVE-2021-47517 page https://www.suse.com/security/cve/CVE-2024-43861/ SUSE CVE CVE-2024-43861 page SUSE Linux Enterprise Live Patching 15 SP5 kernel-livepatch-5_14_21-150500_13_64-rt-2-150500.11.6.1 kernel-livepatch-5_14_21-150500_13_64-rt-2-150500.11.6.1 as a component of SUSE Linux Enterprise Live Patching 15 SP5 In the Linux kernel, the following vulnerability has been resolved: ethtool: do not perform operations on net devices being unregistered There is a short period between a net device starts to be unregistered and when it is actually gone. In that time frame ethtool operations could still be performed, which might end up in unwanted or undefined behaviours[1]. Do not allow ethtool operations after a net device starts its unregistration. This patch targets the netlink part as the ioctl one isn't affected: the reference to the net device is taken and the operation is executed within an rtnl lock section and the net device won't be found after unregister. [1] For example adding Tx queues after unregister ends up in NULL pointer exceptions and UaFs, such as: BUG: KASAN: use-after-free in kobject_get+0x14/0x90 Read of size 1 at addr ffff88801961248c by task ethtool/755 CPU: 0 PID: 755 Comm: ethtool Not tainted 5.15.0-rc6+ #778 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-4.fc34 04/014 Call Trace: dump_stack_lvl+0x57/0x72 print_address_description.constprop.0+0x1f/0x140 kasan_report.cold+0x7f/0x11b kobject_get+0x14/0x90 kobject_add_internal+0x3d1/0x450 kobject_init_and_add+0xba/0xf0 netdev_queue_update_kobjects+0xcf/0x200 netif_set_real_num_tx_queues+0xb4/0x310 veth_set_channels+0x1c3/0x550 ethnl_set_channels+0x524/0x610 CVE-2021-47517 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_64-rt-2-150500.11.6.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20244160-1/ https://www.suse.com/security/cve/CVE-2021-47517.html CVE-2021-47517 https://bugzilla.suse.com/1225428 SUSE Bug 1225428 In the Linux kernel, the following vulnerability has been resolved: net: usb: qmi_wwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive. CVE-2024-43861 SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_13_64-rt-2-150500.11.6.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20244160-1/ https://www.suse.com/security/cve/CVE-2024-43861.html CVE-2024-43861 https://bugzilla.suse.com/1229500 SUSE Bug 1229500 https://bugzilla.suse.com/1229553 SUSE Bug 1229553