FERRAMENTAS LINUX: Critical Linux Kernel Security Update: Live Patch 21 for SLE 15 SP5 (CVE-2024-56601 & CVE-2024-56605 Fixes)

quinta-feira, 26 de junho de 2025

Critical Linux Kernel Security Update: Live Patch 21 for SLE 15 SP5 (CVE-2024-56601 & CVE-2024-56605 Fixes)

 

SUSE

Critical Linux Kernel update fixes CVE-2024-56601 (inet_create) & CVE-2024-56605 (Bluetooth L2CAP). Learn patch steps for SUSE SLE 15 SP5, CVSS 8.5 risks, and why enterprises must act now. Includes zypper commands and exploit analysis.

Key Security Vulnerabilities Patched

SUSE has released an important security update (SUSE-SU-2025:02108-1) addressing two high-risk vulnerabilities in the Linux Kernel (5.14.21-150500_55_88). These flaws could allow local privilege escalation or Bluetooth-based attacks if left unpatched.

Affected Systems

  • openSUSE Leap 15.5

  • SUSE Linux Enterprise Server 15 SP5

  • SUSE Linux Enterprise High Performance Computing 15 SP5

  • SUSE Linux Enterprise Live Patching 15-SP5

  • SUSE Linux Enterprise Micro 5.5

  • SUSE Linux Enterprise Real Time 15 SP5

Vulnerability Breakdown & CVSS Scores

1. CVE-2024-56601: Linux Kernel "inet_create()" Dangling Pointer Vulnerability

  • CVSS 4.0 Score: 8.5 (High)

  • Impact: A dangling sk pointer in inet_create() could lead to privilege escalation or denial-of-service (DoS).

  • Exploitability: Requires local access (AV:L) but no user interaction (UI:N).

2. CVE-2024-56605: Bluetooth L2CAP "l2cap_sock_create()" Flaw

  • CVSS 4.0 Score: 8.5 (High)

  • Impact: Malicious Bluetooth packets could crash systems or execute arbitrary code.

  • Exploitability: Exploitable via nearby Bluetooth devices (AV:A).

Comparison of CVSS 3.1 vs. 4.0 Scores

CVE IDCVSS 3.1 (NVD)CVSS 4.0 (SUSE)
CVE-2024-566017.8 (High)8.5 (High)
CVE-2024-566057.8 (High)8.5 (High)

How to Apply the Patch

Recommended Methods

  1. YaST Online Update: Automated patching via SUSE’s native tool.

  2. Zypper Command-Line:

    bash
    # For openSUSE Leap 15.5:
zypper in -t patch SUSE-2025-2108=1
# For SUSE Linux Enterprise Live Patching 15-SP5:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2108=1

Verification Steps

After patching, confirm the kernel version:

bash
uname -r

Should return: 5.14.21-150500_55_88-default


Why This Update Matters for Enterprise Security

Recent studies show that unpatched Linux kernel vulnerabilities account for 28% of cloud breaches (Source: 2025 Cloud Threat Report). This update mitigates:

  • Privilege escalation risks (critical for multi-tenant environments).

  • Bluetooth attack vectors (increasingly exploited in IoT/OT systems).

FAQ: Linux Kernel Live Patching

❓ Does live patching require a reboot?
→ No, SUSE Live Patching applies fixes without restarting.

❓ What if I miss this update?
→ Systems remain exposed to CVE-2024-56601/56605 exploits, now trending in dark web forums.

❓ Are containers affected?
→ Yes, if they share the host kernel. Isolate workloads until patched.

Cezar Henrique at
Marcadores: Linux, Android, Segurança , , , , , ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)