SUSE: 2024:1645-1 important: the Linux Kernel Security Advisory Updates
Summary
## The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543). * CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545). * CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513). * CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). * CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2024-26906: Disallowed vsyscall page read for copy_from_kernel_nofault() (bsc#1223202). * CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). * CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2021-47041: Don't set sk_user_data without write_lock (bsc#1220755). * CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854). * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449). The following non-security bugs were fixed: * dm rq: do not queue request to blk-mq during DM suspend (bsc#1221113). * dm: rearrange core declarations for extended use from dm-zone.c (bsc#1221113). * net/tls: Remove the context from the list in tls_device_down (bsc#1221545). * tls: Fix context leak on tls_device_down (bsc#1221545).
References
* bsc#1190576
* bsc#1192145
* bsc#1200313
* bsc#1201489
* bsc#1203906
* bsc#1203935
* bsc#1204614
* bsc#1211592
* bsc#1218562
* bsc#1218917
* bsc#1219169
* bsc#1219170
* bsc#1219264
* bsc#1220513
* bsc#1220755
* bsc#1220854
* bsc#1221113
* bsc#1221299
* bsc#1221543
* bsc#1221545
* bsc#1222449
* bsc#1222482
* bsc#1222503
* bsc#1222559
* bsc#1222624
* bsc#1222666
* bsc#1222709
* bsc#1222790
* bsc#1222792
* bsc#1222829
* bsc#1222876
* bsc#1222881
* bsc#1222883
* bsc#1222894
* bsc#1222976
* bsc#1223016
* bsc#1223057
* bsc#1223111
* bsc#1223187
* bsc#1223202
* bsc#1223475
* bsc#1223482
* bsc#1223509
* bsc#1223513
* bsc#1223522
* bsc#1223824
* bsc#1223921
* bsc#1223923
* bsc#1223931
* bsc#1223941
* bsc#1223948
* bsc#1223952
* bsc#1223963
Cross-
* CVE-2021-46955
* CVE-2021-47041
* CVE-2021-47074
* CVE-2021-47113
* CVE-2021-47131
* CVE-2021-47184
* CVE-2021-47194
* CVE-2021-47198
* CVE-2021-47201
* CVE-2021-47203
* CVE-2021-47206
* CVE-2021-47207
* CVE-2021-47212
* CVE-2021-47216
* CVE-2022-48631
* CVE-2022-48638
* CVE-2022-48650
* CVE-2022-48651
* CVE-2022-48654
* CVE-2022-48672
* CVE-2022-48686
* CVE-2022-48687
* CVE-2022-48693
* CVE-2022-48695
* CVE-2022-48701
* CVE-2022-48702
* CVE-2024-0639
* CVE-2024-23307
* CVE-2024-26610
* CVE-2024-26688
* CVE-2024-26689
* CVE-2024-26739
* CVE-2024-26744
* CVE-2024-26816
* CVE-2024-26840
* CVE-2024-26852
* CVE-2024-26862
* CVE-2024-26898
* CVE-2024-26903
* CVE-2024-26906
* CVE-2024-27043
CVSS scores:
* CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47074 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47131 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48672 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48686 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2022-48693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48702 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
An update that solves 41 vulnerabilities and has 12 security fixes can now be
installed.
##
* https://www.suse.com/security/cve/CVE-2021-46955.html
* https://www.suse.com/security/cve/CVE-2021-47041.html
* https://www.suse.com/security/cve/CVE-2021-47074.html
* https://www.suse.com/security/cve/CVE-2021-47113.html
* https://www.suse.com/security/cve/CVE-2021-47131.html
* https://www.suse.com/security/cve/CVE-2021-47184.html
* https://www.suse.com/security/cve/CVE-2021-47194.html
* https://www.suse.com/security/cve/CVE-2021-47198.html
* https://www.suse.com/security/cve/CVE-2021-47201.html
* https://www.suse.com/security/cve/CVE-2021-47203.html
* https://www.suse.com/security/cve/CVE-2021-47206.html
* https://www.suse.com/security/cve/CVE-2021-47207.html
* https://www.suse.com/security/cve/CVE-2021-47212.html
* https://www.suse.com/security/cve/CVE-2021-47216.html
* https://www.suse.com/security/cve/CVE-2022-48631.html
* https://www.suse.com/security/cve/CVE-2022-48638.html
* https://www.suse.com/security/cve/CVE-2022-48650.html
* https://www.suse.com/security/cve/CVE-2022-48651.html
* https://www.suse.com/security/cve/CVE-2022-48654.html
* https://www.suse.com/security/cve/CVE-2022-48672.html
* https://www.suse.com/security/cve/CVE-2022-48686.html
* https://www.suse.com/security/cve/CVE-2022-48687.html
* https://www.suse.com/security/cve/CVE-2022-48693.html
* https://www.suse.com/security/cve/CVE-2022-48695.html
* https://www.suse.com/security/cve/CVE-2022-48701.html
* https://www.suse.com/security/cve/CVE-2022-48702.html
* https://www.suse.com/security/cve/CVE-2024-0639.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-26610.html
* https://www.suse.com/security/cve/CVE-2024-26688.html
* https://www.suse.com/security/cve/CVE-2024-26689.html
* https://www.suse.com/security/cve/CVE-2024-26739.html
* https://www.suse.com/security/cve/CVE-2024-26744.html
* https://www.suse.com/security/cve/CVE-2024-26816.html
* https://www.suse.com/security/cve/CVE-2024-26840.html
* https://www.suse.com/security/cve/CVE-2024-26852.html
* https://www.suse.com/security/cve/CVE-2024-26862.html
* https://www.suse.com/security/cve/CVE-2024-26898.html
* https://www.suse.com/security/cve/CVE-2024-26903.html
* https://www.suse.com/security/cve/CVE-2024-26906.html
* https://www.suse.com/security/cve/CVE-2024-27043.html
* https://bugzilla.suse.com/show_bug.cgi?id=1190576
* https://bugzilla.suse.com/show_bug.cgi?id=1192145
* https://bugzilla.suse.com/show_bug.cgi?id=1200313
* https://bugzilla.suse.com/show_bug.cgi?id=1201489
* https://bugzilla.suse.com/show_bug.cgi?id=1203906
* https://bugzilla.suse.com/show_bug.cgi?id=1203935
* https://bugzilla.suse.com/show_bug.cgi?id=1204614
* https://bugzilla.suse.com/show_bug.cgi?id=1211592
* https://bugzilla.suse.com/show_bug.cgi?id=1218562
* https://bugzilla.suse.com/show_bug.cgi?id=1218917
* https://bugzilla.suse.com/show_bug.cgi?id=1219169
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1220513
* https://bugzilla.suse.com/show_bug.cgi?id=1220755
* https://bugzilla.suse.com/show_bug.cgi?id=1220854
* https://bugzilla.suse.com/show_bug.cgi?id=1221113
* https://bugzilla.suse.com/show_bug.cgi?id=1221299
* https://bugzilla.suse.com/show_bug.cgi?id=1221543
* https://bugzilla.suse.com/show_bug.cgi?id=1221545
* https://bugzilla.suse.com/show_bug.cgi?id=1222449
* https://bugzilla.suse.com/show_bug.cgi?id=1222482
* https://bugzilla.suse.com/show_bug.cgi?id=1222503
* https://bugzilla.suse.com/show_bug.cgi?id=1222559
* https://bugzilla.suse.com/show_bug.cgi?id=1222624
* https://bugzilla.suse.com/show_bug.cgi?id=1222666
* https://bugzilla.suse.com/show_bug.cgi?id=1222709
* https://bugzilla.suse.com/show_bug.cgi?id=1222790
* https://bugzilla.suse.com/show_bug.cgi?id=1222792
* https://bugzilla.suse.com/show_bug.cgi?id=1222829
* https://bugzilla.suse.com/show_bug.cgi?id=1222876
* https://bugzilla.suse.com/show_bug.cgi?id=1222881
* https://bugzilla.suse.com/show_bug.cgi?id=1222883
* https://bugzilla.suse.com/show_bug.cgi?id=1222894
* https://bugzilla.suse.com/show_bug.cgi?id=1222976
* https://bugzilla.suse.com/show_bug.cgi?id=1223016
* https://bugzilla.suse.com/show_bug.cgi?id=1223057
* https://bugzilla.suse.com/show_bug.cgi?id=1223111
* https://bugzilla.suse.com/show_bug.cgi?id=1223187
* https://bugzilla.suse.com/show_bug.cgi?id=1223202
* https://bugzilla.suse.com/show_bug.cgi?id=1223475
* https://bugzilla.suse.com/show_bug.cgi?id=1223482
* https://bugzilla.suse.com/show_bug.cgi?id=1223509
* https://bugzilla.suse.com/show_bug.cgi?id=1223513
* https://bugzilla.suse.com/show_bug.cgi?id=1223522
* https://bugzilla.suse.com/show_bug.cgi?id=1223824
* https://bugzilla.suse.com/show_bug.cgi?id=1223921
* https://bugzilla.suse.com/show_bug.cgi?id=1223923
* https://bugzilla.suse.com/show_bug.cgi?id=1223931
* https://bugzilla.suse.com/show_bug.cgi?id=1223941
* https://bugzilla.suse.com/show_bug.cgi?id=1223948
* https://bugzilla.suse.com/show_bug.cgi?id=1223952
* https://bugzilla.suse.com/show_bug.cgi?id=1223963