# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:2384-1  
Rating: important  
References:

  * bsc#1156395
  * bsc#1171988
  * bsc#1176447
  * bsc#1176774
  * bsc#1181147
  * bsc#1191958
  * bsc#1195065
  * bsc#1195254
  * bsc#1195798
  * bsc#1202623
  * bsc#1218148
  * bsc#1219224
  * bsc#1219633
  * bsc#1222015
  * bsc#1223011
  * bsc#1224671
  * bsc#1224703
  * bsc#1224749
  * bsc#1224764
  * bsc#1224765
  * bsc#1224766
  * bsc#1224865
  * bsc#1225010
  * bsc#1225047
  * bsc#1225109
  * bsc#1225161
  * bsc#1225184
  * bsc#1225203
  * bsc#1225487
  * bsc#1225518
  * bsc#1225611
  * bsc#1225732
  * bsc#1225749
  * bsc#1225840
  * bsc#1225866
  * bsc#1226226
  * bsc#1226537
  * bsc#1226552
  * bsc#1226554
  * bsc#1226557
  * bsc#1226558
  * bsc#1226562
  * bsc#1226563
  * bsc#1226575
  * bsc#1226583
  * bsc#1226585
  * bsc#1226587
  * bsc#1226595
  * bsc#1226614
  * bsc#1226619
  * bsc#1226621
  * bsc#1226624
  * bsc#1226643
  * bsc#1226644
  * bsc#1226645
  * bsc#1226647
  * bsc#1226650
  * bsc#1226669
  * bsc#1226670
  * bsc#1226672
  * bsc#1226674
  * bsc#1226679
  * bsc#1226686
  * bsc#1226691
  * bsc#1226692
  * bsc#1226698
  * bsc#1226703
  * bsc#1226708
  * bsc#1226709
  * bsc#1226711
  * bsc#1226712
  * bsc#1226713
  * bsc#1226715
  * bsc#1226716
  * bsc#1226720
  * bsc#1226721
  * bsc#1226732
  * bsc#1226762
  * bsc#1226785
  * bsc#1226786
  * bsc#1226962

  
Cross-References:

  * CVE-2021-43389
  * CVE-2021-4439
  * CVE-2021-47247
  * CVE-2021-47311
  * CVE-2021-47328
  * CVE-2021-47368
  * CVE-2021-47372
  * CVE-2021-47379
  * CVE-2021-47571
  * CVE-2021-47576
  * CVE-2021-47583
  * CVE-2021-47589
  * CVE-2021-47595
  * CVE-2021-47596
  * CVE-2021-47600
  * CVE-2021-47602
  * CVE-2021-47609
  * CVE-2021-47611
  * CVE-2021-47612
  * CVE-2021-47617
  * CVE-2021-47618
  * CVE-2021-47619
  * CVE-2021-47620
  * CVE-2022-2938
  * CVE-2022-48711
  * CVE-2022-48715
  * CVE-2022-48717
  * CVE-2022-48722
  * CVE-2022-48724
  * CVE-2022-48726
  * CVE-2022-48728
  * CVE-2022-48730
  * CVE-2022-48732
  * CVE-2022-48736
  * CVE-2022-48737
  * CVE-2022-48738
  * CVE-2022-48746
  * CVE-2022-48747
  * CVE-2022-48748
  * CVE-2022-48749
  * CVE-2022-48752
  * CVE-2022-48754
  * CVE-2022-48756
  * CVE-2022-48758
  * CVE-2022-48759
  * CVE-2022-48760
  * CVE-2022-48767
  * CVE-2022-48768
  * CVE-2022-48771
  * CVE-2023-24023
  * CVE-2023-52707
  * CVE-2023-52752
  * CVE-2023-52881
  * CVE-2024-26822
  * CVE-2024-35789
  * CVE-2024-35861
  * CVE-2024-35862
  * CVE-2024-35864
  * CVE-2024-35878
  * CVE-2024-35950
  * CVE-2024-36894
  * CVE-2024-36904
  * CVE-2024-36940
  * CVE-2024-36964
  * CVE-2024-38541
  * CVE-2024-38545
  * CVE-2024-38559
  * CVE-2024-38560

  
CVSS scores:

  * CVE-2021-43389 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-43389 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-4439 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2021-47247 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47311 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47328 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47368 ( SUSE ):  5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2021-47372 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47379 ( SUSE ):  6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47571 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47571 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47576 ( SUSE ):  3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L
  * CVE-2021-47583 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47589 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47595 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47596 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47600 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47602 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47609 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47611 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47612 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47617 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47618 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47619 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47620 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  * CVE-2022-2938 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
  * CVE-2022-2938 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48711 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48715 ( SUSE ):  3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2022-48717 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2022-48722 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48724 ( SUSE ):  4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48726 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2022-48728 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48730 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  * CVE-2022-48732 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48736 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2022-48737 ( SUSE ):  0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
  * CVE-2022-48738 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48746 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48747 ( SUSE ):  5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2022-48748 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
  * CVE-2022-48749 ( SUSE ):  4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48752 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48754 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48756 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48758 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48759 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48760 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48767 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48768 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2022-48771 ( SUSE ):  6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-24023 ( SUSE ):  6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2023-24023 ( NVD ):  6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
  * CVE-2023-52707 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52752 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52752 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52881 ( SUSE ):  7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L
  * CVE-2024-26822 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35789 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35861 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35862 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35864 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-35878 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35950 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36894 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36904 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-36940 ( SUSE ):  7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  * CVE-2024-36964 ( SUSE ):  7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-38541 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-38545 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-38559 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2024-38560 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.1
  * SUSE Linux Enterprise Micro 5.2
  * SUSE Linux Enterprise Micro for Rancher 5.2

  
  
An update that solves 68 vulnerabilities and has 13 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various
security bugfixes.

    
    
    The following security bugs were fixed:
    
    - CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865).
    - CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010).
    - CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161).
    - CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184).
    - CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203).
    - CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
    - CVE-2022-2938: psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1202623).
    - CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712).
    - CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). polled (bsc#1202623).
    - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
    - CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
    - CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
    - CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
    - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
    - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
    - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
    - CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
    - CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
    - CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
    - CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
    - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
    - CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
    - CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
    - CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
    
    The following non-security bugs were fixed:
    
    - NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
    - ocfs2: adjust enabling place for la window (bsc#1219224).
    - ocfs2: fix sparse warnings (bsc#1219224).
    - ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
    - ocfs2: speed up chain-list searching (bsc#1219224).
    - psi: Fix uaf issue when psi trigger is destroyed while being
    - x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
    

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.1  
    zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2384=1

  * SUSE Linux Enterprise Micro 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2384=1

  * SUSE Linux Enterprise Micro for Rancher 5.2  
    zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2384=1

## Package List:

  * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.175.1
  * SUSE Linux Enterprise Micro 5.1 (x86_64)
    * kernel-rt-debugsource-5.3.18-150300.175.1
    * kernel-rt-debuginfo-5.3.18-150300.175.1
  * SUSE Linux Enterprise Micro 5.1 (noarch)
    * kernel-source-rt-5.3.18-150300.175.1
  * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.175.1
  * SUSE Linux Enterprise Micro 5.2 (x86_64)
    * kernel-rt-debugsource-5.3.18-150300.175.1
    * kernel-rt-debuginfo-5.3.18-150300.175.1
  * SUSE Linux Enterprise Micro 5.2 (noarch)
    * kernel-source-rt-5.3.18-150300.175.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64)
    * kernel-rt-5.3.18-150300.175.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
    * kernel-rt-debugsource-5.3.18-150300.175.1
    * kernel-rt-debuginfo-5.3.18-150300.175.1
  * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
    * kernel-source-rt-5.3.18-150300.175.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-43389.html
  * https://www.suse.com/security/cve/CVE-2021-4439.html
  * https://www.suse.com/security/cve/CVE-2021-47247.html
  * https://www.suse.com/security/cve/CVE-2021-47311.html
  * https://www.suse.com/security/cve/CVE-2021-47328.html
  * https://www.suse.com/security/cve/CVE-2021-47368.html
  * https://www.suse.com/security/cve/CVE-2021-47372.html
  * https://www.suse.com/security/cve/CVE-2021-47379.html
  * https://www.suse.com/security/cve/CVE-2021-47571.html
  * https://www.suse.com/security/cve/CVE-2021-47576.html
  * https://www.suse.com/security/cve/CVE-2021-47583.html
  * https://www.suse.com/security/cve/CVE-2021-47589.html
  * https://www.suse.com/security/cve/CVE-2021-47595.html
  * https://www.suse.com/security/cve/CVE-2021-47596.html
  * https://www.suse.com/security/cve/CVE-2021-47600.html
  * https://www.suse.com/security/cve/CVE-2021-47602.html
  * https://www.suse.com/security/cve/CVE-2021-47609.html
  * https://www.suse.com/security/cve/CVE-2021-47611.html
  * https://www.suse.com/security/cve/CVE-2021-47612.html
  * https://www.suse.com/security/cve/CVE-2021-47617.html
  * https://www.suse.com/security/cve/CVE-2021-47618.html
  * https://www.suse.com/security/cve/CVE-2021-47619.html
  * https://www.suse.com/security/cve/CVE-2021-47620.html
  * https://www.suse.com/security/cve/CVE-2022-2938.html
  * https://www.suse.com/security/cve/CVE-2022-48711.html
  * https://www.suse.com/security/cve/CVE-2022-48715.html
  * https://www.suse.com/security/cve/CVE-2022-48717.html
  * https://www.suse.com/security/cve/CVE-2022-48722.html
  * https://www.suse.com/security/cve/CVE-2022-48724.html
  * https://www.suse.com/security/cve/CVE-2022-48726.html
  * https://www.suse.com/security/cve/CVE-2022-48728.html
  * https://www.suse.com/security/cve/CVE-2022-48730.html
  * https://www.suse.com/security/cve/CVE-2022-48732.html
  * https://www.suse.com/security/cve/CVE-2022-48736.html
  * https://www.suse.com/security/cve/CVE-2022-48737.html
  * https://www.suse.com/security/cve/CVE-2022-48738.html
  * https://www.suse.com/security/cve/CVE-2022-48746.html
  * https://www.suse.com/security/cve/CVE-2022-48747.html
  * https://www.suse.com/security/cve/CVE-2022-48748.html
  * https://www.suse.com/security/cve/CVE-2022-48749.html
  * https://www.suse.com/security/cve/CVE-2022-48752.html
  * https://www.suse.com/security/cve/CVE-2022-48754.html
  * https://www.suse.com/security/cve/CVE-2022-48756.html
  * https://www.suse.com/security/cve/CVE-2022-48758.html
  * https://www.suse.com/security/cve/CVE-2022-48759.html
  * https://www.suse.com/security/cve/CVE-2022-48760.html
  * https://www.suse.com/security/cve/CVE-2022-48767.html
  * https://www.suse.com/security/cve/CVE-2022-48768.html
  * https://www.suse.com/security/cve/CVE-2022-48771.html
  * https://www.suse.com/security/cve/CVE-2023-24023.html
  * https://www.suse.com/security/cve/CVE-2023-52707.html
  * https://www.suse.com/security/cve/CVE-2023-52752.html
  * https://www.suse.com/security/cve/CVE-2023-52881.html
  * https://www.suse.com/security/cve/CVE-2024-26822.html
  * https://www.suse.com/security/cve/CVE-2024-35789.html
  * https://www.suse.com/security/cve/CVE-2024-35861.html
  * https://www.suse.com/security/cve/CVE-2024-35862.html
  * https://www.suse.com/security/cve/CVE-2024-35864.html
  * https://www.suse.com/security/cve/CVE-2024-35878.html
  * https://www.suse.com/security/cve/CVE-2024-35950.html
  * https://www.suse.com/security/cve/CVE-2024-36894.html
  * https://www.suse.com/security/cve/CVE-2024-36904.html
  * https://www.suse.com/security/cve/CVE-2024-36940.html
  * https://www.suse.com/security/cve/CVE-2024-36964.html
  * https://www.suse.com/security/cve/CVE-2024-38541.html
  * https://www.suse.com/security/cve/CVE-2024-38545.html
  * https://www.suse.com/security/cve/CVE-2024-38559.html
  * https://www.suse.com/security/cve/CVE-2024-38560.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1156395
  * https://bugzilla.suse.com/show_bug.cgi?id=1171988
  * https://bugzilla.suse.com/show_bug.cgi?id=1176447
  * https://bugzilla.suse.com/show_bug.cgi?id=1176774
  * https://bugzilla.suse.com/show_bug.cgi?id=1181147
  * https://bugzilla.suse.com/show_bug.cgi?id=1191958
  * https://bugzilla.suse.com/show_bug.cgi?id=1195065
  * https://bugzilla.suse.com/show_bug.cgi?id=1195254
  * https://bugzilla.suse.com/show_bug.cgi?id=1195798
  * https://bugzilla.suse.com/show_bug.cgi?id=1202623
  * https://bugzilla.suse.com/show_bug.cgi?id=1218148
  * https://bugzilla.suse.com/show_bug.cgi?id=1219224
  * https://bugzilla.suse.com/show_bug.cgi?id=1219633
  * https://bugzilla.suse.com/show_bug.cgi?id=1222015
  * https://bugzilla.suse.com/show_bug.cgi?id=1223011
  * https://bugzilla.suse.com/show_bug.cgi?id=1224671
  * https://bugzilla.suse.com/show_bug.cgi?id=1224703
  * https://bugzilla.suse.com/show_bug.cgi?id=1224749
  * https://bugzilla.suse.com/show_bug.cgi?id=1224764
  * https://bugzilla.suse.com/show_bug.cgi?id=1224765
  * https://bugzilla.suse.com/show_bug.cgi?id=1224766
  * https://bugzilla.suse.com/show_bug.cgi?id=1224865
  * https://bugzilla.suse.com/show_bug.cgi?id=1225010
  * https://bugzilla.suse.com/show_bug.cgi?id=1225047
  * https://bugzilla.suse.com/show_bug.cgi?id=1225109
  * https://bugzilla.suse.com/show_bug.cgi?id=1225161
  * https://bugzilla.suse.com/show_bug.cgi?id=1225184
  * https://bugzilla.suse.com/show_bug.cgi?id=1225203
  * https://bugzilla.suse.com/show_bug.cgi?id=1225487
  * https://bugzilla.suse.com/show_bug.cgi?id=1225518
  * https://bugzilla.suse.com/show_bug.cgi?id=1225611
  * https://bugzilla.suse.com/show_bug.cgi?id=1225732
  * https://bugzilla.suse.com/show_bug.cgi?id=1225749
  * https://bugzilla.suse.com/show_bug.cgi?id=1225840
  * https://bugzilla.suse.com/show_bug.cgi?id=1225866
  * https://bugzilla.suse.com/show_bug.cgi?id=1226226
  * https://bugzilla.suse.com/show_bug.cgi?id=1226537
  * https://bugzilla.suse.com/show_bug.cgi?id=1226552
  * https://bugzilla.suse.com/show_bug.cgi?id=1226554
  * https://bugzilla.suse.com/show_bug.cgi?id=1226557
  * https://bugzilla.suse.com/show_bug.cgi?id=1226558
  * https://bugzilla.suse.com/show_bug.cgi?id=1226562
  * https://bugzilla.suse.com/show_bug.cgi?id=1226563
  * https://bugzilla.suse.com/show_bug.cgi?id=1226575
  * https://bugzilla.suse.com/show_bug.cgi?id=1226583
  * https://bugzilla.suse.com/show_bug.cgi?id=1226585
  * https://bugzilla.suse.com/show_bug.cgi?id=1226587
  * https://bugzilla.suse.com/show_bug.cgi?id=1226595
  * https://bugzilla.suse.com/show_bug.cgi?id=1226614
  * https://bugzilla.suse.com/show_bug.cgi?id=1226619
  * https://bugzilla.suse.com/show_bug.cgi?id=1226621
  * https://bugzilla.suse.com/show_bug.cgi?id=1226624
  * https://bugzilla.suse.com/show_bug.cgi?id=1226643
  * https://bugzilla.suse.com/show_bug.cgi?id=1226644
  * https://bugzilla.suse.com/show_bug.cgi?id=1226645
  * https://bugzilla.suse.com/show_bug.cgi?id=1226647
  * https://bugzilla.suse.com/show_bug.cgi?id=1226650
  * https://bugzilla.suse.com/show_bug.cgi?id=1226669
  * https://bugzilla.suse.com/show_bug.cgi?id=1226670
  * https://bugzilla.suse.com/show_bug.cgi?id=1226672
  * https://bugzilla.suse.com/show_bug.cgi?id=1226674
  * https://bugzilla.suse.com/show_bug.cgi?id=1226679
  * https://bugzilla.suse.com/show_bug.cgi?id=1226686
  * https://bugzilla.suse.com/show_bug.cgi?id=1226691
  * https://bugzilla.suse.com/show_bug.cgi?id=1226692
  * https://bugzilla.suse.com/show_bug.cgi?id=1226698
  * https://bugzilla.suse.com/show_bug.cgi?id=1226703
  * https://bugzilla.suse.com/show_bug.cgi?id=1226708
  * https://bugzilla.suse.com/show_bug.cgi?id=1226709
  * https://bugzilla.suse.com/show_bug.cgi?id=1226711
  * https://bugzilla.suse.com/show_bug.cgi?id=1226712
  * https://bugzilla.suse.com/show_bug.cgi?id=1226713
  * https://bugzilla.suse.com/show_bug.cgi?id=1226715
  * https://bugzilla.suse.com/show_bug.cgi?id=1226716
  * https://bugzilla.suse.com/show_bug.cgi?id=1226720
  * https://bugzilla.suse.com/show_bug.cgi?id=1226721
  * https://bugzilla.suse.com/show_bug.cgi?id=1226732
  * https://bugzilla.suse.com/show_bug.cgi?id=1226762
  * https://bugzilla.suse.com/show_bug.cgi?id=1226785
  * https://bugzilla.suse.com/show_bug.cgi?id=1226786
  * https://bugzilla.suse.com/show_bug.cgi?id=1226962

SUSE: 2024:2384-1 important: the Linux Kernel Security Advisory Updates

July 10, 2024
* bsc#1156395 * bsc#1171988 * bsc#1176447 * bsc#1176774 * bsc#1181147

Summary

## The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865). - CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010). - CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161). - CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184). - CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203). - CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). - CVE-2022-2938: psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1202623). - CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712). - CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). polled (bsc#1202623). - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). - CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). - CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011). - CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). - CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). - CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). - CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). - CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). - CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). - CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). - CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). The following non-security bugs were fixed: - NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). - ocfs2: adjust enabling place for la window (bsc#1219224). - ocfs2: fix sparse warnings (bsc#1219224). - ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). - ocfs2: speed up chain-list searching (bsc#1219224). - psi: Fix uaf issue when psi trigger is destroyed while being - x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).

References

* bsc#1156395

* bsc#1171988

* bsc#1176447

* bsc#1176774

* bsc#1181147

* bsc#1191958

* bsc#1195065

* bsc#1195254

* bsc#1195798

* bsc#1202623

* bsc#1218148

* bsc#1219224

* bsc#1219633

* bsc#1222015

* bsc#1223011

* bsc#1224671

* bsc#1224703

* bsc#1224749

* bsc#1224764

* bsc#1224765

* bsc#1224766

* bsc#1224865

* bsc#1225010

* bsc#1225047

* bsc#1225109

* bsc#1225161

* bsc#1225184

* bsc#1225203

* bsc#1225487

* bsc#1225518

* bsc#1225611

* bsc#1225732

* bsc#1225749

* bsc#1225840

* bsc#1225866

* bsc#1226226

* bsc#1226537

* bsc#1226552

* bsc#1226554

* bsc#1226557

* bsc#1226558

* bsc#1226562

* bsc#1226563

* bsc#1226575

* bsc#1226583

* bsc#1226585

* bsc#1226587

* bsc#1226595

* bsc#1226614

* bsc#1226619

* bsc#1226621

* bsc#1226624

* bsc#1226643

* bsc#1226644

* bsc#1226645

* bsc#1226647

* bsc#1226650

* bsc#1226669

* bsc#1226670

* bsc#1226672

* bsc#1226674

* bsc#1226679

* bsc#1226686

* bsc#1226691

* bsc#1226692

* bsc#1226698

* bsc#1226703

* bsc#1226708

* bsc#1226709

* bsc#1226711

* bsc#1226712

* bsc#1226713

* bsc#1226715

* bsc#1226716

* bsc#1226720

* bsc#1226721

* bsc#1226732

* bsc#1226762

* bsc#1226785

* bsc#1226786

* bsc#1226962

Cross-

* CVE-2021-43389

* CVE-2021-4439

* CVE-2021-47247

* CVE-2021-47311

* CVE-2021-47328

* CVE-2021-47368

* CVE-2021-47372

* CVE-2021-47379

* CVE-2021-47571

* CVE-2021-47576

* CVE-2021-47583

* CVE-2021-47589

* CVE-2021-47595

* CVE-2021-47596

* CVE-2021-47600

* CVE-2021-47602

* CVE-2021-47609

* CVE-2021-47611

* CVE-2021-47612

* CVE-2021-47617

* CVE-2021-47618

* CVE-2021-47619

* CVE-2021-47620

* CVE-2022-2938

* CVE-2022-48711

* CVE-2022-48715

* CVE-2022-48717

* CVE-2022-48722

* CVE-2022-48724

* CVE-2022-48726

* CVE-2022-48728

* CVE-2022-48730

* CVE-2022-48732

* CVE-2022-48736

* CVE-2022-48737

* CVE-2022-48738

* CVE-2022-48746

* CVE-2022-48747

* CVE-2022-48748

* CVE-2022-48749

* CVE-2022-48752

* CVE-2022-48754

* CVE-2022-48756

* CVE-2022-48758

* CVE-2022-48759

* CVE-2022-48760

* CVE-2022-48767

* CVE-2022-48768

* CVE-2022-48771

* CVE-2023-24023

* CVE-2023-52707

* CVE-2023-52752

* CVE-2023-52881

* CVE-2024-26822

* CVE-2024-35789

* CVE-2024-35861

* CVE-2024-35862

* CVE-2024-35864

* CVE-2024-35878

* CVE-2024-35950

* CVE-2024-36894

* CVE-2024-36904

* CVE-2024-36940

* CVE-2024-36964

* CVE-2024-38541

* CVE-2024-38545

* CVE-2024-38559

* CVE-2024-38560

CVSS scores:

* CVE-2021-43389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-43389 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

* CVE-2021-47247 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47311 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47328 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47368 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H

* CVE-2021-47372 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47379 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L

* CVE-2021-47583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47618 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47620 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

* CVE-2022-2938 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

* CVE-2022-2938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

* CVE-2022-48717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48724 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2022-48728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

* CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48736 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N

* CVE-2022-48737 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N

* CVE-2022-48738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48747 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

* CVE-2022-48748 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

* CVE-2022-48749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

* CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

* CVE-2023-52707 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L

* CVE-2024-26822 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

* CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* SUSE Linux Enterprise Micro 5.1

* SUSE Linux Enterprise Micro 5.2

* SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves 68 vulnerabilities and has 13 security fixes can now be

installed.

##

* https://www.suse.com/security/cve/CVE-2021-43389.html

* https://www.suse.com/security/cve/CVE-2021-4439.html

* https://www.suse.com/security/cve/CVE-2021-47247.html

* https://www.suse.com/security/cve/CVE-2021-47311.html

* https://www.suse.com/security/cve/CVE-2021-47328.html

* https://www.suse.com/security/cve/CVE-2021-47368.html

* https://www.suse.com/security/cve/CVE-2021-47372.html

* https://www.suse.com/security/cve/CVE-2021-47379.html

* https://www.suse.com/security/cve/CVE-2021-47571.html

* https://www.suse.com/security/cve/CVE-2021-47576.html

* https://www.suse.com/security/cve/CVE-2021-47583.html

* https://www.suse.com/security/cve/CVE-2021-47589.html

* https://www.suse.com/security/cve/CVE-2021-47595.html

* https://www.suse.com/security/cve/CVE-2021-47596.html

* https://www.suse.com/security/cve/CVE-2021-47600.html

* https://www.suse.com/security/cve/CVE-2021-47602.html

* https://www.suse.com/security/cve/CVE-2021-47609.html

* https://www.suse.com/security/cve/CVE-2021-47611.html

* https://www.suse.com/security/cve/CVE-2021-47612.html

* https://www.suse.com/security/cve/CVE-2021-47617.html

* https://www.suse.com/security/cve/CVE-2021-47618.html

* https://www.suse.com/security/cve/CVE-2021-47619.html

* https://www.suse.com/security/cve/CVE-2021-47620.html

* https://www.suse.com/security/cve/CVE-2022-2938.html

* https://www.suse.com/security/cve/CVE-2022-48711.html

* https://www.suse.com/security/cve/CVE-2022-48715.html

* https://www.suse.com/security/cve/CVE-2022-48717.html

* https://www.suse.com/security/cve/CVE-2022-48722.html

* https://www.suse.com/security/cve/CVE-2022-48724.html

* https://www.suse.com/security/cve/CVE-2022-48726.html

* https://www.suse.com/security/cve/CVE-2022-48728.html

* https://www.suse.com/security/cve/CVE-2022-48730.html

* https://www.suse.com/security/cve/CVE-2022-48732.html

* https://www.suse.com/security/cve/CVE-2022-48736.html

* https://www.suse.com/security/cve/CVE-2022-48737.html

* https://www.suse.com/security/cve/CVE-2022-48738.html

* https://www.suse.com/security/cve/CVE-2022-48746.html

* https://www.suse.com/security/cve/CVE-2022-48747.html

* https://www.suse.com/security/cve/CVE-2022-48748.html

* https://www.suse.com/security/cve/CVE-2022-48749.html

* https://www.suse.com/security/cve/CVE-2022-48752.html

* https://www.suse.com/security/cve/CVE-2022-48754.html

* https://www.suse.com/security/cve/CVE-2022-48756.html

* https://www.suse.com/security/cve/CVE-2022-48758.html

* https://www.suse.com/security/cve/CVE-2022-48759.html

* https://www.suse.com/security/cve/CVE-2022-48760.html

* https://www.suse.com/security/cve/CVE-2022-48767.html

* https://www.suse.com/security/cve/CVE-2022-48768.html

* https://www.suse.com/security/cve/CVE-2022-48771.html

* https://www.suse.com/security/cve/CVE-2023-24023.html

* https://www.suse.com/security/cve/CVE-2023-52707.html

* https://www.suse.com/security/cve/CVE-2023-52752.html

* https://www.suse.com/security/cve/CVE-2023-52881.html

* https://www.suse.com/security/cve/CVE-2024-26822.html

* https://www.suse.com/security/cve/CVE-2024-35789.html

* https://www.suse.com/security/cve/CVE-2024-35861.html

* https://www.suse.com/security/cve/CVE-2024-35862.html

* https://www.suse.com/security/cve/CVE-2024-35864.html

* https://www.suse.com/security/cve/CVE-2024-35878.html

* https://www.suse.com/security/cve/CVE-2024-35950.html

* https://www.suse.com/security/cve/CVE-2024-36894.html

* https://www.suse.com/security/cve/CVE-2024-36904.html

* https://www.suse.com/security/cve/CVE-2024-36940.html

* https://www.suse.com/security/cve/CVE-2024-36964.html

* https://www.suse.com/security/cve/CVE-2024-38541.html

* https://www.suse.com/security/cve/CVE-2024-38545.html

* https://www.suse.com/security/cve/CVE-2024-38559.html

* https://www.suse.com/security/cve/CVE-2024-38560.html

* https://bugzilla.suse.com/show_bug.cgi?id=1156395

* https://bugzilla.suse.com/show_bug.cgi?id=1171988

* https://bugzilla.suse.com/show_bug.cgi?id=1176447

* https://bugzilla.suse.com/show_bug.cgi?id=1176774

* https://bugzilla.suse.com/show_bug.cgi?id=1181147

* https://bugzilla.suse.com/show_bug.cgi?id=1191958

* https://bugzilla.suse.com/show_bug.cgi?id=1195065

* https://bugzilla.suse.com/show_bug.cgi?id=1195254

* https://bugzilla.suse.com/show_bug.cgi?id=1195798

* https://bugzilla.suse.com/show_bug.cgi?id=1202623

* https://bugzilla.suse.com/show_bug.cgi?id=1218148

* https://bugzilla.suse.com/show_bug.cgi?id=1219224

* https://bugzilla.suse.com/show_bug.cgi?id=1219633

* https://bugzilla.suse.com/show_bug.cgi?id=1222015

* https://bugzilla.suse.com/show_bug.cgi?id=1223011

* https://bugzilla.suse.com/show_bug.cgi?id=1224671

* https://bugzilla.suse.com/show_bug.cgi?id=1224703

* https://bugzilla.suse.com/show_bug.cgi?id=1224749

* https://bugzilla.suse.com/show_bug.cgi?id=1224764

* https://bugzilla.suse.com/show_bug.cgi?id=1224765

* https://bugzilla.suse.com/show_bug.cgi?id=1224766

* https://bugzilla.suse.com/show_bug.cgi?id=1224865

* https://bugzilla.suse.com/show_bug.cgi?id=1225010

* https://bugzilla.suse.com/show_bug.cgi?id=1225047

* https://bugzilla.suse.com/show_bug.cgi?id=1225109

* https://bugzilla.suse.com/show_bug.cgi?id=1225161

* https://bugzilla.suse.com/show_bug.cgi?id=1225184

* https://bugzilla.suse.com/show_bug.cgi?id=1225203

* https://bugzilla.suse.com/show_bug.cgi?id=1225487

* https://bugzilla.suse.com/show_bug.cgi?id=1225518

* https://bugzilla.suse.com/show_bug.cgi?id=1225611

* https://bugzilla.suse.com/show_bug.cgi?id=1225732

* https://bugzilla.suse.com/show_bug.cgi?id=1225749

* https://bugzilla.suse.com/show_bug.cgi?id=1225840

* https://bugzilla.suse.com/show_bug.cgi?id=1225866

* https://bugzilla.suse.com/show_bug.cgi?id=1226226

* https://bugzilla.suse.com/show_bug.cgi?id=1226537

* https://bugzilla.suse.com/show_bug.cgi?id=1226552

* https://bugzilla.suse.com/show_bug.cgi?id=1226554

* https://bugzilla.suse.com/show_bug.cgi?id=1226557

* https://bugzilla.suse.com/show_bug.cgi?id=1226558

* https://bugzilla.suse.com/show_bug.cgi?id=1226562

* https://bugzilla.suse.com/show_bug.cgi?id=1226563

* https://bugzilla.suse.com/show_bug.cgi?id=1226575

* https://bugzilla.suse.com/show_bug.cgi?id=1226583

* https://bugzilla.suse.com/show_bug.cgi?id=1226585

* https://bugzilla.suse.com/show_bug.cgi?id=1226587

* https://bugzilla.suse.com/show_bug.cgi?id=1226595

* https://bugzilla.suse.com/show_bug.cgi?id=1226614

* https://bugzilla.suse.com/show_bug.cgi?id=1226619

* https://bugzilla.suse.com/show_bug.cgi?id=1226621

* https://bugzilla.suse.com/show_bug.cgi?id=1226624

* https://bugzilla.suse.com/show_bug.cgi?id=1226643

* https://bugzilla.suse.com/show_bug.cgi?id=1226644

* https://bugzilla.suse.com/show_bug.cgi?id=1226645

* https://bugzilla.suse.com/show_bug.cgi?id=1226647

* https://bugzilla.suse.com/show_bug.cgi?id=1226650

* https://bugzilla.suse.com/show_bug.cgi?id=1226669

* https://bugzilla.suse.com/show_bug.cgi?id=1226670

* https://bugzilla.suse.com/show_bug.cgi?id=1226672

* https://bugzilla.suse.com/show_bug.cgi?id=1226674

* https://bugzilla.suse.com/show_bug.cgi?id=1226679

* https://bugzilla.suse.com/show_bug.cgi?id=1226686

* https://bugzilla.suse.com/show_bug.cgi?id=1226691

* https://bugzilla.suse.com/show_bug.cgi?id=1226692

* https://bugzilla.suse.com/show_bug.cgi?id=1226698

* https://bugzilla.suse.com/show_bug.cgi?id=1226703

* https://bugzilla.suse.com/show_bug.cgi?id=1226708

* https://bugzilla.suse.com/show_bug.cgi?id=1226709

* https://bugzilla.suse.com/show_bug.cgi?id=1226711

* https://bugzilla.suse.com/show_bug.cgi?id=1226712

* https://bugzilla.suse.com/show_bug.cgi?id=1226713

* https://bugzilla.suse.com/show_bug.cgi?id=1226715

* https://bugzilla.suse.com/show_bug.cgi?id=1226716

* https://bugzilla.suse.com/show_bug.cgi?id=1226720

* https://bugzilla.suse.com/show_bug.cgi?id=1226721

* https://bugzilla.suse.com/show_bug.cgi?id=1226732

* https://bugzilla.suse.com/show_bug.cgi?id=1226762

* https://bugzilla.suse.com/show_bug.cgi?id=1226785

* https://bugzilla.suse.com/show_bug.cgi?id=1226786

* https://bugzilla.suse.com/show_bug.cgi?id=1226962

Severity
Announcement ID: SUSE-SU-2024:2384-1
Rating: important

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved