suse-su-2025:0268-1
Vulnerability from csaf_suse
Published
2025-01-28 13:03
Modified
2025-01-28 13:03
Summary
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

Notes

Title of the patch
Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
Description of the patch
This update for the Linux Kernel 6.4.0-150600_8 fixes several issues. The following security issues were fixed: - CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). - CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). - CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369). - CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275). - CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).
Patchnames
SUSE-2025-268,SUSE-SLE-Module-Live-Patching-15-SP6-2025-268
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).


To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 6.4.0-150600_8 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784).\n- CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781).\n- CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1227369).\n- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1229275).\n- CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-268,SUSE-SLE-Module-Live-Patching-15-SP6-2025-268",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0268-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:0268-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250268-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:0268-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020227.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1226324",
        "url": "https://bugzilla.suse.com/1226324"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227369",
        "url": "https://bugzilla.suse.com/1227369"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227781",
        "url": "https://bugzilla.suse.com/1227781"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227784",
        "url": "https://bugzilla.suse.com/1227784"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229275",
        "url": "https://bugzilla.suse.com/1229275"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-36971 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-36971/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-36979 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-36979/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-40920 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-40920/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-40921 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-40921/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-41057 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-41057/"
      }
    ],
    "title": "Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)",
    "tracking": {
      "current_release_date": "2025-01-28T13:03:45Z",
      "generator": {
        "date": "2025-01-28T13:03:45Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:0268-1",
      "initial_release_date": "2025-01-28T13:03:45Z",
      "revision_history": [
        {
          "date": "2025-01-28T13:03:45Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64",
                  "product_id": "kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP6",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-36971",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-36971"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix __dst_negative_advice() race\n\n__dst_negative_advice() does not enforce proper RCU rules when\nsk-\u003edst_cache must be cleared, leading to possible UAF.\n\nRCU rules are that we must first clear sk-\u003esk_dst_cache,\nthen call dst_release(old_dst).\n\nNote that sk_dst_reset(sk) is implementing this protocol correctly,\nwhile __dst_negative_advice() uses the wrong order.\n\nGiven that ip6_negative_advice() has special logic\nagainst RTF_CACHE, this means each of the three -\u003enegative_advice()\nexisting methods must perform the sk_dst_reset() themselves.\n\nNote the check against NULL dst is centralized in\n__dst_negative_advice(), there is no need to duplicate\nit in various callbacks.\n\nMany thanks to Clement Lecigne for tracking this issue.\n\nThis old bug became visible after the blamed commit, using UDP sockets.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-36971",
          "url": "https://www.suse.com/security/cve/CVE-2024-36971"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226145 for CVE-2024-36971",
          "url": "https://bugzilla.suse.com/1226145"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226324 for CVE-2024-36971",
          "url": "https://bugzilla.suse.com/1226324"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-28T13:03:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-36971"
    },
    {
      "cve": "CVE-2024-36979",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-36979"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: mst: fix vlan use-after-free\n\nsyzbot reported a suspicious rcu usage[1] in bridge\u0027s mst code. While\nfixing it I noticed that nothing prevents a vlan to be freed while\nwalking the list from the same path (br forward delay timer). Fix the rcu\nusage and also make sure we are not accessing freed memory by making\nbr_mst_vlan_set_state use rcu read lock.\n\n[1]\n WARNING: suspicious RCU usage\n 6.9.0-rc6-syzkaller #0 Not tainted\n -----------------------------\n net/bridge/br_private.h:1599 suspicious rcu_dereference_protected() usage!\n ...\n stack backtrace:\n CPU: 1 PID: 8017 Comm: syz-executor.1 Not tainted 6.9.0-rc6-syzkaller #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n Call Trace:\n  \u003cIRQ\u003e\n  __dump_stack lib/dump_stack.c:88 [inline]\n  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n  lockdep_rcu_suspicious+0x221/0x340 kernel/locking/lockdep.c:6712\n  nbp_vlan_group net/bridge/br_private.h:1599 [inline]\n  br_mst_set_state+0x1ea/0x650 net/bridge/br_mst.c:105\n  br_set_state+0x28a/0x7b0 net/bridge/br_stp.c:47\n  br_forward_delay_timer_expired+0x176/0x440 net/bridge/br_stp_timer.c:88\n  call_timer_fn+0x18e/0x650 kernel/time/timer.c:1793\n  expire_timers kernel/time/timer.c:1844 [inline]\n  __run_timers kernel/time/timer.c:2418 [inline]\n  __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2429\n  run_timer_base kernel/time/timer.c:2438 [inline]\n  run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2448\n  __do_softirq+0x2c6/0x980 kernel/softirq.c:554\n  invoke_softirq kernel/softirq.c:428 [inline]\n  __irq_exit_rcu+0xf2/0x1c0 kernel/softirq.c:633\n  irq_exit_rcu+0x9/0x30 kernel/softirq.c:645\n  instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1043 [inline]\n  sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1043\n  \u003c/IRQ\u003e\n  \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n RIP: 0010:lock_acquire+0x264/0x550 kernel/locking/lockdep.c:5758\n Code: 2b 00 74 08 4c 89 f7 e8 ba d1 84 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 \u003c4b\u003e c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25\n RSP: 0018:ffffc90013657100 EFLAGS: 00000206\n RAX: 0000000000000001 RBX: 1ffff920026cae2c RCX: 0000000000000001\n RDX: dffffc0000000000 RSI: ffffffff8bcaca00 RDI: ffffffff8c1eaa60\n RBP: ffffc90013657260 R08: ffffffff92efe507 R09: 1ffffffff25dfca0\n R10: dffffc0000000000 R11: fffffbfff25dfca1 R12: 1ffff920026cae28\n R13: dffffc0000000000 R14: ffffc90013657160 R15: 0000000000000246",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-36979",
          "url": "https://www.suse.com/security/cve/CVE-2024-36979"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1226604 for CVE-2024-36979",
          "url": "https://bugzilla.suse.com/1226604"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227369 for CVE-2024-36979",
          "url": "https://bugzilla.suse.com/1227369"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-28T13:03:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-36979"
    },
    {
      "cve": "CVE-2024-40920",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-40920"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: mst: fix suspicious rcu usage in br_mst_set_state\n\nI converted br_mst_set_state to RCU to avoid a vlan use-after-free\nbut forgot to change the vlan group dereference helper. Switch to vlan\ngroup RCU deref helper to fix the suspicious rcu usage warning.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-40920",
          "url": "https://www.suse.com/security/cve/CVE-2024-40920"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227781 for CVE-2024-40920",
          "url": "https://bugzilla.suse.com/1227781"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-28T13:03:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-40920"
    },
    {
      "cve": "CVE-2024-40921",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-40921"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: mst: pass vlan group directly to br_mst_vlan_set_state\n\nPass the already obtained vlan group pointer to br_mst_vlan_set_state()\ninstead of dereferencing it again. Each caller has already correctly\ndereferenced it for their context. This change is required for the\nfollowing suspicious RCU dereference fix. No functional changes\nintended.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-40921",
          "url": "https://www.suse.com/security/cve/CVE-2024-40921"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227784 for CVE-2024-40921",
          "url": "https://bugzilla.suse.com/1227784"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-28T13:03:45Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-40921"
    },
    {
      "cve": "CVE-2024-41057",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-41057"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie()\n\nWe got the following issue in our fault injection stress test:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in cachefiles_withdraw_cookie+0x4d9/0x600\nRead of size 8 at addr ffff888118efc000 by task kworker/u78:0/109\n\nCPU: 13 PID: 109 Comm: kworker/u78:0 Not tainted 6.8.0-dirty #566\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n cachefiles_withdraw_cookie+0x4d9/0x600\n fscache_cookie_state_machine+0x5c8/0x1230\n fscache_cookie_worker+0x91/0x1c0\n process_one_work+0x7fa/0x1800\n [...]\n\nAllocated by task 117:\n kmalloc_trace+0x1b3/0x3c0\n cachefiles_acquire_volume+0xf3/0x9c0\n fscache_create_volume_work+0x97/0x150\n process_one_work+0x7fa/0x1800\n [...]\n\nFreed by task 120301:\n kfree+0xf1/0x2c0\n cachefiles_withdraw_cache+0x3fa/0x920\n cachefiles_put_unbind_pincount+0x1f6/0x250\n cachefiles_daemon_release+0x13b/0x290\n __fput+0x204/0xa00\n task_work_run+0x139/0x230\n do_exit+0x87a/0x29b0\n [...]\n==================================================================\n\nFollowing is the process that triggers the issue:\n\n           p1                |             p2\n------------------------------------------------------------\n                              fscache_begin_lookup\n                               fscache_begin_volume_access\n                                fscache_cache_is_live(fscache_cache)\ncachefiles_daemon_release\n cachefiles_put_unbind_pincount\n  cachefiles_daemon_unbind\n   cachefiles_withdraw_cache\n    fscache_withdraw_cache\n     fscache_set_cache_state(cache, FSCACHE_CACHE_IS_WITHDRAWN);\n    cachefiles_withdraw_objects(cache)\n    fscache_wait_for_objects(fscache)\n      atomic_read(\u0026fscache_cache-\u003eobject_count) == 0\n                              fscache_perform_lookup\n                               cachefiles_lookup_cookie\n                                cachefiles_alloc_object\n                                 refcount_set(\u0026object-\u003eref, 1);\n                                 object-\u003evolume = volume\n                                 fscache_count_object(vcookie-\u003ecache);\n                                  atomic_inc(\u0026fscache_cache-\u003eobject_count)\n    cachefiles_withdraw_volumes\n     cachefiles_withdraw_volume\n      fscache_withdraw_volume\n      __cachefiles_free_volume\n       kfree(cachefiles_volume)\n                              fscache_cookie_state_machine\n                               cachefiles_withdraw_cookie\n                                cache = object-\u003evolume-\u003ecache;\n                                // cachefiles_volume UAF !!!\n\nAfter setting FSCACHE_CACHE_IS_WITHDRAWN, wait for all the cookie lookups\nto complete first, and then wait for fscache_cache-\u003eobject_count == 0 to\navoid the cookie exiting after the volume has been freed and triggering\nthe above issue. Therefore call fscache_withdraw_volume() before calling\ncachefiles_withdraw_objects().\n\nThis way, after setting FSCACHE_CACHE_IS_WITHDRAWN, only the following two\ncases will occur:\n1) fscache_begin_lookup fails in fscache_begin_volume_access().\n2) fscache_withdraw_volume() will ensure that fscache_count_object() has\n   been executed before calling fscache_wait_for_objects().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-41057",
          "url": "https://www.suse.com/security/cve/CVE-2024-41057"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1228462 for CVE-2024-41057",
          "url": "https://bugzilla.suse.com/1228462"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1229275 for CVE-2024-41057",
          "url": "https://bugzilla.suse.com/1229275"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_8-rt-8-150600.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-28T13:03:45Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-41057"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.