# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:2493-1  
Rating: important  
References:

  * bsc#1215420
  * bsc#1220833
  * bsc#1221656
  * bsc#1221659
  * bsc#1222005
  * bsc#1222792
  * bsc#1223021
  * bsc#1223188
  * bsc#1224622
  * bsc#1224627
  * bsc#1224647
  * bsc#1224683
  * bsc#1224686
  * bsc#1224743
  * bsc#1224965
  * bsc#1225229
  * bsc#1225357
  * bsc#1225431
  * bsc#1225478
  * bsc#1225505
  * bsc#1225530
  * bsc#1225532
  * bsc#1225569
  * bsc#1225593
  * bsc#1225835
  * bsc#1226757
  * bsc#1226861
  * bsc#1226994
  * bsc#1227407
  * bsc#1227435
  * bsc#1227487

  
Cross-References:

  * CVE-2021-47145
  * CVE-2021-47201
  * CVE-2021-47275
  * CVE-2021-47438
  * CVE-2021-47498
  * CVE-2021-47520
  * CVE-2021-47547
  * CVE-2023-4244
  * CVE-2023-52507
  * CVE-2023-52683
  * CVE-2023-52693
  * CVE-2023-52753
  * CVE-2023-52817
  * CVE-2023-52818
  * CVE-2023-52819
  * CVE-2024-26635
  * CVE-2024-26636
  * CVE-2024-26880
  * CVE-2024-35805
  * CVE-2024-35819
  * CVE-2024-35828
  * CVE-2024-35947
  * CVE-2024-36014
  * CVE-2024-36941
  * CVE-2024-38598
  * CVE-2024-38619
  * CVE-2024-39301
  * CVE-2024-39475

  
CVSS scores:

  * CVE-2021-47145 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47201 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47275 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47438 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47498 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2021-47520 ( SUSE ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47520 ( NVD ):  7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2021-47547 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
  * CVE-2023-4244 ( SUSE ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-4244 ( NVD ):  7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  * CVE-2023-52507 ( SUSE ):  5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  * CVE-2023-52683 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52693 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52753 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52753 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52817 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52817 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2023-52818 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2023-52819 ( SUSE ):  6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
  * CVE-2024-26635 ( SUSE ):  6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  * CVE-2024-26636 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-26880 ( SUSE ):  3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  * CVE-2024-35805 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35819 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35828 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-35947 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36014 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-36941 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-38598 ( SUSE ):  4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-38619 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-39301 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-39475 ( SUSE ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  * CVE-2024-39475 ( NVD ):  5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

  
Affected Products:

  * SUSE Linux Enterprise High Performance Computing 12 SP5
  * SUSE Linux Enterprise Real Time 12 SP5
  * SUSE Linux Enterprise Server 12 SP5

  
  
An update that solves 28 vulnerabilities and has three security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

  * CVE-2021-47145: btrfs: do not BUG_ON in link_to_fixup_dir (bsc#1222005).
  * CVE-2021-47201: iavf: free q_vectors before queues in iavf_disable_vf
    (bsc#1222792).
  * CVE-2021-47275: bcache: avoid oversized read request in cache missing code
    path (bsc#1224965).
  * CVE-2021-47438: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
    (bsc#1225229)
  * CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend
    (bsc#1225357).
  * CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free
    (bsc#1225431).
  * CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy'
    may be out of bound (bsc#1225505).
  * CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which
    could be exploited to achieve local privilege escalation (bsc#1215420).
  * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
  * CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627).
  * CVE-2023-52693: ACPI: video: check for error while searching for backlight
    device parent (bsc#1224686).
  * CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator
    (bsc#1225478).
  * CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg
    pointer is NULL (bsc#1225569).
  * CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
    (bsc#1225530).
  * CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and
    Tonga (bsc#1225532).
  * CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
  * CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding
    changes (bsc#1221659).
  * CVE-2024-26880: dm: call the resume method on internal suspend
    (bsc#1223188).
  * CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit
    (bsc#1224743).
  * CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock
    (bsc#1224683).
  * CVE-2024-35828: wifi: libertas: fix some memleaks in
    lbs_allocate_cmd_buffer() (bsc#1224622).
  * CVE-2024-35947: dyndbg: fix old BUG_ON in >control parser (bsc#1224647).
  * CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference
    (bsc#1225593).
  * CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule
    (bsc#1225835).
  * CVE-2024-38598: md: fix resync softlockup when bitmap size is less than
    array size (bsc#1226757).
  * CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized
    (bsc#1226861).
  * CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
  * CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var
    failed (bsc#1227435)

The following non-security bugs were fixed:

  * PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity
    check (git-fixes).
  * SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
  * SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-
    fixes).
  * drm/amdgpu/debugfs: fix error code when smc register accessors are NULL
    (git-fixes).
  * kgdb: Add kgdb_has_hit_break function (git-fixes).
  * kgdb: Move the extern declaration kgdb_has_hit_break() to generic kgdb.h
    (git-fixes).
  * net: hsr: fix placement of logical operator in a multi-line statement
    (bsc#1223021).
  * nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).
  * powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()
    (bsc#1227487).
  * sched/deadline: Fix BUG_ON condition for deboosted tasks (bsc#1227407).
  * sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
  * x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys
    (git-fixes).
  * x86/boot/e820: Fix typo in e820.c comment (git-fixes).
  * x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes).
  * x86/fpu: Return proper error codes from user access functions (git-fixes).
  * x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git-
    fixes).
  * x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git-
    fixes).
  * x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git-
    fixes).
  * x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes (git-fixes).
  * x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes).
  * x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).

## Special Instructions and Notes:

  * Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Real Time 12 SP5  
    zypper in -t patch SUSE-SLE-RT-12-SP5-2024-2493=1

## Package List:

  * SUSE Linux Enterprise Real Time 12 SP5 (x86_64)
    * gfs2-kmp-rt-4.12.14-10.194.1
    * kernel-rt_debug-debugsource-4.12.14-10.194.1
    * kernel-rt_debug-devel-debuginfo-4.12.14-10.194.1
    * ocfs2-kmp-rt-4.12.14-10.194.1
    * ocfs2-kmp-rt-debuginfo-4.12.14-10.194.1
    * kernel-rt-base-4.12.14-10.194.1
    * kernel-rt-base-debuginfo-4.12.14-10.194.1
    * gfs2-kmp-rt-debuginfo-4.12.14-10.194.1
    * kernel-rt-devel-debuginfo-4.12.14-10.194.1
    * kernel-rt-debugsource-4.12.14-10.194.1
    * cluster-md-kmp-rt-debuginfo-4.12.14-10.194.1
    * kernel-syms-rt-4.12.14-10.194.1
    * kernel-rt-devel-4.12.14-10.194.1
    * dlm-kmp-rt-debuginfo-4.12.14-10.194.1
    * dlm-kmp-rt-4.12.14-10.194.1
    * kernel-rt_debug-debuginfo-4.12.14-10.194.1
    * kernel-rt_debug-devel-4.12.14-10.194.1
    * cluster-md-kmp-rt-4.12.14-10.194.1
    * kernel-rt-debuginfo-4.12.14-10.194.1
  * SUSE Linux Enterprise Real Time 12 SP5 (noarch)
    * kernel-devel-rt-4.12.14-10.194.1
    * kernel-source-rt-4.12.14-10.194.1
  * SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64)
    * kernel-rt_debug-4.12.14-10.194.1
    * kernel-rt-4.12.14-10.194.1

## References:

  * https://www.suse.com/security/cve/CVE-2021-47145.html
  * https://www.suse.com/security/cve/CVE-2021-47201.html
  * https://www.suse.com/security/cve/CVE-2021-47275.html
  * https://www.suse.com/security/cve/CVE-2021-47438.html
  * https://www.suse.com/security/cve/CVE-2021-47498.html
  * https://www.suse.com/security/cve/CVE-2021-47520.html
  * https://www.suse.com/security/cve/CVE-2021-47547.html
  * https://www.suse.com/security/cve/CVE-2023-4244.html
  * https://www.suse.com/security/cve/CVE-2023-52507.html
  * https://www.suse.com/security/cve/CVE-2023-52683.html
  * https://www.suse.com/security/cve/CVE-2023-52693.html
  * https://www.suse.com/security/cve/CVE-2023-52753.html
  * https://www.suse.com/security/cve/CVE-2023-52817.html
  * https://www.suse.com/security/cve/CVE-2023-52818.html
  * https://www.suse.com/security/cve/CVE-2023-52819.html
  * https://www.suse.com/security/cve/CVE-2024-26635.html
  * https://www.suse.com/security/cve/CVE-2024-26636.html
  * https://www.suse.com/security/cve/CVE-2024-26880.html
  * https://www.suse.com/security/cve/CVE-2024-35805.html
  * https://www.suse.com/security/cve/CVE-2024-35819.html
  * https://www.suse.com/security/cve/CVE-2024-35828.html
  * https://www.suse.com/security/cve/CVE-2024-35947.html
  * https://www.suse.com/security/cve/CVE-2024-36014.html
  * https://www.suse.com/security/cve/CVE-2024-36941.html
  * https://www.suse.com/security/cve/CVE-2024-38598.html
  * https://www.suse.com/security/cve/CVE-2024-38619.html
  * https://www.suse.com/security/cve/CVE-2024-39301.html
  * https://www.suse.com/security/cve/CVE-2024-39475.html
  * https://bugzilla.suse.com/show_bug.cgi?id=1215420
  * https://bugzilla.suse.com/show_bug.cgi?id=1220833
  * https://bugzilla.suse.com/show_bug.cgi?id=1221656
  * https://bugzilla.suse.com/show_bug.cgi?id=1221659
  * https://bugzilla.suse.com/show_bug.cgi?id=1222005
  * https://bugzilla.suse.com/show_bug.cgi?id=1222792
  * https://bugzilla.suse.com/show_bug.cgi?id=1223021
  * https://bugzilla.suse.com/show_bug.cgi?id=1223188
  * https://bugzilla.suse.com/show_bug.cgi?id=1224622
  * https://bugzilla.suse.com/show_bug.cgi?id=1224627
  * https://bugzilla.suse.com/show_bug.cgi?id=1224647
  * https://bugzilla.suse.com/show_bug.cgi?id=1224683
  * https://bugzilla.suse.com/show_bug.cgi?id=1224686
  * https://bugzilla.suse.com/show_bug.cgi?id=1224743
  * https://bugzilla.suse.com/show_bug.cgi?id=1224965
  * https://bugzilla.suse.com/show_bug.cgi?id=1225229
  * https://bugzilla.suse.com/show_bug.cgi?id=1225357
  * https://bugzilla.suse.com/show_bug.cgi?id=1225431
  * https://bugzilla.suse.com/show_bug.cgi?id=1225478
  * https://bugzilla.suse.com/show_bug.cgi?id=1225505
  * https://bugzilla.suse.com/show_bug.cgi?id=1225530
  * https://bugzilla.suse.com/show_bug.cgi?id=1225532
  * https://bugzilla.suse.com/show_bug.cgi?id=1225569
  * https://bugzilla.suse.com/show_bug.cgi?id=1225593
  * https://bugzilla.suse.com/show_bug.cgi?id=1225835
  * https://bugzilla.suse.com/show_bug.cgi?id=1226757
  * https://bugzilla.suse.com/show_bug.cgi?id=1226861
  * https://bugzilla.suse.com/show_bug.cgi?id=1226994
  * https://bugzilla.suse.com/show_bug.cgi?id=1227407
  * https://bugzilla.suse.com/show_bug.cgi?id=1227435
  * https://bugzilla.suse.com/show_bug.cgi?id=1227487

SUSE: 2024:2493-1 important: the Linux Kernel Security Advisory Updates

July 16, 2024
* bsc#1215420 * bsc#1220833 * bsc#1221656 * bsc#1221659 * bsc#1222005

Summary

## The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47145: btrfs: do not BUG_ON in link_to_fixup_dir (bsc#1222005). * CVE-2021-47201: iavf: free q_vectors before queues in iavf_disable_vf (bsc#1222792). * CVE-2021-47275: bcache: avoid oversized read request in cache missing code path (bsc#1224965). * CVE-2021-47438: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() (bsc#1225229) * CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend (bsc#1225357). * CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431). * CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505). * CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627). * CVE-2023-52693: ACPI: video: check for error while searching for backlight device parent (bsc#1224686). * CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator (bsc#1225478). * CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (bsc#1225569). * CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (bsc#1225530). * CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (bsc#1225532). * CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656). * CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659). * CVE-2024-26880: dm: call the resume method on internal suspend (bsc#1223188). * CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743). * CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683). * CVE-2024-35828: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (bsc#1224622). * CVE-2024-35947: dyndbg: fix old BUG_ON in >control parser (bsc#1224647). * CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference (bsc#1225593). * CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule (bsc#1225835). * CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757). * CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized (bsc#1226861). * CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). * CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var failed (bsc#1227435) The following non-security bugs were fixed: * PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity check (git-fixes). * SUNRPC: Fix gss_free_in_token_pages() (git-fixes). * SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git- fixes). * drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes). * kgdb: Add kgdb_has_hit_break function (git-fixes). * kgdb: Move the extern declaration kgdb_has_hit_break() to generic kgdb.h (git-fixes). * net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021). * nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes). * powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487). * sched/deadline: Fix BUG_ON condition for deboosted tasks (bsc#1227407). * sunrpc: fix NFSACL RPC retry on soft mount (git-fixes). * x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys (git-fixes). * x86/boot/e820: Fix typo in e820.c comment (git-fixes). * x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes). * x86/fpu: Return proper error codes from user access functions (git-fixes). * x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git- fixes). * x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git- fixes). * x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git- fixes). * x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes (git-fixes). * x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes). * x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes).

References

* bsc#1215420

* bsc#1220833

* bsc#1221656

* bsc#1221659

* bsc#1222005

* bsc#1222792

* bsc#1223021

* bsc#1223188

* bsc#1224622

* bsc#1224627

* bsc#1224647

* bsc#1224683

* bsc#1224686

* bsc#1224743

* bsc#1224965

* bsc#1225229

* bsc#1225357

* bsc#1225431

* bsc#1225478

* bsc#1225505

* bsc#1225530

* bsc#1225532

* bsc#1225569

* bsc#1225593

* bsc#1225835

* bsc#1226757

* bsc#1226861

* bsc#1226994

* bsc#1227407

* bsc#1227435

* bsc#1227487

Cross-

* CVE-2021-47145

* CVE-2021-47201

* CVE-2021-47275

* CVE-2021-47438

* CVE-2021-47498

* CVE-2021-47520

* CVE-2021-47547

* CVE-2023-4244

* CVE-2023-52507

* CVE-2023-52683

* CVE-2023-52693

* CVE-2023-52753

* CVE-2023-52817

* CVE-2023-52818

* CVE-2023-52819

* CVE-2024-26635

* CVE-2024-26636

* CVE-2024-26880

* CVE-2024-35805

* CVE-2024-35819

* CVE-2024-35828

* CVE-2024-35947

* CVE-2024-36014

* CVE-2024-36941

* CVE-2024-38598

* CVE-2024-38619

* CVE-2024-39301

* CVE-2024-39475

CVSS scores:

* CVE-2021-47145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47438 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47498 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2021-47520 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47520 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

* CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-4244 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2023-52683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-52693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-52753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-52753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-52817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-52817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2023-52818 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

* CVE-2023-52819 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

* CVE-2024-26635 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

* CVE-2024-26636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-26880 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

* CVE-2024-35805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-35819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-35828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-35947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-36014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-36941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-38598 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-39475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-39475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* SUSE Linux Enterprise High Performance Computing 12 SP5

* SUSE Linux Enterprise Real Time 12 SP5

* SUSE Linux Enterprise Server 12 SP5

An update that solves 28 vulnerabilities and has three security fixes can now be

installed.

##

* https://www.suse.com/security/cve/CVE-2021-47145.html

* https://www.suse.com/security/cve/CVE-2021-47201.html

* https://www.suse.com/security/cve/CVE-2021-47275.html

* https://www.suse.com/security/cve/CVE-2021-47438.html

* https://www.suse.com/security/cve/CVE-2021-47498.html

* https://www.suse.com/security/cve/CVE-2021-47520.html

* https://www.suse.com/security/cve/CVE-2021-47547.html

* https://www.suse.com/security/cve/CVE-2023-4244.html

* https://www.suse.com/security/cve/CVE-2023-52507.html

* https://www.suse.com/security/cve/CVE-2023-52683.html

* https://www.suse.com/security/cve/CVE-2023-52693.html

* https://www.suse.com/security/cve/CVE-2023-52753.html

* https://www.suse.com/security/cve/CVE-2023-52817.html

* https://www.suse.com/security/cve/CVE-2023-52818.html

* https://www.suse.com/security/cve/CVE-2023-52819.html

* https://www.suse.com/security/cve/CVE-2024-26635.html

* https://www.suse.com/security/cve/CVE-2024-26636.html

* https://www.suse.com/security/cve/CVE-2024-26880.html

* https://www.suse.com/security/cve/CVE-2024-35805.html

* https://www.suse.com/security/cve/CVE-2024-35819.html

* https://www.suse.com/security/cve/CVE-2024-35828.html

* https://www.suse.com/security/cve/CVE-2024-35947.html

* https://www.suse.com/security/cve/CVE-2024-36014.html

* https://www.suse.com/security/cve/CVE-2024-36941.html

* https://www.suse.com/security/cve/CVE-2024-38598.html

* https://www.suse.com/security/cve/CVE-2024-38619.html

* https://www.suse.com/security/cve/CVE-2024-39301.html

* https://www.suse.com/security/cve/CVE-2024-39475.html

* https://bugzilla.suse.com/show_bug.cgi?id=1215420

* https://bugzilla.suse.com/show_bug.cgi?id=1220833

* https://bugzilla.suse.com/show_bug.cgi?id=1221656

* https://bugzilla.suse.com/show_bug.cgi?id=1221659

* https://bugzilla.suse.com/show_bug.cgi?id=1222005

* https://bugzilla.suse.com/show_bug.cgi?id=1222792

* https://bugzilla.suse.com/show_bug.cgi?id=1223021

* https://bugzilla.suse.com/show_bug.cgi?id=1223188

* https://bugzilla.suse.com/show_bug.cgi?id=1224622

* https://bugzilla.suse.com/show_bug.cgi?id=1224627

* https://bugzilla.suse.com/show_bug.cgi?id=1224647

* https://bugzilla.suse.com/show_bug.cgi?id=1224683

* https://bugzilla.suse.com/show_bug.cgi?id=1224686

* https://bugzilla.suse.com/show_bug.cgi?id=1224743

* https://bugzilla.suse.com/show_bug.cgi?id=1224965

* https://bugzilla.suse.com/show_bug.cgi?id=1225229

* https://bugzilla.suse.com/show_bug.cgi?id=1225357

* https://bugzilla.suse.com/show_bug.cgi?id=1225431

* https://bugzilla.suse.com/show_bug.cgi?id=1225478

* https://bugzilla.suse.com/show_bug.cgi?id=1225505

* https://bugzilla.suse.com/show_bug.cgi?id=1225530

* https://bugzilla.suse.com/show_bug.cgi?id=1225532

* https://bugzilla.suse.com/show_bug.cgi?id=1225569

* https://bugzilla.suse.com/show_bug.cgi?id=1225593

* https://bugzilla.suse.com/show_bug.cgi?id=1225835

* https://bugzilla.suse.com/show_bug.cgi?id=1226757

* https://bugzilla.suse.com/show_bug.cgi?id=1226861

* https://bugzilla.suse.com/show_bug.cgi?id=1226994

* https://bugzilla.suse.com/show_bug.cgi?id=1227407

* https://bugzilla.suse.com/show_bug.cgi?id=1227435

* https://bugzilla.suse.com/show_bug.cgi?id=1227487

Severity
Announcement ID: SUSE-SU-2024:2493-1
Rating: important

Related News

Defending Against Remote Code Execution in Google Chrome: A Critical Update
2 - 3 min read
Google Chrome, a widely used web browser, serves millions of internet users by connecting them to the online world. Unfortunately, severe
Navigating the Linux Kernel
2 - 4 min read
The Linux operating system, widely acclaimed for its robustness and security , recently received widespread media attention due to a significant
Staying a Step Ahead of Adversaries: Mitigating Chromium
2 - 4 min read
Google Chrome, one of the world's most widely used web browsers, has recently been scrutinized due to the discovery of multiple Chromium
Unmasking Cicada3301: Examining the Threat of the New Rust-Based Ransomware
2 - 4 min read
Ransomware has long been a severe threat to organizations and admins alike. Recently, cybersecurity researchers discovered a new variant called
Buffer Overflow Exploits in Linux: Origins, Impact, and Countermeasures
3 - 6 min read
Buffer overflow vulnerabilities have long been one of the biggest headaches in computer security, especially on Linux operating systems that power
8 Expert-Recommended Security Practices to Fortify Your Linux Systems
4 - 8 min read
As a Linux admin or an infosec professional, you understand how the security landscape changes due to evolving threats, newly discovered
Open Source Strategies for Enhancing Security in Digital Business Operations
5 - 9 min read
Digital transformation, powered by the principles of open-source security , is vital for businesses looking to excel in today's technology-driven
Microsoft Update Mayhem: Rescuing Linux Dual-Boot Systems from Secure Boot Woes
2 - 4 min read
Microsoft's recent patch, intended to strengthen Secure Boot defenses, has resulted in an unexpected setback for Linux-Windows dual-boot setups

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved