SUSE-SU-2024:3565-1
Vulnerability Summary
Timeline
Description
Security update for the Linux Kernel The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance. (bsc#1229633). - CVE-2022-48945: media: vivid: fix compose size exceed boundary (bsc#1230398). - CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). - CVE-2024-41087: Fix double free on error (bsc#1228466). - CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket (bsc#1230015). - CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245). - CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops (bsc#1230434). - CVE-2024-46695: selinux,smack: do not bypass permissions check in inode_setsecctx hook (bsc#1230519). The following non-security bugs were fixed: - Revert 'ext4: consolidate checks for resize of bigalloc into ext4_resize_begin' (bsc#1230326). - ext4: add check to prevent attempting to resize an fs with sparse_super2 (bsc#1230326). - ext4: add reserved GDT blocks check (bsc#1230326). - ext4: consolidate checks for resize of bigalloc into ext4_resize_begin (bsc#1230326). - ext4: fix bug_on ext4_mb_use_inode_pa (bsc#1230326). - kabi: add __nf_queue_get_refs() for kabi compliance.
Affected Systems
- suse•kernel-default-base&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.206.1.150200.9.107.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.206.1.150200.9.107.1
- suse•kernel-default-base&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.206.1.150200.9.107.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Availability Extension 15 SP2
< 5.3.18-150200.24.206.1
- suse•kernel-default&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-default&distro=SUSE Linux Enterprise Live Patching 15 SP2
< 5.3.18-150200.24.206.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.206.1
- suse•kernel-docs&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-docs&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.206.1
- suse•kernel-livepatch-SLE15-SP2_Update_53&distro=SUSE Linux Enterprise Live Patching 15 SP2
< 1-150200.5.3.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-obs-build&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.206.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-preempt&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.206.1
- suse•kernel-source&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.206.1
- suse•kernel-syms&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
< 5.3.18-150200.24.206.1
- suse•kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP2
< 5.3.18-150200.24.206.1
References (24)
- https://www.suse.com/support/update/announcement/2024/suse-su-20243565-1/
- https://bugzilla.suse.com/1185988
- https://bugzilla.suse.com/1220826
- https://bugzilla.suse.com/1226145
- https://bugzilla.suse.com/1227487
- https://bugzilla.suse.com/1228466
- https://bugzilla.suse.com/1229633
- https://bugzilla.suse.com/1230015
- https://bugzilla.suse.com/1230245
- https://bugzilla.suse.com/1230326
- https://bugzilla.suse.com/1230398
- https://bugzilla.suse.com/1230434
- https://bugzilla.suse.com/1230519
- https://bugzilla.suse.com/1230767
- https://www.suse.com/security/cve/CVE-2021-47069
- https://www.suse.com/security/cve/CVE-2022-48911
- https://www.suse.com/security/cve/CVE-2022-48945
- https://www.suse.com/security/cve/CVE-2024-36971
- https://www.suse.com/security/cve/CVE-2024-41087
- https://www.suse.com/security/cve/CVE-2024-44946
- https://www.suse.com/security/cve/CVE-2024-45003
- https://www.suse.com/security/cve/CVE-2024-45021
- https://www.suse.com/security/cve/CVE-2024-46695
- https://www.suse.com/security/cve/CVE-2024-46774