SUSE releases urgent Linux Kernel Live Patch 21 for SLE 15 SP5, fixing critical vulnerabilities CVE-2024-56601 (net/inet) and CVE-2024-56605 (Bluetooth L2CAP) with CVSS scores up to 8.5. Learn how to secure openSUSE Leap 15.5, Enterprise Server, and HPC systems now.
Why This Update Matters
The Linux Kernel is the backbone of enterprise infrastructure, and unpatched vulnerabilities like CVE-2024-56601 and CVE-2024-56605 expose systems to privilege escalation and remote code execution risks. With CVSS 4.0 scores of 8.5, these flaws affect critical subsystems:
net/inet (dangling SK pointer in
inet_create())Bluetooth L2CAP (kernel memory leaks in
l2cap_sock_create())
Affected Products:
openSUSE Leap 15.5
SUSE Linux Enterprise Server/SP5, HPC, Micro 5.5, and SAP Applications
Real-Time and Live Patching modules
Patch Details & Installation Guide
Fixed Vulnerabilities
| CVE ID | CVSS Score | Impact | Bug Reference |
|---|---|---|---|
| CVE-2024-56601 | 8.5 (CVSSv4) | Kernel memory corruption via inet_create() | bsc#1235231 |
| CVE-2024-56605 | 8.5 (CVSSv4) | Bluetooth L2CAP privilege escalation | bsc#1235062 |
How to Apply the Patch
Recommended Methods:
YaST
online_updateCommand line:
zypper patch
Product-Specific Commands:
# openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2108=1 # SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2025-2108=1
Security Best Practices
Monitor kernel logs for suspicious Bluetooth or network activity.
Prioritize patching in environments using containers/VMs (shared kernel risks).
Verify mitigations with
sysctlhardening fornet.ipv4and Bluetooth stack settings.
FAQ
Q: Is this update relevant for cloud deployments?
A: Yes—AWS, Azure, and GCP instances running affected SUSE images require immediate patching.
Q: Can attackers exploit these vulnerabilities remotely?
A: CVE-2024-56601 requires local access, but CVE-2024-56605 could be chained with Bluetooth attack vectors.
Nenhum comentário:
Postar um comentário