SUSE-SU-2025:02112-1

Vulnerability from csaf_suse - Published: 2025-06-25 16:03 - Updated: 2025-06-25 16:03
Summary
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)

Notes

Title of the patch
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)
Description of the patch
This update for the Linux Kernel 5.14.21-150400_24_144 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231). - CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062).
Patchnames
SUSE-2025-2112,SUSE-SLE-Module-Live-Patching-15-SP4-2025-2112
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 5.14.21-150400_24_144 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inet_create() (bsc#1235231).\n- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235062).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-2112,SUSE-SLE-Module-Live-Patching-15-SP4-2025-2112",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02112-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:02112-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502112-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:02112-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040479.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235062",
        "url": "https://bugzilla.suse.com/1235062"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235231",
        "url": "https://bugzilla.suse.com/1235231"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56601 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56601/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56605 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56605/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)",
    "tracking": {
      "current_release_date": "2025-06-25T16:03:54Z",
      "generator": {
        "date": "2025-06-25T16:03:54Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:02112-1",
      "initial_release_date": "2025-06-25T16:03:54Z",
      "revision_history": [
        {
          "date": "2025-06-25T16:03:54Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le",
                  "product_id": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x",
                  "product_id": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64",
                  "product_id": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP4",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x"
        },
        "product_reference": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP4",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64"
        },
        "product_reference": "kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-56601",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56601"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: inet: do not leave a dangling sk pointer in inet_create()\n\nsock_init_data() attaches the allocated sk object to the provided sock\nobject. If inet_create() fails later, the sk object is freed, but the\nsock object retains the dangling pointer, which may create use-after-free\nlater.\n\nClear the sk pointer in the sock object on error.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56601",
          "url": "https://www.suse.com/security/cve/CVE-2024-56601"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235230 for CVE-2024-56601",
          "url": "https://bugzilla.suse.com/1235230"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235231 for CVE-2024-56601",
          "url": "https://bugzilla.suse.com/1235231"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T16:03:54Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-56601"
    },
    {
      "cve": "CVE-2024-56605",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56605"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56605",
          "url": "https://www.suse.com/security/cve/CVE-2024-56605"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234853 for CVE-2024-56605",
          "url": "https://bugzilla.suse.com/1234853"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235061 for CVE-2024-56605",
          "url": "https://bugzilla.suse.com/1235061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235062 for CVE-2024-56605",
          "url": "https://bugzilla.suse.com/1235062"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP4:kernel-livepatch-5_14_21-150400_24_144-default-8-150400.2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-25T16:03:54Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-56605"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.