Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:0946-1 Final 1 1 2025-03-19T12:35:10Z current 2025-03-19T12:35:10Z 2025-03-19T12:35:10Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 32 for SLE 15 SP4) This update for the Linux Kernel 5.14.21-150400_24_136 fixes several issues. The following security issues were fixed: - CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231204). - CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231196). - CVE-2024-56648: net: hsr: avoid potential out-of-bound access in fill_frame_info() (bsc#1235452). - CVE-2024-50302: HID: core: zero-initialize the report buffer (bsc#1233679). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-946,SUSE-SLE-Module-Live-Patching-15-SP4-2025-946 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20250946-1/ Link for SUSE-SU-2025:0946-1 https://lists.suse.com/pipermail/sle-security-updates/2025-March/020557.html E-Mail link for SUSE-SU-2025:0946-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1231196 SUSE Bug 1231196 https://bugzilla.suse.com/1231204 SUSE Bug 1231204 https://bugzilla.suse.com/1233679 SUSE Bug 1233679 https://bugzilla.suse.com/1235452 SUSE Bug 1235452 https://www.suse.com/security/cve/CVE-2024-46815/ SUSE CVE CVE-2024-46815 page https://www.suse.com/security/cve/CVE-2024-46818/ SUSE CVE CVE-2024-46818 page https://www.suse.com/security/cve/CVE-2024-50302/ SUSE CVE CVE-2024-50302 page https://www.suse.com/security/cve/CVE-2024-56648/ SUSE CVE CVE-2024-56648 page SUSE Linux Enterprise Live Patching 15 SP4 kernel-livepatch-5_14_21-150400_24_136-default-5-150400.2.1 kernel-livepatch-5_14_21-150400_24_136-default-5-150400.2.1 as a component of SUSE Linux Enterprise Live Patching 15 SP4 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] [WHY & HOW] num_valid_sets needs to be checked to avoid a negative index when accessing reader_wm_sets[num_valid_sets - 1]. This fixes an OVERRUN issue reported by Coverity. CVE-2024-46815 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_136-default-5-150400.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250946-1/ https://www.suse.com/security/cve/CVE-2024-46815.html CVE-2024-46815 https://bugzilla.suse.com/1231195 SUSE Bug 1231195 https://bugzilla.suse.com/1231196 SUSE Bug 1231196 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW] GPIO_ID_UNKNOWN (-1) is not a valid value for array index and therefore should be checked in advance. This fixes 5 OVERRUN issues reported by Coverity. CVE-2024-46818 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_136-default-5-150400.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250946-1/ https://www.suse.com/security/cve/CVE-2024-46818.html CVE-2024-46818 https://bugzilla.suse.com/1231203 SUSE Bug 1231203 https://bugzilla.suse.com/1231204 SUSE Bug 1231204 In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report. CVE-2024-50302 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_136-default-5-150400.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250946-1/ https://www.suse.com/security/cve/CVE-2024-50302.html CVE-2024-50302 https://bugzilla.suse.com/1233491 SUSE Bug 1233491 https://bugzilla.suse.com/1233679 SUSE Bug 1233679 In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fill_frame_info() syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fill_frame_info() is relying on skb->mac_len already, extend the check to cover this case. BUG: KMSAN: uninit-value in fill_frame_info net/hsr/hsr_forward.c:709 [inline] BUG: KMSAN: uninit-value in hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724 fill_frame_info net/hsr/hsr_forward.c:709 [inline] hsr_forward_skb+0x9ee/0x3b10 net/hsr/hsr_forward.c:724 hsr_dev_xmit+0x2f0/0x350 net/hsr/hsr_device.c:235 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276 packet_snd net/packet/af_packet.c:3146 [inline] packet_sendmsg+0x91ae/0xa6f0 net/packet/af_packet.c:3178 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:726 __sys_sendto+0x594/0x750 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200 x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4091 [inline] slab_alloc_node mm/slub.c:4134 [inline] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1323 [inline] alloc_skb_with_frags+0xc8/0xd00 net/core/skbuff.c:6612 sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2881 packet_alloc_skb net/packet/af_packet.c:2995 [inline] packet_snd net/packet/af_packet.c:3089 [inline] packet_sendmsg+0x74c6/0xa6f0 net/packet/af_packet.c:3178 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x30f/0x380 net/socket.c:726 __sys_sendto+0x594/0x750 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __x64_sys_sendto+0x125/0x1d0 net/socket.c:2200 x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CVE-2024-56648 SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_136-default-5-150400.2.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20250946-1/ https://www.suse.com/security/cve/CVE-2024-56648.html CVE-2024-56648 https://bugzilla.suse.com/1235451 SUSE Bug 1235451 https://bugzilla.suse.com/1235452 SUSE Bug 1235452