SB2025022129 - SUSE update for the Linux Kernel

Main Vulnerability Database SB2025022129

SB2025022129 - SUSE update for the Linux Kernel

Published: February 21, 2025 Updated: March 12, 2025

Security Bulletin ID SB2025022129

Severity

High

Patch available

YES

Number of vulnerabilities 13

Exploitation vector Adjecent network

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 13 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2024-35863)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the is_valid_oplock_break() function in fs/smb/client/misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.

2) Out-of-bounds write (CVE-ID: CVE-2024-53104)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an out-of-bounds read error within the uvc_parse_format() function in drivers/media/usb/uvc/uvc_driver.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.

Note, the vulnerability is being actively exploited in the wild.

3) Use-after-free (CVE-ID: CVE-2024-53173)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nfs4_open_release() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.

4) Use-after-free (CVE-ID: CVE-2024-53239)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the usb6fire_chip_abort(), usb6fire_chip_destroy(), usb6fire_chip_probe() and usb6fire_chip_disconnect() functions in sound/usb/6fire/chip.c. A local user can escalate privileges on the system.

5) Buffer overflow (CVE-ID: CVE-2024-56539)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory corruption within the drivers/net/wireless/marvell/mwifiex/fw.h. A local user can perform a denial of service (DoS) attack.

6) Use-after-free (CVE-ID: CVE-2024-56548)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the hfsplus_read_wrapper() function in fs/hfsplus/wrapper.c. A local user can escalate privileges on the system.

7) Use-after-free (CVE-ID: CVE-2024-56600)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the htons() function in net/ipv6/af_inet6.c. A local user can escalate privileges on the system.

8) Use-after-free (CVE-ID: CVE-2024-56601)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the htons() function in net/ipv4/af_inet.c. A local user can escalate privileges on the system.

9) Use-after-free (CVE-ID: CVE-2024-56605)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the l2cap_sock_alloc() function in net/bluetooth/l2cap_sock.c. A local user can escalate privileges on the system.

10) Out-of-bounds read (CVE-ID: CVE-2024-56650)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the led_tg_check() function in net/netfilter/xt_LED.c. A local user can perform a denial of service (DoS) attack.

11) Use-after-free (CVE-ID: CVE-2024-56759)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the btrfs_force_cow_block() and btrfs_cow_block() functions in fs/btrfs/ctree.c. A local user can escalate privileges on the system.

12) Buffer overflow (CVE-ID: CVE-2024-57850)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the jffs2_rtime_decompress() function in fs/jffs2/compr_rtime.c. A local user can escalate privileges on the system.

13) Out-of-bounds read (CVE-ID: CVE-2024-57893)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the DEFINE_SPINLOCK() and snd_seq_oss_synth_sysex() functions in sound/core/seq/oss/seq_oss_synth.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2025/suse-su-20250603-1/

Vulnerable Software

SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME: CORE
SUSE Linux Enterprise Server 11: SP4
kernel-trace-base: before 3.0.101-108.177.1
kernel-ec2-base: before 3.0.101-108.177.1
kernel-source: before 3.0.101-108.177.1
kernel-xen-devel: before 3.0.101-108.177.1
kernel-default-base: before 3.0.101-108.177.1
kernel-trace-devel: before 3.0.101-108.177.1
kernel-ec2-devel: before 3.0.101-108.177.1
kernel-syms: before 3.0.101-108.177.1
kernel-xen-base: before 3.0.101-108.177.1
kernel-default-devel: before 3.0.101-108.177.1
kernel-trace: before 3.0.101-108.177.1
kernel-ec2: before 3.0.101-108.177.1
kernel-default: before 3.0.101-108.177.1
kernel-xen: before 3.0.101-108.177.1