Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 623
Alerts This Week
Warning Icon 1 623

SUSE Linux Enterprise 15 SP3: 2024:3041-1 Important Kernel Live Patch

suse
Calendar Grey August 27, 2024
Dist Suse Esm H88
Critical announcement for SLE 15 SP3 resolving two major kernel vulnerabilities. Ensure your security!
* bsc#1225202 * bsc#1225302 Cross-References: * CVE-2021-47378

Summary

## This update for the Linux Kernel 5.3.18-150300_59_150 fixes several issues. The following security issues were fixed: * CVE-2021-47402: Fixed use-after-free in fl_walk() (bsc#1225301) * CVE-2021-47378: Fixed use-after-free by destroying cm id before destroying qp (bsc#1225202). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-3038=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-3041=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-3042=1 SUSE-SLE-Module-Live-Patching-15-SP2-2024-3049=1 * openSUSE Leap 15.3

References

* bsc#1225202

* bsc#1225302

Cross-

* CVE-2021-47378

* CVE-2021-47402

CVSS scores:

* CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

* CVE-2021-47402 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3

* SUSE Linux Enterprise High Performance Computing 15 SP2

* SUSE Linux Enterprise High Performance Computing 15 SP3

* SUSE Linux Enterprise Live Patching 15-SP2

* SUSE Linux Enterprise Live Patching 15-SP3

* SUSE Linux Enterprise Micro 5.1

* SUSE Linux Enterprise Micro 5.2

* SUSE Linux Enterprise Server 15 SP2

* SUSE Linux Enterprise Server 15 SP3

* SUSE Linux Enterprise Server for SAP Applications 15 SP2

* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves two vulnerabilities can now be installed.

##

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2024:3041-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.